Statement by Director of Cyber Security at Estonian Information System Authority Mr. Gert Auväärt at the International Justice Day Event “The Rome Statute at 23: The Role of the ICC in the Regulation of Cyberwarfar”

I am honoured to address you at this event marking the adoption of the Rome statute 23 years ago and to share this virtual panel with distinguished international law academics.

Aside from firmly believing in justice and rule of law, Estonia is a strong believer in the potential and ability of new innovative technologies to benefit our societies. These technologies hold great promise for human and social development and welfare. They can allow us to live better, and also to govern better – enabling better access to information, transparent and efficient government, healthier democracy and greater protection of the rule of law. These are all preconditions for peaceful and secure societies.

At the same time, the same tools and technologies can also be used to cause deliberate harm. There are clear risks to human rights, democratic processes and the rule of law, which have potential implications for international peace and security. Many of these hazards have already materialised. As a stark example, in the wrong hands, digital and emerging technologies have become convenient tools for political repression. Estonia remains deeply concerned about the practices that seek to assert excessive control under the pretence of ensuring national security while disregarding international human rights law and the principles of an open, free, secure, interoperable and reliable Internet.

During the last decade, UN Member States have agreed on an effective normative framework for responsible State behaviour in cyberspace. Estonia holds the strong view that existing international law, including the UN Charter in its entirety, international humanitarian law and international human rights law, applies in cyberspace. States are accountable for any acts committed contrary to their obligations under international law. We are encouraged and guided by the successful consensus outcomes of both the latest UN Group of Governmental Experts and the Open-Ended Working Group, reaffirming the normative framework in this regard.

Estonia has been actively engaging in a range of international fora to try to help address the risks involved and promote the uptake and use of emerging technologies in a way that is responsible, trustworthy, transparent and in line with the provisions of international law, including international humanitarian and human rights law. These efforts need to include a multi-stakeholder approach embracing the private sector, civil society and academia.

In New York, Estonia together with Singapore co-chairs the Group of Friends on e-Governance and Cybersecurity that seeks to inform of developments in the field. Estonia has been striving to take forward the topic of cyber security in the Security Council. Just last month, during our Presidency, Estonia organised the first ever Security Council open debate specifically on cyber security. It is essential that the Council keeps up with contemporary security challenges and takes cyber threats into consideration. The open debate presented an opportunity to raise awareness on the risks malicious cyber activities pose and reaffirm the commitment of States to international law and the framework of responsible State behaviour as key elements of conflict prevention and maintenance of peace and security in cyberspace. We are glad that the meeting was constructive, with over 60 States and organisations contributing to this important discussion at a high level.

One of the pertinent pratical questions to be asked now is exactly how international law applies to cyberspace. As a staunch supporter of international criminal justice, in particular the International Criminal Court, Estonia was honoured to become part of a group of countries to call into existence a Council of Advisers on the Application of the Rome Statute to Cyberwarfare. We are grateful to the experts that have participated in the group for their tremendous work and Liechtenstein for leading the endeavour.

Lastly, I take the opportunity to point out that the NATO Cooperative Cyber Defence Centre of Excellence based in Estonia is sponsoring the updating of the Tallinn manual from its 2017 2.0 version to 3.0. This anticipated scholarly work by distinguished international law academics and practitioners will provide an updated objective restatement of international law as applied in the cyber context. All stakeholders have the opportunity to contribute to this process.

I look forward to hearing from the other esteemed panelists on their insights on the state and intricacies of application of Rome Statute to cyber warfare.