May 17, 2012
Limiting Terminological Escalation
There's a lot of (correct) criticism about military buzzwords and calling things war which plainly are not. So credit should be given when credit is due when someone gets it right, as US Cyber Command attorney Robert Clark has:
While happy to label so-called outbreaks of “cyber-war” as “B.S.”,
Clark stated that “governments are in the business of offensive
cyber-operations now.” Clark also said that cyber “attack” is over-used in the media, as he
feels the planet is yet to see a real cyber-attack . “Stuxnet was not a
cyber ‘attack’, Estonia was not a cyber ‘attack’, that pipeline that
some people say ‘yeah, that was malicious code’ wasn’t a cyber
‘attack’,” he said. ....And why does this definition matter? In other words, why should we care
about loose media use of “cyber war”? Because, Clark explained to El Reg: if policy-makers are only informed by the catchphrase and not the definition, they will make bad policy.
To be perfectly clear, there are a lot of things that also aren't war that have serious security implications. Espionage is threat, for example, even if thefts of crucial secrets are not literally military operations. A hurricane--not a foreign army--devastated New Orleans. And the bad economy has far-reaching implications for our ability to generate military and diplomatic power. But securitizing an issue is not always (or even partly) likely to lead to more effective policy. Calling obesity a national security threat or declaring wars on nouns is not going to lead anywhere productive.
I tend to agree more with Tim Stevens on the issue of cyber war--it's a no brainer that distinctive cyber operations and tactics will augment more traditional military operations. Take it away, Tim:
At least 95% of this debate could be solved by substituting ‘cyber
warfare’ for ‘cyber war’. That is, by accepting – as any sane person
should – that ‘cyber warfare’ tactics and operations are part of war. ...We should also accept – at least, for now – that there is no pure-play
cyber war. It’s either war or it’s not. Simple. A land war is still a
war. A sea war is still a war. All ‘cyber’ is in this context is an
environmental modifier. Useful for descriptive purposes but it doesn’t
alter the essential nature of war as a political and coercive act.
I would be remiss in not observing that the line between military activities and covert operations and espionge is not really always easy to draw for policymakers or military analysts to draw in practice.
Since some forms of covert operations and military operations both aim to achieve strategic effect through violent coercion, it is easy to make arguments to the effect that Iran and Israel are engaged in "shadow war." Low-intensity operations tend to look remarkably like terrorism, crime, sabotage, subversion, and coercive diplomacy at the lower tactical margins. Those who like to eat out in Foggy Bottom (I enjoy a nice Thai place every once and a while) may be sympathetic to this agument because Iran may have gotten away with trying to put a bomb under their dinner plates.
Charles Dunlap observed that international law of armed conflict (LOAC) tends to be "effects-based"--as in the effect of the action determines whether it constitutes an "armed attack" against which can be retaliated. LOAC can at times be confusing because it does not grant a clear go-ahead for states to respond to force more generally, even if it simultaneously prohibits threats of force (talking about Articles 2 and 51 of the UN Charter respectively). Dunlap also soundly argues that the phrase "act of war" is really a political, rather than legal distinction.