Title: Vital Interests, Virtual Threats: Reconciling International Law with Information Warfare and United States Security
Subject: This thesis examines the history of technology and sovereignty, which reveals a model for the evolution of international law.
Author(s): Karl J. Shawhan
Abstract: The dominance of the U.S. military means that traditional threats, short of weapons of mass destruction, currently pose little risk to U.S. sovereignty. Non-traditional threats, however, pose asymmetric dilemmas for the United States. The increased U.S. military and economic reliance on information systems introduces new vulnerabilities not adequately protected by traditional kinetic force arms. Additionally, international law does not adequately provide response mechanisms for the United States in case of a Computer Network Attack. The United States needs to establish policy directives and diplomatic initiatives to secure its information sovereignty for the future. This thesis examines the history of technology and sovereignty, which reveals a model for the evolution of international law. Specifically, the history of sea, air, and space provide examples on past issues of sovereignty. A three-stage pattern of international law emerges. Under the assumption that sovereignty issues related to information warfare will follow the same path, the current state of sovereignty regarding information is established. To focus the study, a functional outline for international convention, the International Regime for Information Security (IRIS), is advanced. IRIS balances U.S. domestic privacy needs with U.S. national security demands. Specifically, technology issues regarding digital identification and encryption are weighed against civil liberties and intelligence needs. After examining the advantages and disadvantages of the IRIS regime, this paper recommends its use as a model for a future international convention on information warfare. Within an IRIS-type regime, compromise between civil liberty advocates and intelligence service organizations are necessary. Through digital identification and universally strong encryption, privacy and security concerns will be satisfied.