2
•
•
•
Para 20: Include reference to 2010, 2013 and 2015 GGE reports as further guidance, after: “as
well as with their other obligations under international law”.
Para 24: Replace “Vulnerable populations” with “vulnerable groups”.
Suggestion to include a reference to threats to the public core of the internet, as also mentioned
in para 50 of the Zero Draft, in the Section on Existing and Potential Threats.
III. International Law
•
•
•
•
•
•
•
•
Germany supports the position of the International Law Section within the overall structure of
the report, which underlines that existing international law provides a binding framework for
responsible behavior in cyberspace which is complemented by norms, rules and principles for
responsible State behavior as well as CBMs and capacity building.
Para 26: Consider streamlining the order of the referenced sources of international law with art.
38 ICJ Statute (which could also be explicitly cited): (1) international treaties, (2) customary law
and (3) general principles of law.
Para 28: We suggest the following editorial modifications: instead of “sovereign equality”
consider writing “sovereign equality of States”; instead of “refraining in their international
relations from the threat or use of force against the territorial integrity or political independence
of any State, or in any other manner inconsistent with the purposes of the United Nations”
consider “prohibition of the threat or use of force as laid down in art. 2 para. 4 UN Charter”.
In the interest of a more concise Report, delete para 27, as its content is already contained in
para 34.
Para 31: We would like to reiterate that there is no general obligation under international law to
publicize a decision on attribution and to provide or to submit for public scrutiny detailed
evidence on which an attribution is based. However, substantiating accusations of wrongful acts
are desirable and helpful for de-escalation, if circumstances so permit, and we support the
current wording of para 31 taken from the 2015 GGE report for these reasons.
Para 30 first sentence: Suggestion to clarify sentence, it should be stated that States may incur
responsibility in accordance with the customary law rules of State responsibility if their use of ICT
amounts to a wrongful act under international law.
Para 30 second sentence: Why do we need the limitation of the due diligence principle to “nonState actors acting on the instruction or under the control of a State to commit a wrongful act”?
Instruction/direction or control is a separate criterion for attribution and should be distinguished
from the principle of due diligence which seems to be referred to here. Perhaps it would be
better to revert to previous version: “States should seek to ensure that their territory is not used
by non-State actors to commit such acts”. Before, separately or in combination with the sentence
on “proxies” and the last sentence (which already mentions the control aspect), a reference
could be made to the attribution criterion of “instructions, direction or control” as detailed in
Art. 8 ILC Draft Articles on State Responsibility. Generally, the para should be streamlined on
basis of the ILC draft articles on State responsibility, also with regard to the criterion of
ownership in the last sentence.
On paras 32, 33: They should emphasize more clearly that existing international law is applicable
to cyberspace and that no lacunae exist in this regard. In particular, para 33 (“It was highlighted
that while existing bodies of international law do not include specific reference to the use of ICTs
in the context of international security, international law can develop progressively, including