This course examines legal and policy challenges stemming from rapidly evolving cybersecurity threats. Cyber insecurities affect many types of actors—for example, individuals who suffer cybercrimes, media outlets whose websites are hacked or taken offline, businesses whose intellectual property is plundered, and states that undertake and/or attempt to defend against espionage and uses of force in cyberspace. This course will explore the national and international legal frameworks that govern malicious and defensive actions in cyberspace, including laws related to cybercrime, cyberespionage, and cyberwar. The course will consider legal questions within the context of broader debates about issues such as governance of cyberspace and the Internet, the roles of governmental and non-governmental actors, evolving understandings of privacy, and the role of law in governing a constantly changing domain where many actors operate in secret. The objective of the course is to contextualize cybersecurity threats and responses to them in a national and international law framework, while also recognizing the limits of current law, the need for further policy evolution, and the real-world impacts of different legal and policy options.
No technical knowledge is required. Background in or familiarity with public international law is helpful, but not necessary. International law concepts will be introduced as necessary.