Conflicts, Crimes and Regulations in Cyberspace

70 63

71 64

72 65

73 66

74 67

75 68

76 69

77 70

78 71

79 72

80 73

81 74

82 75

83 76

84 77

85 78

86 79

87 80

88 81

89 82

90 83

91 84

92 85

93 86

94 87

95 88

96 89

97 90

98 91

99 92

100 93

101 94

102 95

103 96

104 97

105 98

106 99

107 100

108 101

109 102

110 103

111 104

112 105

113 107

114 108

115 109

116 110

117 111

118 112

119 113

120 114

121 115

122 116

123 117

124 118

125 119

126 120

127 121

128 122

129 123

130 124

131 125

132 126

133 127

134 128

135 129

136 130

137 131

138 132

139 133

140 134

141 135

142 136

143 137

144 138

145 139

146 140

147 141

148 142

149 143

150 144

151 145

152 146

153 147

154 148

155 149

156 150

157 151

158 152

159 153

160 154

161 155

162 156

163 157

164 158

165 159

166 160

167 161

168 162

169 163

170 164

171 165

172 166

173 167

174 168

175 169

176 170

177 171

178 172

179 173

180 174

181 175

182 176

183 177

184 178

185 179

186 180

187 181

188 182

189 183

190 184

191 185

192 186

193 187

194 188

195 189

196 190

197 191

198 192

199 193

200 194

201 195

202 196

203 197

204 199

205 201

206 202

207 203

208 205

209 206

210 207

211 208

212 209

213 210

214 211

215 212

216 213

217 214

218 215

219 216

Cybersecurity Set

coordinated by

Daniel Ventre

Volume 2

Edited by

Sébastien-Yves Laurent

First published 2021 in Great Britain and the United States by ISTE Ltd and John Wiley & Sons, Inc.

Apart from any fair dealing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form or by any means, with the prior permission in writing of the publishers, or in the case of reprographic reproduction in accordance with the terms and licenses issued by the CLA. Enquiries concerning reproduction outside these terms should be sent to the publishers at the undermentioned address:

ISTE Ltd

27-37 St George’s Road

London SW19 4EU

UK

www.iste.co.uk

John Wiley & Sons, Inc.

111 River Street

Hoboken, NJ 07030

USA

www.wiley.com

© ISTE Ltd 2021

The rights of Sébastien-Yves Laurent to be identified as the author of this work have been asserted by him in accordance with the Copyright, Designs and Patents Act 1988.

Library of Congress Control Number: 2021945731

British Library Cataloguing-in-Publication Data

A CIP record for this book is available from the British Library

ISBN 978-1-78630-686-9

Why is it necessary to perceive cyberspace from a reflexive point of view? Since it is not a natural or social reality, but a shared system built over time by a multitude of actors, its hybrid nature – it possesses both a technological and a social aspect – does not enable us to use the usual benchmarks that social sciences use to study the social world. Moreover, cyberspace actors are talkative and doctrinaire and produce a host of fairly new strategic concepts (often of little value) that obscure the understanding of the situation 1 . The effort to be reflexive seems all the more necessary. Understanding cyber therefore presumes an approach that takes into account its social and technological dimensions, as well as an ability to distance oneself from the various discourses of the actors, both indispensable conditions in order to make it an authentic object of study. The challenge of this book is specifically to try to contribute to this essential reflection, which is still in its infancy 2 , and so we must therefore state for the reader the choices and perspectives that guide it.

The nine chapters of this volume provide a global and, therefore, original dimension of cyberspace. Indeed, it seemed to us to be beneficial to not limit its content, as is sometimes the case, to an irenic vision that only values the collaborative dimension or, conversely, to a cynical vision that reduces cyberspace to a conflictual space. In the spirit of our global perspective, we chose the title Conflicts, Crimes and Regulations in Cyberspace . This book is not directly part of the endless debate between the advocates of cyberwar (Calvo 2014) and those who reject this posture (Gartzke 2013). We note that there are confrontations in cyberspace, involving civilian and military actors, toward various ends that are not always short term. Today, the state of our knowledge strongly exceeds the apocalyptic prognoses of the 1990s and 2000s and this allows us to relativize the quantity and scope of confrontations between state actors, most of which are related to data theft activities, that is espionage (Valeriano and Maness 2018). Thus, we have chosen to describe them as “crimes” or “conflicts” in order to deliberately avoid the term “war” 3 , which seems excessive to us and immediately produces a securitization effect.

The 10 authors, whom we thank warmly 4 for their contributions, were each asked to provide a clear definition of what they meant by cyberspace in their text. This is, of course, important since, in this field, diversity prevails; thus, in 2018, the NATO Cooperative Cyber Defense Center of Excellence (CCD COE) in Tallinn identified 29 definitions of cyberspace (Bigelow 2018). We have chosen to adopt the 2006 US definition from the National Military Strategy for Cyberspace Operations since it seems neutral: “[...] an operational domain characterized by the use of electronics and the electromagnetic spectrum to create, store, modify and exchange information via networked information systems and associated physical infrastructures” 5 . The authors gathered here, whether jurists or political scientists, also adhere to the perspective of studying the cyberspace object as a sociotechnical system, that is to say, as a set of social units in dynamic interactions, organized around information and communication technologies, which orientates toward science and technology studies (STS) 6 .

Finally, this book is clearly part of an internationalist perspective 7 , since its authors believe that the study of cyberspace cannot be confined to the limits of a single country, due to the distributed nature of the system structuring cyberspace and the constant mobility of data. This observation does not, however, invalidate the possibility of studying public cyber policies (see Chapter 2). Adopting this international approach, we make it clear that we will not revisit the theoretical debate on whether cyberspace is a component of the international system or whether it constitutes its own autonomous system 8 . In the research paradigm that we have described, we here highlight international cyberspace issues (see Chapters 1and 8) as well as two countries, the United States (see Chapters 1, 2, 6and 9) and France (see Chapters 3, 5and 8). The diversity of cyber actors – state, non-state and individual – is evoked in every chapter of the book, but the chosen approach highlights the first two.