Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
1
SPECIAL POLITICAL AND DECOLONIZATION COMMITTE
Esteemed Delegates,
It is a pleasure to welcome you all to the UFRGSMUN 2008 Special Political and
Decolonization Committee. SPECPOL has been simulated in UFRGSMUN for four years
being one of UFRGSMUN’s most successful committees. To keep the tradition, we have been
working very hard through the last year in order to afford you high level discussions from the
4th to 8th of November. The topics you are about to read were selected with the belief that
they might reflect very important issues of the future of the International Relations studies, as
they deal with the influences of non-State actors on the International system.
Our staff is composed by five International Relations students with many interests in
common:
Fernando Petry Saraiva, Director, is an International Relations student at UFRGS and
also a Business Administration student at PUCRS. He first attended to a MUN in 2005, when
he participated at AMUN’s Historical Committee. He went back to Brasília in July 2008 to
represent Australia at United Nations Conference on Trade and Development in the XI
AMUN. Last year, Fernando took part in the Disarmament and International Security
Committee of Harvard WorldMUN. Fernando is an old UFRGSMUN fellow, as he has
participated in all its editions since 2005, being a delegate, Assistant-Director, administrative
staff member and, finally, a committee Director!
Thiago Borne Ferreira, Director, was first involved in MUNs in 2005, when he
participated as a delegate at AMUN’s Historical Committee and then as a SOCHUM delegate
in UFRGSMUN 2005 edition. The amazing experiences he had by that year motivated the 8th
semester International Relations student to join SOCHUM’s staff in UFRGSMUN 2006 as an
Assistant-Director. Last year, he took a step further in his MUN’s life accepting the task to
join the SPECPOL staff as a Director for the first time. In 2007 he also attended to the 10th
AMUN at the Council of the European Union Committee. In 2008, Thiago gathered some
friends to simulate SPECPOL again while assisting the Secretariat as an Under Secretary
General for Academic Affairs. His last MUN experiences entail this years TEMAS-MG and
AMUN.
Ana Júlia Possamai, Assistan-Directot, is an 6th semester International Relations
student at UFRGS and a member of the Strategic and International Relations Center
(NERINT). Today, she is part of the Executive Council of the UFRGS’ International
2
Relations Magazine Perspectiva. She first attended to a model in 2006 UFRGSMUN, being
the Malay representative at SOCHUM.
Bruno Walber Viana, Assistant-Director, is a senior under-graduate student of
International Relations at UFRGS who joined the UFRGSMUN staff for the first time in
2008. His MUN experience includes the last three editions of UFRGSMUN. In 2005, he was
Mexico at ILC; in 2006, Syria at UNCTAD, and last year he represented Russia at the UNSC.
In 2007 he also attended to the X AMUN, representing Venezuela at ECOFIN.
Gustavo Gayger Müller, Assistant-Director, is an 8th semester International Relations
Student at UFRGS. He is also a former member of NERINT, and is now attending to the
Political Sciences course in Institut d'Etudes Politiques, in Rennes, France. He attended to the
last three editions of UFRGSMUN, being part of SPECPOL in 2005, representing Mexico, of
the Historic United Nations Security Council in 2006, as Syria, and of the Commission on
Crime Prevention and Criminal Justice in 2007, as Russia.
Even though we did our best to provide you with a comprehensive view of the issues
you are about to discuss, this study guide should be the starting point to your preparation. Use
it as basis for further research and try to search for additional information in different sources.
We hope you enjoy reading this guide and we wish you have a remarkable stay in
Porto Alegre. If you have any doubts, please, do not hesitate to contact one of our staff
members! We are looking forward to meeting you all in November!
Sincerely yours,
Fernando Petry Saraiva
Director
Thiago Borne Ferreira
Director
Ana Júlia Possmai
Assistant-Director
Bruno Walber Vianna
Assistant-Director
Gustavo Gayger Müller
Assistant-Director
3
TOPIC AREA A: CYBERTERRORISM AND THE LAW OF CYBER-SPACE
By Thiago Borne Ferreira, Fernando Petry Saraiva ,Ana Júlia Possamai, Bruno Walber
Vianna and Gustavo Gayger Müller
1. HISTORICAL BACKGROUND
“The web of human-readable document is being merged with a web of
machine-understandable data. The potential of the mixture of humans and
machines working together and communicating through the web could be
immense”.
Tim Berners-Lee1
Colarick (2006, p.15) states that “there is no cyberterrorism without terrorism,
period.” It is also correct to say that there is no cyberterrorism without the wide spread of
cyberspace, mainly through the Internet, which has been happening since the late XX
Century. In this sense, the understanding of its impacts and consequences on peoples’ lives
demands the knowledge of how technological advances have produced social changes since
the beginning of the Information Revolution.2
1.2. From Computers Invention to Internet Emergence
In the 1940’s, and on the context of the allied efforts for World War II, Americans and
British secretly started to develop the very first digital computers. The machines filled entire
rooms, weighing a few tons, and served basically to calculate ballistic trajectories or decipher
enemy codes through very rapid calculations for the time. With the end of the war, such
projects became public. By the beginning of the 1950’s, private companies were already
developing their own research programs on the use of computing technologies. The following
decades presented the use of transistors and integrated circuits, which lowered the size and
reduced the costs of computers (COLARIK, 2006).
1 World Wide Web inventor and director of the World Wide Web Consortium. Further information available at: www.w3.org. Last accessed: 21 August 2008. 2 The Information Revolution is considered to be a group of social and economic changes occurred in global society after the introduction of several technological advances, mainly the computer, in daily activities. According to Drucker, “… the real impact of the Information Revolution has not been in the form of ‘information’ at all (…) For instance, there has been practically no change in the way major decisions are made in business or government. But the Information Revolution has routinized traditional processes in an untold number of areas”. More information available at: http://www.theatlantic.com/doc/199910/information-revolution. Last Accessed: 05 September 2008.
4
Technological advances presented by the Soviet Union during the Cold War were
sought as a serious threat by the American government. The possibility of a nuclear strike was
at hand and the necessity of spreading its classified documents among different site locations,
in order to avoid the possibility of destruction of full contents of its databases, was perceived
by American authorities. In this sense, in 1957 the American government created the
Advanced Research Projects Agency (ARPA), with the primary objective of developing
research projects on computing technology. The dawn of the Space Age, caused by Sputnik’s
launch in 1957, gave the Soviet Union leadership over the technological race disputed against
the United States. The latter, of course, was willing to regain its former leading position on
the race.3 From 1962 and on, ideas of information sharing between computers through
telephonic network gained strength, based on what was idealized by J.C.R. Licklider as the
“spirit of community”.4 Three years later, in 1965, the efforts taken inside ARPA became
reality when a computer in Massachusetts and another in California were connected through a
regular AT&T’s telephone line. The ARPANET, an early version of the Internet, was then
created.5
Further developments of microprocessors and the first dynamic Random Access
Memories (RAM) resulted in the assembly of the first microcomputers in the early 1970’s,
which made possible computers’ single-person use. Still, these equipments were too
expensive. The release of the International Business Machine’s Personal Computer (IBM-
PC) in 1977 is considered a turning point where companies started large-scale production
focusing on software applications which allowed the wider use of PC’s by people. In the same
year, the invention of the modulator-demodulator (MODEM) for computer use made the easy
transmission of digital data possible. In other words, it became possible for everyone to
communicate through digital networks by plugging the PC into the telephone jack.
3 One of the most important aspects of the Cold War period was the military competition between the Soviet
Union and the United States in the nuclear and space fields. Sponsored by several government programs, both
nations were determined to demonstrate its supremacy within international scenario through the development of
technological capabilities. As a result, a wide range of science fields – varying from astronomy to sociology –
and even daily activities such as driving a car – were benefited by remarkable achievements generated. 4 Joseph Carl Robnett Licklider, known simply as J.C.R. or "Lick" was an American computer scientist, considered one of the most important figures in computer science and general computing history. The idea behind the “spirit of community” was to use computers in order to help people communicate with other people. Further information available at: www.dei.isep.ipp.pt/~acc/docs/arpa--1.html. Last accessed: 13 September 2008. 5 More about the history of the Internet can be found at: http://www.computerhistory.org/. Last accessed: 21 August 2008.
5
In the late 1980’s the Internet emerged in its actual format. Sharing digital
information was not an exclusively governmental initiative anymore. As it happened before,
in the 1950s, computing technology became once again available for private users, now
through the form of information sharing. Internet’s popularization was caused by the World
Wide Web (WWW) invention, a system which organizes computer databases or documents
allowing intuitive browsing process. The works on information management of Tim Berners-
Lee – who was working at the European Organization for Nuclear Research in Geneva – in
1989, gave way to the first server, browser and editor. The main characteristic of his system
was the use of Hypertext Transfer Protocol (HTTP)6, responsible for the communication
standards between an end-user and a web site.
The advent of graphical interfaces and the role of commercial interests were
responsible for the Internet’s growth in the early 1990’s (MALERBA, 1999). Both the
number of users and amount of information – represented by the number of web sites –
increased exponentially as computer industry became more aware of “new component
technologies which not only permit the needs of existing users to be met better but also open
up the possibility of designing machines that serve new classes of users whose needs could
not be met using older technology”( MALERBA, 1999).
Lately, much has been discussed about the evolution of the Internet into the so-called
“Web 2.0”. Coined by Tim O’Reilly, this term describes the changes occurred in the last
decade in the way information is presented and how people interact with them. Nowadays,
over 1.4 billion users7 navigate in this global system of interconnected computer networks.
The Internet turned itself into a platform where the end-user has control over his data. Among
the core competencies generated within this context are the architecture of participation, mix
between data sources and data transformation and the harness of collective intelligence8. The
concept, however, is still under debate. According to the founder of the Internet, “Web 2.0 is
of course a piece of jargon, nobody even knows what it means. If Web 2.0 for you is blogs
and wikis, then that is people to people. But that was what the Web was supposed to be all
6 HTTP structure is based on a set of important protocols, mainly the Transmition Control Protocol,and the Internet Protocol (TCP/IP) responsible for addressing and reliable data transport, which had an enourmous success “due to a variety of factors. These include its technical features, such as its routing friendly design and scalability, its historical role as the protocol suite of the Internet, and its open standards and development process, which reduces barriers to acceptance of TCP/IP protocols.” (KOZIEROK , 2005 p.190) 7 More information available at: http://www.internetworldstats.com/stats.htm. Last accessed: 05 September 2008 8 For further information about the concept and consequences of Web 2.0, http://www.oreillynet.com/pub/a/oreilly/tim/news/2005/09/30/what-is-web-20.html. Last accessed: 05 September 2008.
6
along. And in fact, you know, this 'Web 2.0,' it means using the standards which have been
produced by all these people working on Web 1.0”.9
1.3. Information Revolution and the Cyberspace Culture
Following World War II, several research programs on technology were conducted
both by the United States and Soviet Union as a result of the Cold War tensions. Rocket
technology development by the Americans using German V-2 missiles10 and Soviet ballistic
missiles tests created a great number of inventions never seen before in human history.
Military expenditure by governments on these kinds of projects led to the creation of
Intercontinental Ballistic Missiles (ICBM´s), lunar landers and space stations. Digital
computers and digital networks – as stated before – were also a result of these initiatives.
Such technological developments had a deep impact over economic, social and
cultural aspects at that time, causing the most remarkable revolution since the change from
manual-labor-based economy into a machine-based manufacturing one occurred in the XVIII
century in Britain. The Information Revolution caused by computers is compared to James
Watts’ steam engine application into the spinning of cotton. The complexities of these events
have been influencing authors until today to analyze different perspectives and possible
consequences for individuals.
Claude Shannon’s article “A Mathematical Theory of Communication” gave the basis
of “information theory”, being able to identify “the fundamental problem of communication is
that of reproducing at one point either exactly or approximately a message selected at another
point” (SHANNON, 1948, p.1). Daniel Bell’s writings on the subject comprised possible
effects of this process of transition to an economy based on provision of services advocating
the emergence of the “post-industrial society”. According to the author “the society that is
usually referred to as ‘post-industrial society’ usually takes shape where and when social
progress is no longer dependent on occasional breakthroughs of experimental science but is
based on the progress of theoretical knowledge. As information and knowledge become an
9 This affirmative was made during a podcast interview for IBM available at: http://www-128.ibm.com/developerworks/podcast/dwi/cm-int082206.txt. Last accessed: 11 September 2008. 10 Used by Germany during World War II, the Vergeltungswaffe 2 (vengeance weapon 2) was the world first ballistic missile and the first rocket to make a sub-orbital spaceflight. After the War, both the United States and Soviet Union were able to develop the technology, into their military projects.
