International law and cyberspace
Finland’s national positions
Introduction
In line with its general support to rules-based international cooperation and respect for
international law, Finland sees international law as an essential framework for responsible State
behaviour in cyberspace. In the same vein, the UN Group of Governmental Experts (GGE) has
reaffirmed that “international law, and in particular the Charter of the United Nations, is
applicable and is essential to maintaining peace and stability and promoting an open, secure,
stable, accessible and peaceful ICT environment”. 1 As this formulation, reflecting the specific
mandate of the GGE, focuses on questions of international peace and security, there is reason to
underline that the same applies to other rights and obligations of States, whether based on treaty
law or customary international law.
While the existing rules and principles of international law are applicable in cyberspace, the
application of certain provisions may give rise to practical problems due to the specific
characteristics of cyberspace. Finland therefore welcomes the current exchange of views on
particular questions regarding how international law applies to State use of information and
communication technologies and wishes to contribute to the discussion by commenting on some
of the issues that have been raised recently in this regard.
Sovereignty
It is undisputed that the principle of State sovereignty applies in cyberspace. While cyberspace
as a whole cannot be subject to appropriation by any State, each State has jurisdiction over the
cyber infrastructure and the persons engaged in cyber activities within its territory.2 Sovereignty
confers each State the exclusive right to exercise the functions of a State within a certain
territory,3 and protects its territorial integrity and political independence from interference by
other States.4 In this sense, sovereignty is a foundational principle of the international legal order.
1
See Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the
Context of International Security, 2013 Report (UN Doc. A/68/98, para.20; 2015 report (UN Doc. A/70/174), para.
24.
2
The Group of Governmental Experts has stated in this regard that “State sovereignty and international norms and
principles that flow from sovereignty apply to State conduct of ICT-related and to their jurisdiction over ICT
infrastructure within their territory”. See GGE 2015 Report, para. 27. Other bases of jurisdiction may be applicable
to cyber activities in accordance with international law.
3
As Judge Max Huber stated in the Island of Palmas arbitral award: “Sovereignty in the relations between States
signifies independence. Independence in regard to a portion of the globe is the right to exercise therein, to the
exclusion of any other State, the functions of a State.” See Island of Palmas (Netherlands v. the US), 2 UNRIAA 829,
838 (PCA 1928).
4
According to the International Court of Justice, “between independent States, respect for territorial sovereignty is
an essential foundation of international relations.” See Corfu Channel Case (UK v. Albania), ICJ reports 1949, p. 4,
at 35.
1