CYBERSECURITY, SOVEREIGNTY, AND INTERNATIONAL LAW: NORMATIVE CHALLENGES IN THE DIGITAL AGE

Authors

DOI:

https://doi.org/10.18623/rvd.v23.4381

Keywords:

Cybersecurity, Sovereignty, International Law, State Responsibility, Cyber Operations

Abstract

Cyber operations now occupy a central position in strategic competition, yet international law continues to face persistent normative uncertainty regarding sovereignty, prohibited intervention, use of force, attribution, and permissible countermeasures. This article examines the sovereignty debate in cyberspace and argues that the primary challenge is not the absence of applicable law but the lack of shared interpretive consensus and operational thresholds. Drawing on the UN process on responsible state behaviour, the law of state responsibility, and the Tallinn Manual’s restatement approach, the study maps the principal legal tests invoked by states—sovereignty, due diligence, non-intervention, use of force or armed attack, and countermeasures—and analyzes how core technical characteristics of cyberspace complicate their application. Methodologically, the article combines doctrinal legal analysis with structured qualitative illustration drawn from widely discussed incident types, including industrial disruption malware and supply-chain compromise. The findings identify three recurring normative gaps: disagreement over the legal status of sovereignty, inconsistent thresholds for coercion and effects, and underdeveloped evidentiary standards for attribution. The article concludes by proposing incremental pathways for legal stabilization aimed at enhancing predictability and restraint in the cyber domain.

References

Cora, A. N. (2024). Exploring the viability and implications of a NATO-like defense cooperation among Turkic states. Türk Dünyası İncelemeleri Dergisi, 24(2), 627–642. https://doi.org/10.32449/egetdid.1538388

Council of Europe. (2001). Convention on Cybercrime (ETS No. 185). Council of Europe.

Deibert, R. J. (2013). Black code: Surveillance, privacy, and the dark side of the Internet. McClelland & Stewart.

Farrell, H., & Newman, A. L. (2019). Weaponized interdependence: How global economic networks shape state coercion. International Organization, 73(1), 42–79. https://doi.org/10.1017/S0020818318000457

Hathaway, O. A., Crootof, R., Levitz, P., Nix, H., Nowlan, A., Perdue, W., & Spiegel, J. (2012). The law of cyber-attack. California Law Review, 100(4), 817–885.

International Court of Justice. (1949). Corfu Channel (United Kingdom v. Albania), Judgment of 9 April 1949. https://www.icj-cij.org

International Court of Justice. (1986). Military and paramilitary activities in and against Nicaragua (Nicaragua v. United States of America), Judgment of 27 June 1986. https://www.icj-cij.org

International Law Commission. (2001). Draft articles on responsibility of states for internationally wrongful acts, with commentaries (UN Doc. A/56/10). United Nations.

Jensen, E. T. (2014). Cyber sovereignty: The way ahead. Texas International Law Journal, 50, 275–305.

Kello, L. (2017). The virtual weapon and international order. Yale University Press.

Koskenniemi, M. (2005). From apology to utopia: The structure of international legal argument (Reissue ed.). Cambridge University Press.

Kratochwil, F. (2014). The status of law in world society: Meditations on the role and rule of law. Cambridge University Press.

Nye, J. S., Jr. (2010). Cyber power. Belfer Center for Science and International Affairs, Harvard Kennedy School.

Schmitt, M. N. (Ed.). (2017). Tallinn Manual 2.0 on the international law applicable to cyber operations. Cambridge University Press.

Tsagourias, N., & Buchan, R. (Eds.). (2015). Research handbook on international law and cyberspace. Edward Elgar Publishing.

United Nations Office for Disarmament Affairs. (2022). The UN norms of responsible state behaviour in cyberspace (Figure 2: The four components that make up the UN framework of responsible state behaviour in cyberspace) [Adapted]. United Nations. https://documents.unoda.org

United Nations Office for Disarmament Affairs. (2025). Developments in the field of information and telecommunications in the context of international security. https://disarmament.unoda.org

United Nations. (2021). Report of the Group of Governmental Experts on advancing responsible state behaviour in cyberspace in the context of international security (UN Doc. A/76/50). United Nations.

Willett, M. (2021). Lessons of the SolarWinds hack. Survival, 63(2), 7–26. https://doi.org/10.1080/00396338.2021.1906001

Zetter, K. (2014). Countdown to zero day: Stuxnet and the launch of the world’s first digital weapon. Crown Publishers.

Downloads

Published

2026-03-03

How to Cite

Cora, H., & Mikail, E. H. (2026). CYBERSECURITY, SOVEREIGNTY, AND INTERNATIONAL LAW: NORMATIVE CHALLENGES IN THE DIGITAL AGE. Veredas Do Direito, 23, e234381. https://doi.org/10.18623/rvd.v23.4381

Issue

Vol. 23 (2026): Veredas do Direito, v. 23, 2026

Section

Articles

License

I (we) submit this article which is original and unpublished, of my (our) own authorship, to the evaluation of the Veredas do Direito Journal, and agree that the related copyrights will become exclusive property of the Journal, being prohibited any partial or total copy in any other part or other printed or online communication vehicle dissociated from the Veredas do Direito Journal, without the necessary and prior authorization that should be requested in writing to Editor in Chief. I (we) also declare that there is no conflict of interest between the articles theme, the author (s) and enterprises, institutions or individuals.

I (we) recognize that the Veredas do Direito Journal is licensed under a CREATIVE COMMONS LICENSE.

 

Licença Creative Commons Attribution 3.0