7
actual productive force, they emerge as a monopolistic resource with absolutely new qualities
that social production has never before encountered”.11
Marshall Macluhan, in his 1962 book “The Gutenberg Galaxy: The Making of
Typographic Man”, discusses what kinds of changes would result from the use of electronic
media. According to him, “language is metaphor in the sense that it not only stores but
translates experience from one mode into another. Money is the metaphor in the sense that it
stores skill and labour and also translates one skill into another. But the principle of exchange
and translation, or metaphor, is in our rational power to translate all our senses into one
another. We do it every instant of our lives… Our extended senses, tools, technologies,
through the ages, have been closed systems incapable of interplay or collective awareness.
Now, in the electric age, the very instantaneous nature of co-existence among our
technological instruments has created a crisis quite new in human history” (MACLUHAN,
1962, p. 5).
Norbert Wiener’s definition of cybernetics, in 1948, is at the origin of the cyberspace
where “Cybernetics is the science of control theory applied to complex systems… the science
of control or communication, in the animal and the machine” (WHITAKKER, 2004). By that
time, this definition was basically limited to systems science and only later it was seen that
“the important contribution of cybernetics to notions of cyberspace is that this is a complex
system of fields or possibilities that will adapt and change, and redirect in order to continue
functioning, the analogy being to a living organism or multifarious social system”
(WHITAKKER, 2004, p.27). In 1984, the term cyberspace was introduced by William
Gibsons’ cyberpunk novel “Neuromancer”. At that time “part of the success of Gibson’s
novel lays in the fact that he was able to provide expression to the emerging technologies
(personal computers, the Internet, computer graphics and virtual reality) that were beginning
to capture the popular imagination”(WHITAKKER, 2004, p. 21 ).
1.3. Cyberterrorism First Threats
The popularization of the Internet and the growing dependence on new technologies
started to concern both scholars and politicians. The cyberspace opens a new field for illicit
11Further Information available at: http://www.postindustrial.net/content1/show_content.php?table=magazines&lang=russian&id=124. Last Accessed: 11 September 2008.
8
acts. In other terms, the digital world has become so present in human relations that it makes
them vulnerable in a whole different way. This concern goes from the appropriation of secret
contents, the propagation of criminal ideologies and alteration of financial data, to the
destruction of necessary infrastructure for a country.
In the cyberspace, as in every sphere of life, some individuals with great power
emerge, and, by consequence, some that will challenge them emerge as well. Here,
dominating the flow of information is the key for power. Information, therefore, is the target
for challenging groups. In the beginning, the most famous actors of the virtual world were
known as Hackers.12 Despite being labeled as criminals, those people saw themselves as
groundbreaking, promoting the advance of the technology industry and exploring its limits.
They created an informal community with their own rules, distinguishing themselves from
those whose acts and intentions challenge the existing laws: the Crackers.13 “Where hacking
crosses the line into cracking is when files are modified or copied without implied
permissions” (COLARIK, 2006, p. 38).
Though constant, few are the crackers’ activities that called attention during this brief
computer history. Besides that, few are also the great proportion cybercrimes planned by
specialized groups and that affected any significant amount of people and data. Even rarer, or
inexistent according to some definitions, are the acts of cyberterrorism. Telling its story,
therefore, is telling the story of a threat that has been interpreted through the last decades,
using as a base some relevant facts that made the danger imminent, demonstrating the
difficulties of administering the cyberspace.
The interest for crimes inside the cyberspace was heightened in the end of the 1980’s,
by the time the world net of computers starts to be seen as breakable and capable of
12 Despite the controversy and ambiguity surrounding the term, for our purposes, a Hacker is “someone with sufficient understanding, skill and experience in the nuances and inner workings of computer systems and networks to be able to wield meaningful power and influence events in cyber-space – even if in concert with others” (JANES, 2008). The popular media usually describes it as someone who attempts to break into computer systems with malicious and often criminal intents. Those are known as “Black Hats”. They “attempt to locate, identify and exploit security gaps or flaws within operating systems, computers and networks in order to gain control of them, steal information, destroy data or orchestrate other illicit activities. Once access to a system has been obtained, a black hat may take measures to establish continued covert access” (JANES, 2008). On the other hand, “White Hats” are ethically opposed to the abuse or misuse of computer systems. Like their counterparts, they actively search for flaws within computer systems and networks, but distinguish themselves by either repairing or patching these vulnerabilities or alerting the administrator of the system or the designer of the software. 13 Crackers are hackers who “circumvent or bypass copyright protection on software and digital media” (JANES, 2008). Sometimes it is done with the intent of releasing the software so it can be used without paying royalties. Other times, cracking is to expose a system's security flaws.
9
connecting and paralyzing vital systems and affecting national security (LEWIS, 2002). In the
same context, the John Perry Barlow’s Cyberspace Declaration of Independence, in January
of 1996, is a landmark for showing a place without boundaries, in which the governments
must not interfere and the laws are not applicable.
Still in the 1980’s, one of the first notorious cases of attacks to governmental organs
happened when East Germany spies hacked American computers accessing classified
contents from the Strategic Defense Initiative, like the Star Wars Project (COLARIK, 2006).
Years later, in 1996, crackers associated to the White Supremacy invaded the computers of
the Massachusetts Internet Access Provider and sent several racist messages leaving the
following threat: “You have yet to see true electronic terrorism. This is a promise”
(DENNING, 2000).
In 1998, ethnic Tamil guerillas compromise Sri Lanka’s Embassy with 800 daily e-
mails, with such act being tagged as the very first terrorist attack against a country’s computer
system (DENNING, 2000). From then on, the frequency of attacks has increased and, though
they do not put lives at risk, they have started to generate fear among Internet users due to its
possible implications.
In the following year, North Atlantic Treaty Organization’s (NATO) computers were
filled with e-mails written by activists contrary to the bombing strikes in Kosovo. The interest
on cyberterrorism, grew even further with the risk of the so-called Millennium Bug14 and after
the 9/11 attacks, when terrorists used information technology while planning the strikes
against United States territory (COLARIK, 2006). In 2003, an even more concerning fact
occurred: Romanian crackers managed to invade life support systems which controlled
computers from a research facility in Antarctica putting the life of 58 scientists into risk. It
was the first time that the use of cyberspace with supposed terrorist purposes implied in
physical injuries to individuals.
On April 27 2007, Europe’s most wired country was hit by a paralyzing attack on its
Internet infrastructure that shut down the government ministries websites, news organizations
and major banks. Estonia was hammered by a massive wave of distributed denial of service
14 Also known as the Millennium Virus, Millennium Timebomb or the Y2K Problem (short for “Year 2000 Problem”). By the end of last century, it was speculated that computer programs could stop working or produce false results because they stored years with only two digits. When the century changes, the year 2000 would be represented by 00 and would be interpreted by software as the year 1900, causing chaos in any system which compare dates. As this includes a large proportion of the world’s systems, disaster was predicted by both experts and the media. When January 1, 2000, arrived, however, no major problem was noticed.
10
(DDos)15 attacks that might represent the first battle of a new era of cyber-warfare. Until now,
no one knows exactly who was behind the digital siege, but some evidence points to Russian
nationalists furious at the Estonian government’s decision to remove a Soviet war memorial
from its place in Tallinn.16 Rumors suggest that they might have been supported by Russian
Internet security firms interested on showing the need of their services, and maybe even by
the Russian government itself. Moscow, however, denies any awareness of such fact.
In last August, the Russian Federation was once again accused of promoting cyber-
war exercises. During the conflicts in South Ossetia, Georgian websites, including that of the
Ministry of Foreign Affairs, were seriously disrupted by the same kind of DDoS attacks that
thumped Estonia. Again no one was deemed guilty and rumors regarding the nature and the
responsible of such crime spread all over the Internet. The conflict raised, however, a major
implication for the understanding of future warfare: it was the first time in history that a cyber
attack happened as a war was going on.
2. STATEMENT OF THE ISSUE
2.1. The Use of Internet as a Weapon of Mass Disruption
As proposed by Barry Collin in the 1980’s, cyberterrorism is the convergence of
terrorism with cyberspace, where “cyberspace becomes the means of conducting the terrorist
acts” (DENNING, 2007). In this sense, the cyber terrorist “attacks us with one’s and zero’s, at
a place we are most vulnerable: the point at which the physical and virtual worlds converge
(COLLIN, 1997), committing acts of destruction and disruption against digital and even
physical property.
Cyberterrorism differs from the cyber-warfare because it comprises acts performed by
non-State actors, whereas the latter consists of governmental activity. Although the cyber-
space is constantly under assault by non-State actors, most of the attacks cannot be considered
acts of cyberterrorism by two reasons, as pointed out by Professor Denning. First, “the attacks
that are most destructive and generate the most fear are conducted for goals that are neither
15 In a DDoS attack, “hackers use ‘botnets’ – networks of surreptitiously commandeered ‘zombie’ computers – to bombard a target website with bogus requests for information, overwhelming the host computer and forcing the site to shut down” (JANES, 2008). 16 In the spring of 2007, Estonian authorities moved a monument to the Red Army from the center of its capital city to the outskirts of town. Ethnic Russians, who represent about a quarter of Estonia’s population, were incensed by the statue’s treatment and took to the streets in protest. Estonia later blamed Moscow for orchestrating the unrest, and order was restored only after US and European diplomatic interventions.
11
political nor social. […] Second, the attacks that have been linked to political and social goal
have generally not been intimidating” (DENNING, 2007) and for that reason are often
referred to as “hacktivism”17. The general conclusion that emerges from this idea is that a
cyber attack should be “sufficiently destructive or disruptive to generate fear comparable to
that from physical acts of terrorism, and it must be conducted for political and social reasons”
(DENNING, 2007).
The conventional wisdom about terrorists is that they use violence as a way of getting
attention, not as an end in itself. In the words of Brian Jenkins, “terrorists want a lot of people
watching and a lot of people listening and not a lot of people dead” (JENKINS, 1975).
Terrorists want an audience to listen to their claims and demands, and, in the best case, to
become sympathetic to them. Despite its coercive component – to instill fear and to intimidate
–, too much violence risks alienating any possible sympathizers and makes any levels of
action against the terrorists seem justified. Of course it does not mean that violence will not be
used, or that it will be produced in a small-scale, but “any group that seeks to build legitimacy
or public support must commit acts of violence that the public perceives to be proportionate
and justifiable” (TUCKER, 2000). For this reason, cyberterrorism may be an attractive non-
lethal weapon. Furthermore, the information technology plays a crucial role as a means of
communicating a message. It diminishes the amount of violence necessary to spread their
ideas, especially that governments are unable to control all information fluxes on the web.
Terrorist organizations might already be aware of the cyber-warfare opportunity, not
only directly but also through indirect cyber-attacks in order to obtain funds for the
achievement of their objectives, for example. Still, there are some restrains which impede
such organizations to pursue something else than disturbing hacks. According to a study
issued by the Naval Postgraduate School, there are three levels of cyberterror capability
(NELSON, 1999, p.11): simple-unstructured, advanced-structured and complex-coordinated.
Also, “they estimated that it would take a group starting from scratch 2-4 years to reach the
advanced-structured level and 6-10 years to reach the complex-coordinated level”.
(DENNING, 2007, p.4) Terrorists would not be able to explore the cyberspace, as a result,
given that “considerably greater skill would be required to develop software to perform
original and highly damaging attacks against critical infrasctruture” (DENNING, 2007, p.13)
17 The term reflects the convergence of hacking with activism rather than terrorism.
12
and terrorists usually lack “the wherewithal and human capital needed to mount a meaningful
operation”(DENNING, 2007, p.4).
2.2 Terrorism Within the Global Information Infrastructure
Although since the end of last century terrorism has been closely related to religious
fundamentalism, in the last few years, the motivations of such acts are much more complex.
