Cybersecurity and Sovereignty in Cyberspace: Challenges and Prospects of International Law

INTRODUCTION. This article explores the concept of “cyber sovereignty”, understood as the set of legal claims and mechanisms through which states seek to control and protect their interests in the digital domain. Amid the rapid development of information and communication technologies, the transnational nature of cyberspace, and the lack of unified international norms, debates on the applicability of classical state sovereignty to the digital realm are intensifying. The paper examines various approaches taken by different countries (Russia, China, the United States, EU member states, etc.) in regulating cyberspace, highlighting the growing importance of cybersecurity in international law, and analyzing the role of international organizations (including the UN) and key documents such as the Tallinn Manual 2.0.

MATERIALS AND METHODS. The study is based on a qualitative analysis of academic literature, international legal instruments (UN Charter, International Court of Justice rulings, doctrinal documents), national cybersecurity strategies (Russia, the USA, China, among others), and a comparative examination of state practices and positions regarding cyber sovereignty. General and specific scientific methods – analysis and synthesis, systematic and comparative-legal approaches – were employed to identify legal gaps and contradictions in the regulation of the digital environment.

RESULTS. The analysis shows that states increasingly aim to extend the concept of classical sovereignty to cyberspace by developing national legislation and creating independent cyber jurisdictions. This trend is reflected in the strategies and doctrines of several countries (China, Russia), which seek to control their segment of the internet. At the same time, a rift remains between states that advocate for an open and free internet (the USA, EU states) and those that prioritize strengthening national control over the digital sphere. In practice, it is difficult for states to reach consensus on the permissible scope of intervention and the application of the principles of non-intervention and sovereignty in cyber operations.

DISCUSSION AND CONCLUSIONS. The analysis reveals legal uncertainty in defining what kinds of cyber operations violate sovereignty, as well as in the categorization of cyber espionage and low intensity cyberattacks. The UN and its specialized expert groups (GGE, OEWG) are working on harmonizing approaches; however, no single universal mechanism has yet been established. The most acute controversies concern recognizing sovereignty in the digital sphere as a distinct norm of international law and establishing clear criteria for legitimate cyber operations. Overcoming legal gaps and reducing the risk of conflict require the development of universal principles that account for the unique characteristics of cyberspace, as well as the deepening of international cooperation, including the exchange of information and the creation of rapid response mechanisms to cyber threats.

1. Bronk C., Tikk-Ringas E. 2013. The Cyber Attack on Saudi Aramco. – Survival. Vol. 55. No. 2. P. 81-96.

2. Brown G., Poellet K. 2012. The Customary Law of Cyberspace. – Strategic Studies Quarterly. Vol. 6. No. 1. P. 126-145.

3. Buchan R. 2016. Cyber Espionage and International Law. – Journal of Conflict and Security Law. Vol. 21. No. 3. P. 461-493.

4. Danelyan A.A. Kiberprostranstvo i mezhdunarodnoe pravo [Cyberspace and International Law]. – Mezhdunarodnoe pravo i mezhdunarodnye organizatsii [International Law and International Organizations]. 2020а. No 2. (In Russ.).

5. Danelyan A.A. Mezhdunarodno-pravovoe regulirovanie kiberprostranstva [International Legal Regulation of Cyberspace]. – Obrazovanie i pravo [Education and Law]. 2020б. No 1. P. 261-269. (In Russ.).

6. Dobrinskaya D.E. Kiberprostranstvo: territoriya sovremennoi zhizni [Cyberspace: Territory of Contemporary Life]. – Vestnik Moskovskogo universiteta. Seriya 18. Sotsiologiya i politologiya [Bulletin of Moscow University. Series 18. Sociology and Political Science]. 2018. Vol. 24, No 1. P. 52-70. (In Russ.).

7. Gorelik I.B. Formirovanie mezhdunarodno-pravovoi sistemy protivodeistviya kiberprestupnosti [Formation of an International Legal System for Combating Cybercrime]. – Pravo i politika [Law and Politics]. 2021. No 5. P. 60-71. (In Russ.).

8. Gorelik I.B. Rol' mezhdunarodnykh organizatsii v protsesse protivodeistviya kiberprestupnosti [The Role of International Organizations in Countering Cybercrime]. – Mezhdunarodnoe pravo i mezhdunarodnye organizatsii [International Law and International Organizations]. 2021. No 3. P. 28-41. (In Russ.).

9. Hathaway O.A., Crootof R., Levitz P., Nix H., Nowlan A., Perdue W., Spiegel J. 2012. The Law of Cyber Attack. – California Law Review. Vol. 100, No. 4. P. 817-886

10. Johnson D.R., Post D.G. 1996. Law and Borders – The Rise of Law in Cyberspace. – Stanford Law Review. Vol. 48. No. 5. P. 1367-1402.

11. Kello L. 2017. The Virtual Weapon and International Order. New Haven: Yale University Press.

12. Lin H. 2016. Attribution of Malicious Cyber Incidents: From Soup to Nuts. – Journal of International Affairs. Vol. 70, No. 1. P. 75-92.

13. Lotsberg K., Jellinek H. 2017. Jurisdiction in Cyberspace. – Journal of High Technology Law. Vol. 17. No. 2.

14. Miguleva M.V. Istoriya opredeleniya ponyatiya “kiberprostranstvo” [History of Defining the Concept of “Cyberspace”]. – Etnosotsium i mezhdunarodnaya kul'tura [Ethnosocium and Interethnic Culture]. 2018. No 6 (120). P. 41–45. (In Russ.).

15. Moynihan H. 2019. The Application of International Law to State Cyberattacks: Sovereignty and Non-intervention. – Chatham House Research Paper. December. P. 1-40.

16. Mueller M. 2010. Networks and States: The Global Politics of Internet Governance. Cambridge (MA): MIT Press. P. 1-280.

17. Rid T. 2012. Cyber War Will Not Take Place. – Journal of Strategic Studies. Vol. 35. No. 1. P. 5-32.

18. Schmitt M.N. 2009. Grey Zones in the International Law of Cyberspace. – Vanderbilt Journal of Transnational Law. Vol. 42. P. 427-448.

19. Shackelford S.J., Richards E., Studio J.D., Craig A.N. 2015. Using BITs to Protect Bytes: Promoting Cyber Peace and Safeguarding Trade Secrets Through Bilateral Investment Treaties. – American Business Law Journal. Vol. 52. No. 1. P. 1-86.

20. Taddeo M. 2018. Cybersecurity and Individual Rights, Striking the Right Balance. – Philosophy & Technology. Vol. 31. No. 4. P. 503-507.