Smelser, in his attempt to address the main causes of these collective actions, uses the term
“structural strain” in order to explain that “the presence of deprivation; the presence of fault
lines such as racial and ethic divisions; and ambiguities, anomalies and discontinuities
occasioned by irregular social change.” (SMELSER, 2007, p.14-15) must be taken into
account when analyzing the matter. According to the author, “these three principles should
govern over search for the broadest determining conditions that lead to those group
dissatisfactions that sometimes generate impulses to collective action and, in their respective
forms, may tend toward expressions of violence, including terrorism.” (SMELSER, 2007,
p.16)
As mentioned earlier, considering that one of the main goals of terrorism is to generate
fear and panic through violence, infrastructure appears as one of the main targets for attacks.
As a result, each day we rely more on digital networks as a support for critical infrastructures
such as telecommunications, electrical power grids, oil and gas, water supply, transportation,
banking and finance, emergency services, and essential government services. These are
potential targets for cyberterrorist acts since “the supporting nature of cyberspace makes it a
potential target as a force multiplier when combined with another, future physical
attack.”(COLLARIK, 2006, p.53) Attacks against these infrastructures could lead to bodily
injuries or casualties, to extended power outages or to billion dollars financial losses. Dan
Verton’s book “Black Ice: The Invisible Threat of Cyberterrorism” draws an imaginary
scenario where thousands of computers are gathered to conduct series of attacks against
critical infrastructures. These computers would be “turned into what are known as ‘zombies’-
computers that have been compromised with hidden code that an attacker can use at a latter
date to command the infected computer to attack other computers over the Internet.”
(VERTON, 2003 , p.37)
Long-term consequences of terrorist attacks can be grouped into three main fields:
economic, political and cultural (SMELSER, 2007). Cyberattacks also have much more
chance of spreading economic effects, turning global financial systems into chaos, especially
13
because payments systems which are responsible for electronic transactions by large sums of
money worldwide “rely on uninterrupted sources of electric power” (VERTON, 2003, p.47).
A closer look at the post 9/11 political consequences demonstrates the tensions which rise
from the conflict between security and civil rights. Furthermore, the cultural impact it is hard
to measure because it would take several decades to review properly the effects caused within
society core values. Though unlikely to happen, this kind of coordination between physical
and cyber domains among terrorist actions are possible in the years to come, and, “even if our
critical infrastructures are not under imminent threat by terrorists seeking political and social
objectives, they must be protected from harmful attacks conducted for other reasons such as
money, revenge, youthful curiosity, and war” (DENNING, 2007, p.15).
2.3. The Necessity of Regulating Bits and Bytes
The perception that information systems and digital networks are increasingly
vulnerable has been raising questions about the necessity of cyberspace regulation. At present,
according to Ahmed Kamal, “the absence of globally harmonized legislation was turning
cyber-space into an area of ever increasing dangers and worries.” (KAMAL, 2005, p.1) In
addition, as Information Technologies (IT) systems become each day more pervasive in
peoples’ lives, the social implications of cybercrimes start to gain attention of decision-
makers. The intangible aspect of the virtual world makes “a new generation of vandals and
data thugs do not need to have physical contact with the victim. Data is easily copied,
transmitted, modified or destroyed. As a result, the scene or crime is a particularly difficult
one: there are no fingerprints or traces” (GELBSTEIN 2002, p.8) It is important to consider
that the cyberspace is much larger than the Internet. As the picture graphic below indicates, it
is a vast domain which comprises several human activities.
14
Technological advances have changed and influenced international society in a way
that international law is not capable of adapting. New technologies allow the development of
new activities and practices which, by consequence, manage to blur even more possible
primary targets and criminals modus operandi. The influence of digitalization on military
doctrine resulted in the concept of Information Warfare, which is defined as “any action to
deny, exploit, corrupt, or destroy the enemy’s information and its functions; protecting
ourselves against those actions; and exploiting our own military information
functions”(GREENBERG, 1998, p.7). As mentioned by Lawrence Greenberg, “information
warfare challenges international law in three primary ways. First, the sort of intangible
damage that such attacks may cause may be analytically different from the physical damage
caused by traditional warfare (…) Second, the ability of signals to travel across international
15
networks or through the atmosphere as radio waves challenges the concept of national,
territorial sovereignty (…) Third, just as information warfare attacks may be difficult to
define as “peace” or “war”, it may be hard to define their targets as military (and thus
generally legitimate targets) or civilian (generally forbidden)”(GREENBERG, 1998, p.10).
The ownership structure within the cyberspace is similar to maritime transportation
where “all ports and their facilities have owner, and so do all ships. Each item of cargo on a
ship also has an owner. There is one difference however: the international community
developed and adopted the Law of the Seas.”(GELBSTEIN 2002, p.10) Responsibility over
cyber domains relies upon several groups (World Wide Web Consortium, Internet
Engineering Task Force, etc.), since no legal framework establishes an international
regulation on the matter. This situation benefits the occurrence of cybercrimes, which are
defined as “computer-mediated activities which are illegal or considered illicit by certain
parties and which can be conducted through global electronic networks” (OZERN, 2005,
p.15)
As mentioned before, there is no legal framework related to cyberspace activities until
now. Matters such as concepts’ definition, forms of prevention, law enforcement, and private-
public cooperation, lack the necessary understanding from all interested parties. For example,
anonymity preserves user identity giving him liberty of speech but at the same time permits
the non-identification of anti-social behavior. Data protection in the sense of information
privacy is also one of the issues to be defined, as “privacy protection is frequently seen as a
way of drawing the line at how far society can intrude into an individual’s personal
affairs”.(KAMAL, 2003, p.32) Policy-makers must also bear in mind that “international
understanding and domestic implementation of measures that are required to enhance the
security of information systems and facilitate the international exchange of data and
commerce are important” (KAMAL, 2003, p.38)
3. PREVIOUS INTERNATIONAL ACTIONS
Until this moment, “there is no international legal response to cyberspace threats or
crimes” (SZCZERBA, 2006). Given the inexistence of a framework which comprises the
aspects involved in the cyberspace such as right to access, data protection and identity theft,
16
what has been accomplished are several national initiatives aiming mostly at the protection of
its citizens excluding the global aspects of the problem.
The United Nations Institute for Training and Research (UNITAR) has published the
book “Law of Cyber-Space - An Invitation to the Table of Negotiations” as an attempt to
address the bases of an international convention on the subject. It is recognized that “the
challenge is far greater. The speed of change is phenomenal, the dangers affect all countries
without exception, new shoals and icebergs appear every day, and global responses are
sporadic or nonexistent” (KAMAL, 2005, p.5). Governments, private sector and civil society
are called upon the discussion, since “All three stakeholders must be full participants in the
exercise” (KAMAL, 2005, p.5).
In 1998, the European Commission launched a study called COMCRIME, which
focused on the security of information that circulates in the cyberspace. In the following year,
the European Parliament formulated an action plan to fight illegalities in the virtual sphere. In
2004 was created the European Network and Information Security Agency, ENISA, to
strengthen the coordination of the actions to prevent cybercrimes and to protect the privacy of
information. Therein, once the principles of circulation and liberty of speech of information
are protected, EU members defend that mechanisms of combat against crimes in the
cyberspace are created, with cooperation and acceptance of the involved and threatened ones,
being them public or private actors.
The Council of Europe, Canada, Japan, South Africa and the United States have
recently implemented the Convention on Cybercrime. It is the first international treaty to
“pursue a common criminal policy aimed at the protection of society against cybercrime,
especially by adopting appropriate legislation and fostering international co-operation” (EU,
2001). Following this document, two initiatives have aroused: the Project against Cybercrime,
which aims to the promotion of the Convention by assisting national legislators to create the
appropriate conditions for its implementation and the Convention Committee, which provides
regular consultations to the parties.
The North Atlantic Treaty Organization (NATO) has established early this year a
Cooperative Cyber Defence (CCD) Center of Excelence (COE) in Tallinn, Estonia. Part of the
Allied Comand Transformation initiative in order to counter cybercrime activities the COE
works together with the organization’s aim on the matter of cyber threats. It follows the
Bucharest Summit Declaration, which stated the necessity for “NATO and nations to protect
key information systems in accordance with their respective responsibilities; share best
17
practices; and provide a capability to assist Allied nations, upon request, to counter a cyber
attack” (NATO, 2008).
The International Criminal Police Organization (INTERPOL) has developed several
global initiatives in order to fight cybercrimes among its member countries. INTERPOL
Working Parties on IT Crime, Training and Operational Standards Initiative, National Central
References Points Network and the International Cybercrime Conference are among them.
The use of I-24/7 communications system as well, a global police network which permits
worldwide information sharing and analysis, allows operational co-operation, exchange of
information and the coordination of INTERPOL’s responses to threats such as attacks against
data systems, financial frauds and child pornography distribution. From May 20 to 23 of the
current year was created the International Multilateral Partnership Against Cybercrime
(IMPACT) in Kuala Lumpur, Malasya. It is a public-private initiative which gathers
government representatives, Information Technology industry members and the academic
community, as much of the human resources in this field are not in government-related
functions. Taking into account the non-conventional approach needed to combat cyber threats,
four main initiatives were defined: a center for global response, a center for policy and
international cooperation, a center for training and skills development and a center for
security assurance and research.
4. BLOC POSITIONS
The European Union (EU) has already revealed its concerns regarding cyberterrorism
and threats to infrastructure through the systematic publication of documents and through the
creation of different institutions (OZERN, 2005). Among these efforts, the EU has prepared,
in 1998, a study called COMCRIME, which focused on security of information infrastructures
and combating computer-related crime. During the following year, the European Parliament
and the Council of the EU adopted an action plan on promoting safer use of internet by
combating illegal and harmful content on global networks. In 2001, a document entitled
“Network and Information Security: Proposal for a European Policy Approach” was prepared
by the Cybercrime European Commission. It contained some key conditions that should be
followed in order to successfully respond to cybercrime and information infrastructure
vulnerabilities.
18
Another significant effort made by the EU is the “eEurope 2005 Action Plan”, which was
approved by the European Council in June 2002. Focusing on the protection of information
infrastructure it stresses the importance of ensuring the appropriate security of networks and
the information systems transmitted through them for individuals, business, administrations
and other organizations.
The creation of the European Network and Information Security Agency (ENISA) is
another important effort taken by the EU with regard to information and infrastructure
protection. ENISA intends to facilitate and intensify European coordination in the area of
information security, providing the highest security of the information infrastructure systems
for the Members, as well as to create a common understanding of information security among
the member states in the EU.
Some national efforts have already been taken as well. The United Kingdom established
the National Infrastructure Security Coordination Center (NISCC) in 1999, in order to
respond to possible threats against the critical infrastructures. There are two other important
entities within the NISCC: the United Kingdom Computer Emergency Response Team
(known as UNIRAS), and the Electronic Attack Response Group (EARG). While the first
main function is to receive reports of major electronic attack incidents, threats, new
vulnerabilities and countermeasures from its government, international, and customer base
and other commercial sources, EARG mobilizes the government’s technical, security and
emergency response resources to respond to serious electronic attack incidents.
Telecommunications, energy, financial, central government, transport, emergency services,
water and sewage, and health services are identified as the critical national infrastructures by
the British government. The Regulation of Investigatory Powers Act from 2000 (RIPA)
provides for and regulates investigative powers by a variety of public authorities to respond to
changes in technology, in particular, the Internet. Its second part focuses on national security
and terrorism coming from the web, and crime prevention, turning RIPA in one of the most
useful documents to law enforcement in analyzing Internet interceptions.
During their Fifth Ministerial Meeting on Telecommunications and Information Industry,
members from the Asia Pacific Economic Cooperation (APEC), including Australia, Japan
and South Korea, declared the need to promote the development of advanced, secure and
reliable information infrastructures and expressed their commitment to improve the
multilateral and bilateral cooperation in the APEC region in developing telecommunications
regulatory policies, and information and network security. They also made clear that it is very
19
important to establish a legal basis to address the criminal misuse of information technologies
and law enforcement cooperation in combating that misuse (APEC, 2002).
China maintains a rigid control of the content that circulates in its digital net, keeping
the access to sites and information considered inappropriate for its citizens restricted. The
country is contrary to any external mediation that limits its autonomy to deal with the
question, but at the same time, it is accused of negligence on what regards to cyberattacks that
depart from its domains against India, the Unites States and Germany. Accusations of Chinese
cyber-meddling reached a crescendo in June 2007, when, according to the Financial Times,
hackers broke into a Pentagon network that serves the Office of the Secretary of Defense,
briefly shutting it down (SEVASTOPULO, 2007). Chinese electronic espionage has also been
suspected against British companies, like Rolls Royce, as well as government agencies in
France, South Korea, and Taiwan. China denies the accusations, while Western targets
continue to accuse the Chinese of ratcheting up their cyber attack capabilities. Evidence
points out, however, to the existence of cyber-warfare units within the Chinese People's
Liberation Army (PLA) that might become a threat some countries’ national security (JANES,
2008).
To the same effect, the Russian Federation is accused by Estonia and the
international press of having launched attacks that hit many Estonian websites in April 2007.
Russia, however, is contrary to any terrorist practices and moreover, it alleges that even the
Baltic State cannot prove that the attacks have been conceived by the Kremlin. In this sense,
both China and Russia argue that any attacks originating from IP addresses inside their
countries have been directed by rogue citizens, not their governments.
By its turn, Estonia defends, together with its closer neighbors, a strong international
architecture to prevent and fight against cyberterrorism. Thus, the country demands stronger
actions from the international community, especially inside NATO and the EU. Since 2003,
Estonia counts on the Computer Emergency Response Team to deal with threats posed to its
national nets. Recently, the country has launched a Cyber Security Strategy, seeking “to
reduce the inherent vulnerabilities of cyberspace in the nation as a whole” (ESTONIAN
MINISTRY OF DEFENCE, 2008).
The United States is one of the leading countries with respect to taking necessary
measures to respond to threats coming from cyberspace. Especially since the terrorist attacks
on September 11, 2001, both the US and the rest of the world had increased their efforts
towards defending against the threats of terrorism, in particular, in the realm of cyberspace
20
(LAWSON, 2002). Being a country with a strong linkage between infrastructure and the
cyberspace, the United States possesses one of the more advanced legislations to deal with
attacks within the Internet. In this sense, the President’s Critical Infrastructure Protection
Board formed in 1996 provided a significant amount of information and research specifically
focusing on different aspects of critical infrastructures. It showed the willingness to identify
the vulnerabilities of the country stemming from its critical infrastructures. Still in 1996, the
former American President Bill Clinton announced the establishment of the President's
Commission on Critical Infrastructure Protection (PCCIP). The Commission had the task to
assess the vulnerabilities of the nation’s life support systems. Later, it published a report
based on the study they conducted, identifying eight infrastructures that could be attractive
targets for those intending to harm the US: telecommunications, banking and finance,
electrical power, oil and gas distribution and storage, water supply, transportation, emergency
services, and government services. The report has clearly shown the significance and
importance of the problem, and as a result of that study, former President Clinton issued
Presidential Decision Directives (PPD), which established policymaking and oversight bodies
within the executive branch of the federal government for counterterrorism purposes,
enhancing, thus, response capabilities and protection to the computer-based systems that are
at the heart of America's economy. In 2003, the document “National Strategy to Secure
Cyberspace” was published identifying the major strategic objectives and security priorities to
the US government in order to reduce cyber threats and vulnerabilities.
Along with other Group of Eight (G-8) countries, namely United Kingdom, France,
Germany, Japan, Canada, Italy, and Russia, the US supports the necessity of international
agreements to deal with the threat of cyberterrorism and the improper flow of information that
assists corruption, money laundering and crimes against the financial system. The G-8
members have been meeting since 1975 to discuss issues of importance, including crime and
terrorism, and the information highway. During its 2000 meeting, the Group launched the
Okinawa Charter on Global Information Society18 and indicated its commitment to create
some kind of international cooperation to target cybercrime. Three years later, the Group they
determined once more that the unprecedented necessity of global cooperation to protect
information infrastructures, including computer network and communication systems.
18 Further information available at: http://www.g8.utoronto.ca/summit/2000okinawa/gis.htm. Last accessed: September 11 2008.
21
In most of the Middle Eastern countries, cyberterrorism is not a major concern due to
the lack of technology and information available. Although some countries impose
restrictions to the content their citizens might have access to, awareness towards the threat are
expected to raise once infrastructure and public services are more widely available.
Nevertheless, information security experts assert that some of the most vulnerable countries to
cyber attacks are located in the Middle East region: Iran, Kuwait, United Arab Emirates, the
Kingdom of Saudi Arabia, Egypt and Israel are aimed targets. In the United Arab Emirates,
for instance, hacking has been growing in a way never seen before since 2002. On the other
hand, with the ongoing war on terror, hacking from Middle East countries could be on the
increase. Israel is constantly accused of trying to hack financial institutions in the its neighbor
countries, but computer security services companies refuse to confirm whether any such
attacks of hacking have been successful.
India, feeling itself directly threatened by cyberterrorism, leads countries which are
favorable of international arrangements of cooperation against crimes and attacks on the
cyberspace. Since 2000, with the Information Technology Act, the country possesses a mature
Cyber Law, in accordance with the model of electronic commerce of the United Nations
Commission on International Trade Laws (UNCITRAL). The Act foresees punishment for
crimes committed in the cyberspace. In 2008, India claimed the international community to
join efforts during the World Cyber Security Summit, in Kuala Lumpur, and, together with
other participant countries, like Malaysia, Japan, Australia and Mexico, defended that threats
from the cyberspace are real and dangerous, once there is a relevant connection between
information technologies and vital infrastructures.
Cyberterrorism is not seen as an imminent threat also to most of the Latin American
countries, where fortifying police and other government institutions in order to protect the
civil society is still a challenge. However, many of the current problems faced by these
countries, like drug trafficking and money laundering, might be facilitated once criminals
have access to computing technologies. Brazil is considered both a laboratory for cyber-crime
and also its largest exporter worldwide. Digital crime originating from Brazil includes identity
theft, credit card fraud, and intellectually property violations. Software and proprietary data
copying, piracy, deletion and alteration as well as online vandalism are some of the illicit
methods being increasingly adopted by Brazilian hackers and cyber crime syndicates.
Recently, the Brazilian Senate has approved a new law that intends to create a safer
environment within the web. The regulation foresees some new crimes and strengthen for the
22
sentence of those that already exist, but still do not mention the protection to vital
infrastructure or the existence of cyberterrorism.
5. QUESTIONS TO PONDER
During UFRGSMUN, SPECPOL members are called to set an opinion towards the
proposed topic, reflecting about the following suggested questions and any other relevant
issues:
1. How to define cyberterrorism? How to differentiate it from cyber-warfare and
cybercrime?
2. Is it possible to regulate the cyberspace? What would be the best international
approach in order to do so? Is it possible to develop an international framework
on the matter?
3. How to avoid terrorist organizations, rogue nations and other groups from
attacking vital infrastructures through cyber attacks? How to prevent the same
groups from developing the necessary skills to do so? Is cyberterrorism a real
menace?
4. How to identify and punish the aggressors? Is it possible to suit them
internationally? Who should answer for the acts of cyberterrorists?
6. REFERENCES
Books
ALBERTS, D. Information Age Transformation: Getting to a 21st Century Military. CCRP Publication Series, 2002. Available at: http://www.dodccrp.org/files/Alberts_IAT.pdf
ALBERTS, David. The Unintended Consequences of Information Age Technologies. NDU Press Book, 1996. Available at: http://www.dodccrp.org/files/Alberts_Unintended.pdf
ALBERTS, D. et. al. Understanding Information Age Warfare. CCRP Publication Series, 2001. Available at: http://www.dodccrp.org/files/Alberts_UIAW.pdf
ALBERTS, D. PAPP, D. The Information Age: An Anthology of its Impacts and Consequences. CCRP Publication Series, 1997. Available at: http://www.dodccrp.org/files/Alberts_Anthology_I.pdf
23
ALBERTS, D. PAPP, D. Information Age Anthology Volume II: National Security Implications of the Information Age. CCRP Publication Series, 2000. Available at: http://www.dodccrp.org/files/Alberts_Anthology_II.pdf
ALBERTS, D. PAPP, D. Information Age Anthology Volume III: The Information Age Military. CCRP Publication Series, 2001. Available at: http://www.dodccrp.org/files/Alberts_Anthology_III.pdf
COLARIK, Andrew M. Cyber Terrorism: Political and Economic Implications. Idea Group Publishing. 2006.
GELBSTEIN, E. KAMAL, A. Information Insecurity: A survival guide to the uncharted territories of cyber-threats and cyber-security. United Nations Institute for Training and Research. New York, 2002. Available at: http://www.itu.int/wsis/docs/background/themes/security/information_insecurity_2ed.pdf.
KAMAL, Ahmed. The Law of Cyber-Space: An Invitation to the Table of Negotiations. United Nations Institute for Training and Research. Geneva, 2005. Available at: http://www.unitar.org/documents/thelawofcyberspace.pdf
KOZIEROK, C.M. The TCP/IP Guide. Version 3.0, 2005.
LALLANA, E. The Information Age. e-ASEAN Task Force/UNDP-APDIP, 2003.
LEVY, S. Hackers Heroes Of The Computer Revolution. Dell Publishing. New York, 1994.
MACLUHAN, Marshall. The Gutemberg Galaxy: The Making of Typographic Man. University of Toronto Press, 1962.
MOFFAT, J. Complexity Theory and Network Centric Warfare. CCRP Publication Series, 2003. Available at: http://www.dodccrp.org/files/Moffat_Complexity.pdf
NELSON, Bill et. al. Cyberterror Prospects and Implications. Monterrey, CA: Center for the Study of Terrorism and Irregular Warfare, 1999. Available at: http://www.nps.edu/Academics/Centers/CTIW/files/Cyberterror%20Prospects%20and%20Implications.pdf
OZEREN, S. Global Response to Cyberterrorism and Cybercrime: A Matrix for International Cooperation and Vulnerability Assessment. University of Texas, 2005. Available at: http://digital.library.unt.edu/permalink/meta-dc-4847:1
POTTS, David (Ed.) The Big Issue: Command and Combat in the Information Age. CCRP Publication Series, 2003. Available at: http://www.dodccrp.org/files/Potts_Big_Issue.pdf
SHERIDAN, W.P. How to Think Like a Knowledge Worker. UNIPAN, 2008. Available at: http://unpan1.un.org/intradoc/groups/public/documents/unpan/unpan031277.pdf
SMELSER, N.J. The Faces of Terrorism: Social and Psychological Dimensions. Princeton University Press, 2007.
UNITED NATIONS. Countering Terrorism Through International Cooperation. Italy, 2000.
VASSILATOS, Gerry. Secrets of Cold War Technology: Projects Haarp and beyond. Advanced Unlimited Press, 2000.
VERTON, Dan. Black Ice: The Invisible Threat of Cyber-Terrorism. MacGraw-Hill/Osborne. 2003.
WHITE HOUSE, The. The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. Washington, 2003. Available at: http://www.whitehouse.gov/pcipb/physical_strategy.pdf
WHITE HOUSE, The. The National Strategy to Secure Cyberspace. Washington, 2003. Available at: http://www.whitehouse.gov/pcipb/cyberspace_strategy.pdf
WHITTAKER, J. The Cyberspace Handbook. Routledge: London, 2004.
Articles and Documents
COFFMAN, K. ODLYZKO, A. The Size and Growth Rate of The Internet. AT&T Labs, 1998. Available at: http://www.dtc.umn.edu/~odlyzko/doc/internet.size.pdf Last Accessed: 11 September 2008.
24
COLLIN, Barry C. The Future of Cyberterrorism: Where the Physical and Virtual Worlds Converge. 11th Annual International Symposium on Criminal Justice Issues, 1997. Available at: http://afgen.com/terrorism1.html Last Accessed: 11 September 2008.
COUNCIL OF EUROPE. Convention on Cybercrime. Budapest, 2001. Available at: http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm Last Accessed: 11 September 2008.
DENNING, Dorothy. A View on Cyberterrorism Five Years Later. In: Himma, K. ed. Internet Security: Hacking, Counterhacking, and Society. Jones and Bartlett Publishers, 2007. Available at: http://www.nps.edu/faculty/dorothydenning/publications/Cyberterror%202006.pdf Last accessed: 11 September 2008.
DENNING, Dorothy E. Cyberterrorism: testimony before the Special Oversight Panel on Terrorism Committee on Armed Services U.S. House of Representatives. Washington DC, 2000. Available at: http://www.cs.georgetown.edu/~denning/infosec/cyberterror.html Last Accessed: 11 September 2008.
DIMMAGIO, Paul et. al. Social Implications of the Internet. Annual Reviews on Sociology. 2001.
DVORAK, J.C. Straightening Out Cloud Computing. Available at: http://www.pcmag.com/article2/0,2817,2329303,00.asp. Last accessed: 11 September 2008.
ESTONIAN MINISTRY OF DEFENCE. Cyber Security Strategy. Available at: http://www.mod.gov.ee/static/sisu/files/Estonian_Cyber_Security_Strategy.pdf. Last accessed: 24 September 2008.
GREEN, Joshua. The Myth of Cyberterrorism: There are many ways terrorists can kill you – computers aren’t one of them. Washington Monthly, 2002. Available at: http://www.washingtonmonthly.com/features/2001/0211.green.html Last Accessed: 11 September 2008.
GREENBERG, L. GOODMAN, S. SOO HOO, K. Information Warfare and International Law. National Defense University Press, 1998. Available at: http://www.dodccrp.org/files/Greenberg_Law.pdf Last Accessed: 11 September 2008.
INOZEMTSEV V.L. The Inevitability of a Post-Industrial World: Concerning the Polarity of Today's World Order. Global FOCUS, Vol. 13, No. 2. P. 60-79 Available at: http://www.postindustrial.net/content1/show_content.php?table=magazines&lang=russian&id=124 Last Accessed: 11 September 2008.
LAWSON, S.M. (2002). Information warfare: An analysis of the threat of cyberterrorism towards the US critical infrastructure. SANS Institute, 2002. Available at: https://www2.sans.org/reading_room/whitepapers/warfare/821.php Last Accessed: 11 September 2008.
LEWIS, James A. Assessing the Risks of Cyber Terrorism, Cyber War and Other Cyber Threats. Washington DC: Center for Strategic and International Studies, 2002. Available at: http://www.csis.org/media/csis/pubs/021101_risks_of_cyberterror.pdf Last Accessed: 11 September 2008.
LIBICKI, M. What Is Information Warfare? Strategic Forum Number 28. May, 1995 Available at: http://www.dodccrp.org/files/Libicki_What_Is.pdf Last Accessed: 11 September 2008.
MALERBA, Franco et. al. ‘History-friendly’ Models of Industry Revolution: The Computer Industry. Industrial and Corporate Change, Volume 8, Number 1. Oxford University Press, 1999.
NATO. NATO opens new centre of excellence on cyber defence. Available at: http://www.nato.int/docu/update/2008/05-may/e0514a.html Last Accessed: 11 September 2008.
POLLIT, M. Cyberterrorism – Fact or Fancy? FBI Laboratory, Washington D.C. Available at: http://www.cs.georgetown.edu/~denning/infosec/pollitt.html Last Accessed: 11 September 2008.
PRICHARD, J. MACDONALD, L. Cyber Terrorism: A Study of the Extent of Converage in Computer Security Textbooks. Smithfield, RI, USA: Journal of Information Technology Education, Volume 3, 2004.
SEGER, A. The Convention on Cybercrime & the question of “cyberterrorism”. Presentation made at IMPACT Summit, Kuala Lumpur, Malasya, 20-22 May 2008. Available at: http://www.impact-alliance.org/downloads/AlexanderSeger%20_TheConventionOnCybercrimeAndTheQuestionOfCyberterrorism.pdf Last Accessed: 11 September 2008.
25
SEVASTOPULO, D. Chinese Hacked Into Pentagon. Financial Times, 09/03/2007. Available at:http://www.ft.com/cms/s/0/9dba9ba2-5a3b-11dc-9bcd-0000779fd2ac.html?nclick_check=1 Last Accessed: 11 September 2008
SHANNON, C.E. A Mathematical Theory of Communication. The Bell System Techinical Journal, Vol.27, 1948. Available at: http://plan9.bell-labs.com/cm/ms/what/shannonday/shannon1948.pdf Last Accessed: 11 September 2008.
TUCKER, David. The Future of Armed Resistence: Cyberterror? Mass Destruction? Final Report on a Conference Held May, 15-17,2000 at the University Pantheon-Assas (Paris II) Available at:
http://www.nps.edu/Academics/Centers/CTIW/files/substate_conflict_dynamics.pdf Last Accessed: 11 September 2008.
UNITED NATIONS. The Law of Cyber-Space. Available at: http://www.un.org/Pubs/chronicle/2006/issue1/0106p34.htm Last Accessed: 11 September 2008.
UNITED NATIONS. What the United Nations Can Do? Available at: http://www.un.org/Pubs/chronicle/2003/issue4/0403p31.asp Last Accessed: 11 September 2008.
Movies
BADHAM, John. War Games, 1983.
GILLARD, Stuart. War Games: The Death Code, 2008.
26
TOPIC B: THE USE OF PRIVATE MILITARY COMPANIES AND THE
PRIVATIZATION OF WAR
By Thiago Borne Ferreira, Fernando Petry Saraiva ,Ana Júlia Possamai, Bruno Walber
Vianna and Gustavo Gayger Müller
1. HISTORICAL BACKGROUND
“In the ancient world, the force of law was the force of arms”.
(ROSEN, 2005, p. 63)
Soldiers of fortune, wild geese, hired guns, legionnaires, contract killers, hireling,
condottieri, contractors, corporate warriors or, simply, mercenaries (LANNING, 2005). The
word “mercenary” remains a pejorative term, associated with the hired killers implicated in
coup attempts in Africa in the 1960s and 1970s, and more recently associated with human
rights abuses in post-Cold War conflicts in Eurasia19 and in the Balkans. However, until the
XIX Century, a large part of the armed forces of most European nations was supplied by the
private sector. It was normal for professional soldiers — especially those with technical
expertise, such as artillerymen or siege engineers — to offer their services on the open market
(BEYANI, 2001).
Actually, the first written fragmented records of real combat do depicture the use of
hired soldiers during the construction of the Egyptian Empire, in about 3000 B.C. As Egypt
increased in wealth and power, its citizens preferred to enjoy their richness rather than face
the hardships of the battlefield, while the poor and/or displaced tribes20 were readily available
to fight for money.
Throughout the last millennium B.C. the Greek would become synonymous of
mercenary. During the final years of the Egyptian Empire, the pharaohs added Greek
mercenaries to their ranks, as did their Persian enemies. By the time the two kingdoms met in
the Battle of Pelusium, in 525 B.C., Greek soldiers of fortune dominated both armies. The
Persian victory showed that Greek mercenaries would remain loyal to whoever was paying
19 Eurasia is composed by the geo-political areas of Europe and Asia, being considered a single continent by some scholars. 20 Mainly Sherden (from Shardana, in Anatolia) and Nubians.
27
them, once some who had fought for Egypt defected to Persia. So it was that much of the
famous Battle of Marathon had been between native Greek and Greek mercenaries fighting
for their Persian employers.
Over the next three centuries, Rome expanded its empire to become the largest of its
age, facing formidable foes from both internal and external sources. During the early part of
its expansion, Rome relied on citizen soldiers who came from agricultural regions and
successfully combined the careers of part-time soldier with farming and herding. By the end
of the Second Punic War, however, the situation changed. In 107 B.C., the Roman army was
reorganized from one dependent on citizen militiamen to a full-time professional one.
Soldiers, although they often expressed more loyalty to their commanders and legions than to
Rome and its Senate, were now volunteers who served for a fair wage, being professionals
rather than mercenaries.
Despite Rome’s territorial expansion, and the consequently growth of its army by the
inclusion of professional soldiers from the captured lands, manpower limitations eventually
forced the Romans to hire soldiers of fortune. Thus, the army and its senior leaderships went
through many transitions. The massiveness of the empire, along with disagreements over who
should be in command and how the people should be governed, led to the separation of its
territory into the Eastern Empire, centered in Constantinople, and Western Empire,
headquartered in Rome, in A.D. 395.
By early in the fifth century, neither the Eastern nor Western Empires could depend
entirely on their professional armies. Rome, which once was proud to be the first vast empire
to achieve greatness with limited assistance from hired soldiers, began to recruit mercenaries.
The increased importance of cavalry encouraged the Romans to seek mounted soldiers of
fortune from the Asiatic tribes21, as well as heavy cavalry, experienced with the lance and
pike, from the Germanic tribes22. “The decline of the Western Roman Empire began about the
same time that Rome started employing large numbers of soldiers of fortune” (LANNING,
2005, p.33), although it was not the only cause of Rome’s fall.
The Middle Ages experimented the spread of religions beliefs, the discovery of new
continents, and a continuous environment of warfare with mercenaries playing a significant
21 Specially Huns, Alans, Avars and Bulgars. 22 Like the Goths, Lombards, Vandals, Gepidae, and Heruli. Gaulish infantrymen also joined the Western Empire army, as did Franks and Burgundians.
28
role. After the Battle of Hastings23, regions and cities, with little else to export, began to
specialize in training mercenaries to use specific weapons or teaching them other battle skills.
As so, the Italian cities of Pisa and Genoa started training soldiers armed with crossbows for
hiring. Those Italian crossbowmen joined the ranks of Germanic cavalrymen and Swiss
pikemen as mercenaries known for their combats specialties.
By the fourteenth century, the end of the Hundred Years’ War produced a large
number of unemployed but experienced soldiers. Many of those organized themselves into
free mercenaries companies, containing foot soldiers, archers and cavalrymen. The companies
that made their way to Italy signed their contracts as condottieri24, Italian for “to hire” or “to
contract”. By the same time, Swiss mercenaries became renowned for their skills and loyalty
as special guard units of emperors and military leaders. In order to protect themselves, it was
agreed among the Swiss cantons that each one would train its own militia, which would be
exported for hiring, under the condition that none could fight another in a battle. Swiss
mercenary units were employed by many countries, being the Swiss Guards to the Vatican the
longest-existing mercenaries unit in history, protecting the Pope until present days.
While the Greek and the Swiss were the source of the majority of mercenaries in
Europe and around the Mediterranean, Ireland became the first country to provide men-for-
hire for causes around the world. The Irish soldiers of fortune participated in the combat in
favor of the catholic James II, supported by France, against the English protestant William III,
in 1689.25
During the XVIII Century, soldiers of fortune accounted for half of the English, a third
of the French, two-thirds of the Prussian, and a quarter of the Spanish armies. When
Frederick, the Great, went home to Prussia in 1763 at the conclusion of the Seven Years’ War,
23 In the eleventh century, an army of Viking mercenaries achieved the most influential victory ever attained to date and established control of the British Isles. The English crown dispute featured Harold Godwin (brother-in-law of the King Edward), King Harold of Norway (Harold Godwin’s brother) and William (duke of Normandy and a distant relative of Edward’s) as its central characters. However, it was the Norman mercenaries who played the main role in William’s victory at the Battle of Hastings (1066). 24 Niccolò Machiavelli wrote of the condottieri in detail in and spelled out the pitfalls of relying on those “who served whoever would pay, without disgrace” (MACHIAVELLI, 2001). 25 After the civil treaty which put an end into that conflict, many Irish mercenaries sailed to France, in what became known as “the flight of the wild geese”, an expression that became synonymous for Irish of every generation who have left the Isle to serve as hired soldiers in wars around the world. In France, the wild geese composed the Irish Brigade, which fought under the control of the King Louis XIV against his old enemy, King William of England (1690s), as well as in North America, in defense of Quebec (1759). Soon, the Irish soldiers of fortune joined the Americans when they rebelled against British. And, later, they would fight the American Civil War for both the North and the South (1860s). Irish mercenaries arrived in South America in 1819 and took part in combats in Venezuela, Argentina, Brazil and Chile. The Irish would fight under their own flag just in 1960s, when two battalions served with the United Nations in the Congo.
29
he realized the Germanic states had a great income-producing commodity: creating regiment
of veterans from his army and other young men of the provinces for hiring out for profit
wages. Frederick II was from the principality of Hesse-Cassel, which provided the bulk of the
troops that would fight for British in the American Revolutionary War, and that’s why the
Germanic mercenaries became known as the Hessians.
The French, under other conditions, had themselves been a primary employer since the
Middle Ages. However, they were so just until the massacre of the King Louis XVI’s Swiss
Guard during the revolution in 1792. Sixteen years after the Battle of Waterloo, King Louis
Philippe, conscious that his population was not keen on participating in more combats, started
the newer expansion of the kingdom organizing the French Foreign Legion. It was composed
of Germans, Spaniards, Italians, Belgians and Dutch. Its first task would be in Algeria, where
the hired soldiers were not successful. And so it was that Philippe literally sold the French
Foreign Legion for the Queen Cristina of Spain, who used it to expand her own interest in
North Africa. A second French Foreign Legion was created in 1835.26
Along the same period, a new breed of mercenaries emerged from the remote
mountains of Nepal: the Gurkhas. Early in the nineteenth century, when British decided to
expand their India colony northward into Nepal, they met fierce resistance from the Gurkhas,
the tribe that had united the kingdom. After two years of bloody combat, British realized the
Gurkhas’ strength and invited them to compose their force. As a way of earning an income for
the country, the Nepalese government started exporting its young men, and so it continues
today.27
26 The second French Foreign Legions combated, then, in North Africa; in the Crimea War with Turkey and against Russia (1859); in the Battle of Camerone in Mexico (1860s) – a Napoleon III’s attempt of expanding in America –; in the Franco-Prussian War (1870); when Germany attacked France (1914 and 1940); in Indochina (1950s). The Legion also participated in peacekeeping operations in Chad and Zaire (1970s), as well as under the control of the United Nations in Lebanon (1982), in the former Yugoslavia (1992), in Kampuchea, Somalia and Rwanda (1993-1996), in Central Africa (1997) and Cote d’Ivoire (2003). It also combated in the Gulf War against Iraq (1991). Over the next two decades, the Legion instituted some traditions that continue today: volunteers were not asked about their pasts, nor were they required using their real names, and battalions were constituted of a mix of nationalities, avoiding any loyalty linkage to the native country. If they were asked about their nationality, they should respond: “Legionnaire, sir” (LANNING, 2005). Despite the low pay, harsh discipline, and often dangerous missions, the French Foreign Mission remains today the best known of all soldiers of fortune organizations. 27 The Gurkhas served the British in India, Afghanistan, Malta, Cyprus, Malaya, and Tibet. At the outbreak of World War I, the Nepalese fought for Britain in India, France, Persia, Mesopotamia, Egypt, Palestine, and Salonika. During the World War II, the Nepalese government sent more than manpower to the British, contributing even with funds. After the Indian Independence, 1947, the Tripartite Agreement transferred some Gurkhas regiments directly to the British army. The Nepalese participated in great part of the British operations around the world (Falklands War, Operation Desert Storm), under the name of Gurkha Brigade.
30
While the great majority of the soldiers of fortune have practiced their profession
mostly in land, some mercenaries have fought as mariners, and the vessels they sailed became
known as privateers. However, the most important mercenaries that performed out of the land
were the hired pilots. American pilots made part of the French Escadrille Lafayette – before
entering in World War I –, as well as in defense of the Poles, in 1919. When Japan attacked
China in 1937, Madame Chiang Kai-shek, assisting her husband, contracted American pilots
for helping the Chinese, originating the American Volunteer Group (AVG), which fought in
East Asia until the Pearl Harbor happening.
By the late 1950s, after the Vietnamese had defeated the French and their Foreign
League, gaining independence, another combat has started, opposing the Communist North
Vietnamese and their Viet Cong allies (supported by the Soviet Union and by the People’s
Republic of China) and the South Vietnamese (supported by the United States). When in 1964
President Lyndon Johnson called for additional countries to join the Americans in Vietnam –
in an effort known as “more flags request” –, the United Stated did in fact hired Koreans,
Filipinos, and Thais. Although they fought under the command of their own officers and wore
their national uniforms, they were paid to do so by the United States.
Furthermore, the CIA and teams of U.S. Army Special Forces moved into the
highlands of Central Vietnam to recruit the moi people – who were considered barbarians by
the Vietnamese – in order to organize, arm and train the tribesmen into Civilian Irregular
Defense Groups (CIDG). By 1964, there were twenty-one CIDG camps along the western
border of the South Vietnam. Likewise, the Americans also employed mercenaries in
Cambodia and Laos in their efforts to counter the communists.
Simultaneously, the independence fights have turned Africa the major employer of
mercenaries from around the world. When the fights among rival factions broke out in the
recently independent Congo, turning the rich province of Katanga autonomous from the rest
of the country, soldiers of fortune started to be employed. Moise Tshombe, the provincial
tribal leader, hired mercenaries mostly from South Africa and also some former members of
the French Foreign Legion to fight against other foe factions. Their ruthlessness earned them
the title of Les Affreux, the dreadful ones.
Les Affreaux were employed once more by Tshombe in 1964, along with other
Belgian, French and Spanish mercenaries, when he became Prime Minister, in order to fight
the Simbas, an opposition group – supported by the Soviet Union – who tried to take
31
Tshombe out of power. By 1967, Congo had become so unstable that the mercenaries
themselves turned against their former employers and attempted to take over the country.
Other parts of Africa were also fertile ground for the mercenary and his trade. When
Nigeria gained its independence from Great Britain in 1960, internal conflicts began
immediately among tribal and regional factions as well as between Christians and Muslims.
Once the civil war had broken out when the country’s Biafra region declared its own
independence, in 1967, both sides quickly advertised for soldiers of fortune to defend and
expand their claims. Still in the 1960s, black guerrillas supported by the Soviet Union and
other communists began an independence movement against the white Rhodesian government
(actual Zimbabwe). Unlike in the Congo and Nigeria, white mercenaries were recruited to
fight as members of all-white units against black revolutionaries, based not on the salary
offered, but for what was basically a white-against-black conflict. They came especially from
what remained of the British Empire: Australia and Canada.
With the fall of the Soviet Union and the end of the Cold War, a decrease in the
number of active military personnel occurred worldwide (KANZLEITER, 2005). That does
not mean that every dispute reached an end. Border wars, political rivalries, and ethnic
conflicts still exist, and new threats to peace and security have emerged. In this context,
privatization – contracting out government jobs to civilian enterprises – has found a military
application. Instead of individual or small groups of soldiers of fortune, modern mercenaries
have united into Private Military Companies (PMCs).
2. STATEMENT OF THE ISSUE
In the wake of globalization and at the end of the Cold War, the private military
market has expanded in a way not seen since the 1700s. Although some parallels may exist
between the past mercenaries and present-day private military organizations, the current wave
of PMCs has a fundamental difference: the corporatization of military services (SINGER,
2008). PMCs are structured as firms and operate as business first and foremost. In this sense,
they are often linked through complex financial ties to other firms, both within and outside
their industry. In fact, many of them are openly part of broader multinational corporations.
Nevertheless, it is still important to draw clear distinctions between mercenaries and
PMCs, especially because opinions concerning the latter are much divided. While some argue
that private contractors could be useful even for the improvement of UN peacekeeping and
32
peacebuilding forces, others believe that PMCs might represent a threat to civilians and to the
State itself.
2.1. Defining a “Mercenary”
From the outset, it should be noted that the term “private military company” does not
figure in any existing international legislation or convention (GODDARD, 2001; GULAM,
2005). Generally, there are two other categories of international actors associated with the
PMCs: mercenaries and private security companies, or contractors (PSCs). Different labels
can also be found among the literature, such as private (or privatized) military firms (PMFs)
and private security firms (PSFs). Each of them emphasizes somewhat different aspects of the
firms’ activities and try to appear objective in describing the phenomenon.
In this sense, acknowledging the problematic definition of mercenary and its
applications and implications poses an important step toward the definition of a PMC. Singer
(2008, p. 40) observes that “no clear consensus has been reached on how to define
mercenaries”. The Oxford English Dictionary defines a mercenary as “a professional soldier
serving a foreign power”. However, this characterization is too broad, and could include
people engaged in legitimate activities, like the French Foreign Legion and the Swiss Guard
in the Vatican (GULAM, 2005; SINGER, 2008).
In the public imagination, mercenaries are usually described as freelance soldiers of
no fixed abode, who, for large amounts of money, fight for dubious causes. Even the word
“mercenary” has acquired an unflattering connotation: in the general psyche, to be a
“mercenary” is to be inherently ruthless or disloyal. This judgment does not provide,
however, a usable definition of the practice of selling military services (SINGER, 2008).
Furthermore, what appears to some as mercenary activities might be perceived by others as
the acts of freedom fighters28 (DESCHAMPS, 2005).
The best general description for the term is possibly provided by the 1977, Additional
Protocol I to Article 47 of the Geneva Conventions of 12 August 1949, relating to the
Protection of Victims of International Armed Conflicts, which defines “mercenary” as any
28 Although the literal meanings of the words could include anyone who fights for the cause of freedom, the term is also used to describe those engaged in rebellion against the constituted authority that they consider to be oppressive. During the Cold War, it was widely used by the United Sates and other Western Bloc countries to describe rebels in countries controlled by or under the influence of the Soviet Union. As both sides in armed conflicts might claim to represent the popular cause of “freedom”, the use of the term and its implications remain a cause of controversy.
33
foreign person who “is not a member of the armed forces of a Party to the conflict” but is
specifically recruited in order to fight and is “motivated to take part in the hostilities
essentially by the desire for private gain”. The legal designation that this international law
draws from has some flaws that will be later discussed.
In this guide, we shall adopt a more analytic and balanced definition of the term, as the
one provided by Singer (2008). First, there is a general agreement that mercenaries are
individuals who fight for employers other than for their home State’s government. Second,
there is a “cash nexus” that distinguishes mercenaries from volunteer soldiers: mercenaries’
motivation for fighting is economic gain, while volunteer soldiers often fight for a specific
cause. Third, the mercenary’s loyalty is not governed by a greater or permanent cause or duty,
but by his contract only. Unlike other soldiers, mercenaries do not fight for a country, for their
homes, families or for a greater force they believe in: “they simply harbor an open
commitment to war as a professional way of life” (SINGER, 2008, p. 41). Although soldiers
often serve to prevent wars, mercenaries require wars as they trade benefits from its existence.
Since mercenaries are under no obligations other than to their own profit, they can leave
military life whenever they choose, unlike those who serve within national armies who do not
have this choice.
Another useful distinguishing factor between national armies and mercenaries is the
way the last are recruited and organized. The mercenary business operates outside legal trade
parameters. Thus, recruiting by modern-day mercenaries is done obliquely. A further
consequence is that their organizations are completely ad-hoc. “Few mercenary soldiers will
have worked together, and there is little or no joint training doctrine, or coordination”
(SINGER, 2008, p. 42). The absence of legal or contractual bounds produces a limited
hierarchy, making command inherently weak. The final result of this extemporizing grouping
is that modern mercenary formations are limited in their capabilities. Most can only provide
direct combat support at the small-unit level and some are limited to introductory military
training. In other words, they do not have the skills, capital, or established methods and
capabilities to provide complex multi service operations as do PMCs. Nor they have
diversified organizations, being limited in their ability to operate in more than one geographic
setting at a time. They are also generally restricted to one customer per time, and remain
highly dependent to their host communities for logistic and support. “The end result is that
mercenaries provide marginal aspects of military outsourcing, but certainly not the complete
transfer of responsibility privatization entails” (SINGER, 2008, p. 42).
34
2.2. Defining a “Private Military Company”
Even though the past mercenaries still exist today, PMCs represent the next evolution
in the provision of military services by private actors. “The newest wave of private military
agents are commercial enterprises first and foremost. They are hierarchically organized into
registered business and trade and compete openly (for the most part) and are vertically
integrated into the wider global marketplace” (SINGER, 2008, p. 45), offering packaged
services covering a wide variety of military skill set to targeted market niches. Even the
existence of a coherent industry of these companies can be recognized as a proof of their
distinction.
This corporatization generates several other distinguishing characteristics. First, PMCs
are organized in business form, which contrasts with the common ad-hoc structure of
individual mercenaries forming loose units. They are ordered under a clear executive
hierarchy that usually includes a board of directors and share-holdings. This creates a more
efficient and permanent structure that can compete and survive in the global marketplace.
The second implication of corporatization is that new private military actors are driven
by business profit rather than by individual profit. PMCs function as registered trade units
and, as firms, they can make use of complex corporate financing, “ranging from sale of stock
shares to intra-firm trade, meaning that a wider variety of deals and contracts can be worked
out” (SINGER, 2008, p. 46). In this case, it is not the person that matters, but the structure
that they are in.
The third point is that the privatized military industry competes on the open market as
authorized actors. Unlike most mercenary units, PMCs are considered legal entities bound to
their employers by recognized contracts and in many cases at least nominally to their home
States by laws requiring registration, periodic reporting, and licensing of foreign contracts.
The status of registered business differentiates them from mercenaries, which usually have to
hide from the law.
New military firms also provide a much wider array of services to a much wider
variety of clients. Many are diversified enough to work for multiple clients in multiple
markets and theaters at once. In the words of Rosen, “the modern PMC has offices in more
than one country, with contracts all over the world” (ROSEN, 2005, p. 143). The corporate
approach and the openness of the market also create a more proficient recruitment pattern.
Public application processes are used by most PMCs, and they work from established
35
databases that attempt to cover the available employee pool. “Firms screen potential
employees for valued skill-sets and tailor their staff to specific mission needs. In addition to
the efficiency gains, the resultant output is usually more effective” (SINGER, 2008, p. 47).
The personnel within PMCs operate with a set doctrine and greater cohesion of activity and
discipline.
Finally, the firms differ in their relations outside the industry. Many are tightly linked with
greater financial holdings and conglomerates. Such ties provide legitimacy and connections to
the PMCs and allow them to have greater access to financial capital.
Table 1. Comparative Charter
Mercenaries Private Military Companies
Organization Temporary and ad-hoc grouping
of individual soldiers.
Prior corporate structure.
Motives Individual short-term economic
reward.
Business profit driven.
Services Lacking prior organization,
focus on combat services, for
single clients.
Wider Range, varied clientele.
Recruitment Brought in by oblique and
circuitous ways to avoid legal
persecution.
Public, specialized.
Linkages Independence: not integrated
(for the long term) into any
national force, and is bound only
by the contractual ties of a
limited employee.
Ties to corporate holdings and
financial markets.
2.3. The Rise of Private Military Companies
Historically, private military forces have assumed innumerable forms and played
different roles in the conduct of warfare, existing and persisting alongside government
controlled militaries. As Singer points out, “there is no record of the first mercenary, but the
profession was born the first time three conditions were met: one; a war to fight; two,
someone or a group willing to pay for a substitute; three, a fighter or group of them willing to
hire out to do the fighting” (SINGER, 2008, p. 19). In this sense, private contractors should be
36
seen as complementary to State-sponsored forces, especially considering that governments did
not possess the monopoly on the use of force at numerous stages in history.
The interaction of several recent developments has created a geopolitical and
ideological context conductive to the resurgence of private military forces in the recent years.
The ending of the Cold War affected both the demand and supply sides of the market for
private force, stimulating the private military organizations industry. “The privatized military
industry is not just a flashback to historic private military agents. Nor is there any simple
cause behind its emergence. Instead, it is distinctly representative of the changed global
security and business environments at the start of the twenty-first century” (SINGER, 2008, p.
49).
The opening of the world economy, plus the change in the global security paradigm
led to the emergence of new conflict groups, not necessarily bound to any State. In this
context, the private actors’ comeback in war-making is part of a more general trend toward
eroding State control over violence. According to O’Brien, “within the relationship between
sovereignty and security, the disintegration of Westphalian notions of state sovereignty –
including their allied Weberian notion of the ‘monopoly of violence’ of the state – and the
effects that this has on security and war cannot be underestimated when looking at conflict
resolution and post-conflict reconstruction” (O’BRIEN, 2007, p.33). This is what authors
might call the “privatization of war”, or “privatization of force” phenomenon.
On the demand side of the private market of force, one could say that security has
been privatized because public authorities are unwilling or even unable to provide it in many
areas of the globe. As the very nature of the warfare also changes, many military functions are
transferred to civilian specialists, and “as the civilian role in warfare is expanded, it becomes
increasingly difficult to draw a precise line between military and non-military occupations”
(SINGER, 2008, p. 63). In this sense, even the most competent State can turn over some
military functions to private actors. On the other hand, weak, inept and corrupt States might
rely on private actors to protect and maintain important strategic facilities or sources of
revenue.
On the supply side, a pool of labor was created by the downsizing of military forces
since the end of the Cold War, benefiting the private market of force. Either former
professional soldiers and conscripts or even men who want to become part of a military force
have discovered a bright opportunity on the PMCs, especially when “the private military labor
37
pool for both conflict groups and private firms broadened and cheapened” (SINGER, 2008, p.
53).
The availability of weaponry also affected the market of force. Powerful and
technologically sophisticated weapons that were formerly under the exclusive control of state
military forces might be acquired by willing costumers around the world at bargain-basement
prices. Furthermore, the privatization of military forces is also part of the greater trend
towards downsizing and outsourcing in both public and private sectors.
3. PREVIOUS INTERNATIONAL ACTIONS
As stated before, the term “private military company” does not exist within any
international convention or legislation. In this sense, the nearest comparative functional term
would be that of “mercenary”. Despite the controversies over this term, mercenaries are dealt
within two international Conventions that aim at their elimination trough the criminalization
of their activities. Furthermore, the Additional Protocol I to Article 47 of the Geneva
Conventions of 12 August 1949, relating to the Protection of Victims of International Armed
Conflicts deals with mercenaries through the international humanitarian law scope.
On 3 July 1977, the African Union29 (AU) established the Convention for Elimination
of Mercenarism in Africa, which renders illegal sheltering, organizing, financing, assisting,
equipping, training, or supporting mercenary activities in any manner against a process of
self-determination or the territorial integrity of another State. Nine years later, the UN
Economic and Social Council (ECOSOC) addressed the issue through a resolution that
condemned “any State which persisted in permitting or tolerating the recruitment of
mercenaries, and the provision of facilities to them, with the objective of overthrowing the
governments of States Members of the United Nations”, as well as “the increased recruitment,
financing, training, assembly, transit and use of mercenaries” (E/RES/1986/43). Further
discussions led to the adoption of the International Convention against the Recruitment, Use,
Financing and Training of Mercenaries (A/RES/44/34), on 4 December 1989. Despite the
29 Previously known as Organization of African Unity.
38
existence of such Convention, none of the permanent members of the UN Security Council30
has signed the document.
The Additional Protocol I to the Geneva Conventions is, however, the primary
document of international standing on the matter that is extant today. It is the main provision
in force that contains a definition of mercenaries31. Differently of the “mercenary
conventions”32, it does not legislate against mercenary activity, but rather acknowledges their
existence and seeks to define their legal status and codify their standing within the context of
international humanitarian law. Therefore, the “mercenary conventions” and the Additional
Protocol I have different interpretations of mercenarism. According to Cameron, “under the
mercenary conventions, if States parties thereto have adopted implementing legislation,
persons who fulfill the definition of a mercenary may be prosecuted for the distinct crime of
being a mercenary. Under international humanitarian law, in contrast, it is not a violation of
the Geneva Conventions or Protocols to be a mercenary and mercenarism in and of itself does
not engender international criminal responsibility; simply, a mercenary does not benefit from
prisoner-of-war status if captured” (CAMERON, 2006, p. 577).
Thus, a mercenary, as defined under Additional Protocol I, may be punished under the
international laws of the detaining power for the fact of having directly participated in
hostilities, if so it chooses. But it can be persecuted only if the State also has separate
legislation designating mercenarism as a crime. Another distinction between the two regimes
is that the “mercenary status is only relevant under international humanitarian law only in
international armed conflicts, whereas the mercenary conventions may also apply in situations
of non-international armed conflict” (CAMERON, 2006, p. 578). Due to political
compromises among the signatory States, the Protocol was amended to define mercenaries as
only operating in international conflicts, even when hired foreigners can and do fight in
internal conflicts (SINGER, 2008).
Furthermore, the convention “elucidates the term against the backdrop of the period in
which it was drafted” (MATZIORINES, 2004, p. 11). The consequence is that the
applicability and relevance of the Protocol as a mean for the current legal context of the
30 The UN Security Council is composed by five permanent members – China, France, Russian Federation, the United Kingdom, and the United States – and ten non-permanent members – Belgium, Burkina Faso, Costa Rica, Croatia, Indonesia, Italy, Libyan Arab Jamahiriya, Panama, South Africa and Viet Nam. 31 See “Defining a Mercenary”. 32 The Convention for Elimination of Mercenarism in Africa and the International Convention against the Recruitment, Use, Financing and Training of Mercenaries are together known as the “mercenary conventions”.
39
PMCs is substantially degraded, and any subsequent international legislation designed from it
will be erroneous in application to PMCs.
In 1988, the UN established the standing appointment of the Special Rapporteur on
Mercenaries within the Office of the Commission on Human Rights. The first Rapporteur,
Enrique Ballesteros, acknowledged that the framework of “international legislation has not
taken account of new forms of mercenary activities” (E/CN.4/1999/11) and stressed “that
mercenary initiatives by private companies registered as security firms in a third country were
a threat to national sovereignty” (GA/SHC/3376) and to the exercise of the right of peoples to
self-determination. The latter Repporteur, Shaista Shameen, adopted a more controversial
point of view, suggesting the employment of PMCs in order to curb some UN problems in
peacekeeping operations. In addition, she stressed “the need to be careful not to confuse
mercenaries with other actors in the field - such as ‘terrorists’, ‘freedom fighters’,
‘volunteers’, ‘part-time soldiers’, ‘rebels with a cause’ and ‘private security companies’
supplying security services to individuals and organizations in trouble spots throughout the
world” (E/CN.4/2005/14).
In 2005, the General Assembly requested the Special Rapporteur to circulate to States
and consult with them on the new proposal for a legal definition of a mercenary drafted by the
former Special Rapporteur and to report her findings to the Commission on Human Rights
and the General Assembly. The task was later redirected to a Working Group, since many
countries were not satisfied with Shameen’s declarations.
4. BLOC POSITIONS
Despite the existent controversy about the use of PMCs within the United States of
America, the practice is a part of the country’s foreign policy. The US Government has
already institutionalized the matter of the PMCs, considering it a military topic. Currently, US
contracts for private military services are issued mainly by agencies of the Department of
Defense and the Department of State, and the use of private contractors by US Armed Forces
is institutionalized through the Army regulation Contractors Accompanying the Force33. The
document regulates the action of such companies, providing the Army “policy for obtaining
and using US citizens contracted to support or augment Army forces in operations-other-than-
33 Further information available at: http://www.army.mil/usapa/epubs/pdf/r715_9.pdf. Last accessed: 29 August 2008.
40
war and wartime operations”, and establishing “Department of the Army policies,
responsibilities, and procedures for using contractors on the battlefield, and specifically
addresses planning for acquiring and administering commercial support services on the
battlefield” (US ARMY, 2008). The US Customs Office is responsible, than, for licensing the
companies to work abroad, and after that there is no control afterwards whatsoever. Although
the United States did not ratify the Protocol Additional to the Geneva Conventions of 12
August 1949, the country relies on a wide array of national laws to regulate the use of PMCs,
as the Military Extraterritorial Jurisdiction Act of 2000 (MEJA), the Uniform Code of
Military Justice (UCMJ) and the War Crimes Act of 1996, which prohibits many grave
breaches of Common Article 3 to the Geneva Conventions, including torture, murder of an
individual not taking part in hostilities and sexual assault.
Although the US administration is very supportive of the concept of PMCs and despite
county’s development of a system for their regulation and use in defense contracts, the
situation in Iraq has demonstrated significant weaknesses in the system, and the Congress as
well as the Pentagon is undertaking a review of the existing system
In this sense, the position of the Iraqi and Afghan Governments is still fragile. Both
countries consider the usage of PMCs necessary, but face problems with the international
hiring of PMCs. Afghanistan witnessed the installation of a private prison inside its territory,
which was a clear violation of the State's sovereignty; while the Iraqi government has trouble
to control the greatest density of PMCs usage in the world. Nevertheless, the Iraqi national
army has been trained by PMCs for combat engagement, but this help has been strongly
criticized as for its quality.
The Russian Federation has shown growing concern about the use of PMCs in armed
conflicts over the past few years. During the UNSC meeting of 20 November 2007, the
country accused those companies of human rights and humanitarian law violations, defending
that “the responsibility to protect civilians falls first and foremost to the Governments of
States in conflict”. In addition, the Russian representative stated “that such responsibility
should also be borne in mind by non-State actors” (S/PV.5781). In fact, the Russian
Federation views the use of and service as mercenaries as criminal in its new Criminal Code
(DESCHAMPS, 2005, p. 38). Registers point out, however, that Russia might be using PMCs
in conflicted areas. In 2000, Georgia reported to the Special Repporteur on the question of the
use of mercenaries the existence of Russian “mercenary activities in North Caucasus,
especially in Chechnya” and in Abkhazia (A/55/334). In fact, there are today more than 9,000
41
private security enterprises operating in Russia (O’BRIEN, 2000), which, like the other
permanent members of the UNSC, has not signed the UN Convention on Mercenaries.
Even though the Chinese government had already contracted mercenaries before the
implementation of the communist regime, as witnessed on the Opium War, records on the use
of or the provision of mercenaries by the People’s Republic of China are not available. The
specificities of the communist policy do not allow such practices, which is probably why
there are no Chinese PMCs. Current transformations inside the People’s Liberation Army
(PLA) based on new technologies and on the concept of cyber/strategic information war
might point to the State’s necessity of contracting PMCs in the near future. In addition, until
now there are no Chinese national laws regulating the use of such enterprises.
The European Union (EU) countries are far from achieving a solid position on the
subject, especially due to the lack of clearer regulations. What has been a common-ground
official address to the use of PMCs is the usage of public-private partnerships, as an economic
viable situation for conflict engagement, as well as national regulations. The latter also
exemplifies the need for further discussions inside the organization. Heading the regulatory
movement are France, and its strict internal legislation on the privatization of war, Germany
and the United Kingdom.
France did not consider it useful to sign the resolutions of the Commission on Human
Rights on the use of mercenaries as a means of impeding the exercise of the right of peoples
to self-determination. However, the French State has recently inserted a law (#115-
04/03/2003) concerning the use of mercenaries into its legal system. Although this law does
not take into account the notion of the private military company, the constitution of such firms
is subjected to a check process by the state.
The United Kingdom is one of the first and most active government in the struggle
against the non State use of force. The “Foreign Enlistment Act” of 1819 and 1870 might be
considered, perhaps, the first effort taken by the UK in order to regulate the involvement of its
citizens in foreign conflicts. More recently, the British Government has showed its concern
regarding the matter with several studies and reports, like the Green Paper on Private Military
Companies from 2001-2002. The paper opened the debate on the use of PMCs and the
involvement of British nationals abroad as part of Private military operations, introducing six
options for regulation covering a range of measures intended to regulate the national and
international market.
42
There are, however, codes and rules within the EU that seek to control the deployment
of PMCs in conflicted areas, such as the The European Code of Conduct on Armament
Exports, the various Common Foreign and Security Policies, and some Ad Hoc Regulations.
In spite of the restrictions that emerge from the mentioned agreements, European PMCs are
still able to act in conflicts outside Europe.
Even greater need for discussions is verified within the African Union (AU).
Although the AU has made clear its position against the utilization of PMC on the
Organization of African Unity Convention for the Elimination of Mercenarism in Africa,
some important members do not back this position. However, it is necessary to recognize that
this law has seldom been enforced as demonstrated by the use of Executive Outcomes, a now
defunct South African PMC, by Angola and Sierra Leone, as well as by Mobutu’s
mercenaries.
The South African Republic is a country where history is broadly linked to
mercenary activities. It is also a country, which uses active PMCs in the conduct of combat
operations and is one of world’s main PMCs provider. The country, however, did not sign the
OAU document, focusing its efforts on its own Regulation of Foreign Military Assistance
Act, which addresses both mercenaries and PMCs. Nevertheless, the Act is criticized by
members of the South African government which consider it to be flawed, as it prohibits the
use of mercenaries while allows the rendering of PMCs
The debate on PMCs must be better addressed on Latin America. Firstly because the
region has ongoing conflicts in which PMCs act. Secondly because Latin American countries
are facing an altogether different situation, as a considerable number of civilians are being
hired by PMCs to work within conflict zones. The case of Colombia illustrates this situation.
The usage of PMCs inside Colombian national territory has dubious points of view. One must
consider first that the Colombian government allows, and even considers necessary, the
contraction of PMCs for the implementation and stabilization of “Plan Colombia”. On the
other hand, PMCs have already sold combat experience for the Colombian Armed
Revolutionary Forces in the past. Also relevant to consider is the 1989 Colombian trial that
judged guilty a mercenary leader hired to murder international drug dealer Pablo Escobar, but
failed in his attempt. He was then arrested when acting in the Iraq war.
5. QUESTIONS TO PONDER
43
During UFRGSMUN, SPECPOL members are called to set an opinion towards the
proposed topic, reflecting about the following suggested questions and any other relevant
issues:
1. How to define a PMC and how to define a mercenary?
2. Is it possible to regulate PMCs actions? What would be the best international
approach in order to do so? Is it possible to develop an international framework
on the matter?
3. Who is responsible for the actions of such companies?
4. What are the implications of the use of PMCs in both national and international
levels? What are the implications of the use of PMCs to the parties in conflict?
What are the implications of the use of PMCs to the civilians involved in
armed conflicts?
6. REFERENCES
Books
AVANT, Deborah. The Market for Force. New York: Cambridge University Press, 2005.
FAYEMI, J. ‘Kayode; MUSAH, Abdel-Fatau. Mercenaries: An African Security Dilemma. London: Pluto Press, 2000.
LANNING, Michael Lee. Mercenaries: Soldiers of Fortune, from Ancient Greece to Today’s Private Military
Companies. New York: Presidio Press, 2005.
MACHIAVELLI, Niccolò. The Prince. New York: Bartleby.com, 2001.
MÜNKLER, Herfried. The New Wars. Cambridge: Polity Press, 2005.
PELTON, Robert Young. Licensed to Kill: Hired Guns in the War on Terror. New York: Three Rivers Press, 2006.
ROSEN, Fred. Contract Warriors: How Mercenaries Changed History and the War on Terrorism. New York: Alpha Books, 2005.
SCAHILL, Jeremy. Blackwater: the Rise of the World’s Most Powerful Mercenary Army. New York: Nation Books, 2007.
SINGER, Peter W. Corporate Warriors: The Rise of the Privatized Military Industry. New York: Cornell University Press, 2008.
UESSELER, Rolf. La Guerra Como Negocio: Como Las Empresas Militares Privadas Destruyen la
Democracia. Bogotá: Grupo Editorial Norma, 2007.
VERKUIL, Paul R. Outsourcing Sovereignty: Why Privatization of Government Functions Threatens
Democracy and What We Can Do About It. Cambrige: Cambridge University Press, 2007.
6.2. Articles and Thesis
AVANT, Deborah. Privatizing Military Training. In: Foreign Policy in Focus. Vol. 7, No. 6. May 2002.
44
BEYANI, Chaloka; LILLY, Damian. Regulating Private Military Companies: Options for the UK Government. International Alerts, August, 2001.
CAMERON, Lindsey. Private Military Companies and their Status Under International Humanitarian Law. International Review of the Red Cross. Vol. 88, No 863. September 2006.
DESCHAMPS, Sebastian. Towards the use of the Private Military Companies in the United Nations
Peacekeeping Operations. United Nations Institute for Training and Research Programme of Correspondence Instruction. January, 2005.
GODDARD, Scott C. The Private Military Company: A Legitimate Internationl Entity Within Modern Conflict. 2001.
GULAM, Hyder. The Rise and Rise of Private Military Companies. United Nations Institute for Training and Research Programme of Correspondence Instruction. August, 2005.
KIDWELL, Deborah C. Public War, Private Fight? The United States and Private Military Companies. Fort Leavenworth, Kansas: Combat Studies Institute Press, 2005.
LEANDER, Anna. Eroding State Authority? Private Military Companies and the Legitimate Use of Force. Roma: Centro Militare di Studie Strategici, 2006.
MATZIORINIS, Nicholas. Private Military Companies: Legitimacy and Accountability. 2004.
MÜNKLER, Herfried. The Wars of the 21st Century. International Review of the Red Cross. Vol. 85, No 849. March 2003.
O’BRIEN, Kevin A. PMCs, Myths and Mercenaries: The Debate on Private Military Companies. In: Royal United Service Institute Journal, February 2000.
O’BRIEN, Kevin A. What Should and What Should Not be Regulated. In: From Mercenaries to Market: The Rise and Regulation of Private Military Companies. CHESTERMAN, Simon; LEHNARDT, Chia (eds). Oxford University Press, 2007, p. 29-48.
WITHER, James K. European Security and Private Military Companies: the Prospects for Privatized
“Battlegroups”. Quarterly Journal, Summer 2005.
Documents
ORGANISATION OF AFRICAN UNITY. OAU Convention for the Elimination of Mercenarism in Africa. Available at: http://www.africa-union.org/official_documents/Treaties_%20Conventions_%20Protocols/Convention_on_Mercenaries.pdf. Last accessed: 13 August 2008.
UNITED NATIONS. International Convention against the Recruitment, Use, Financing and Training of
Mercenaries. UN Doc. A/RES/44/34, 4 December 1989. Available at: http://www.un.org/documents/ga/res/44/a44r034.htm. Last accessed: 23 September 2008.
UNITED NATIONS. The Right of Peoples to Self-Determination and its Application to Peoples Under Colonial
or Alien Domination or Foreign Occupation. UN Doc. E/CN.4/1999/11, 13 January 1999. Available at: http://www.unhchr.ch/Huridocda/Huridoca.nsf/0/ab78acfb0828505780256737003f82a4. Last accessed: 23 September 2008.
UNITED NATIONS. Use of mercenaries as a means of violating human rights and impeding the exercise of the
right of peoples to self-determination. UN Doc. A/55/334 Available at: http://daccessdds.un.org/doc/UNDOC/GEN/N00/626/02/PDF/N0062602.pdf?OpenElement. Last accessed: 24 September 2008.
UNITED NATIONS. Protection of civilians in armed conflict: Report of the Secretary-General on the protection of civilians in armed conflict. UM Doc. S/PV.5781. Available at: http://daccessdds.un.org/doc/UNDOC/PRO/N07/605/03/PDF/N0760503.pdf?OpenElement. Last accessed: 24 September 2008.
UNITED NATIONS. Use of Mercenaries as a Means to Violate Human Rights and to Impede the Exercise of the
Right of Peoples to Self-Determination. UN Doc. E/RES/1986/43, 4 June 1986. Available at:
45
http://daccessdds.un.org/doc/RESOLUTION/GEN/NR0/668/91/IMG/NR066891.pdf?OpenElement. Last accessed: 23 September 2008.
UNITED NATIONS. Right to Self-Determination, Threat of Mercenaries, Rise of Xenophobia Highlight Third
Committee Discussion on Racism, Racial Discrimination. UN Press Release GA/SHC/3376, 5 November 1996. Available at: http://www.un.org/News/Press/docs/1996/19961105.gashc33.76.html. Last accessed: 23 September 2008.
UNITED NATIONS. The Right of Peoples to Self-Determination and its Application to Peoples Under Colonial
or Alien Domination or Foreign Occupation. Use of Mercenaries as a Means of Violating Human Rights and
Impeding the Exercise of the Right of Peoples to Self-Determination: Report of the Special Rapporteur, Shaista
Shameem. UN Doc. E/CN.4/2005/14, 8 December 2004. Available at: http://daccessdds.un.org/doc/UNDOC/GEN/G04/167/92/PDF/G0416792.pdf?OpenElement. Last accessed: 23 September 2008.
US ARMY. Army Regulation 715-9: Contractors Accompanying the Force. Available at: http://www.army.mil/usapa/epubs/pdf/r715_9.pdf. Last accessed: 29 August 2008.
BRITISH FOREIGN AND COMMONWEALTH OFFICE. Ninth Report of the Foreign Affairs Committee:
Private Military Companies Session 2001-2002. Available at: http://www.fco.gov.uk/resources/en/pdf/pdf5/fco_pdf_cm5642_govtreponsepmc. Last accessed: 13 August 2008.
BRITISH HOUSE OF COMMONS. Private Military Companies: Options for Regulation. London: The Stationery Office, 2002. Available at: http://www.fco.gov.uk/resources/en/pdf/pdf4/fco_pdf_privatemilitarycompanies. Last accessed: 13 August 2008.