The ‘Virtual Eichmann’: on sovereignty in cyberspace

Sovereignty is a complex notion of international law, and not less disputed in the current digital era. The main question raised by some States is whether sovereignty is a ‘mere’ principle of international law in the virtual cyberspace or a binding rule as it is in other physical domains. Though a growing number of States provide a legal opinion regarding this topic, many remain reticent in doing so. But, international co-operation in cyberspace is challenging if the core premises, including the notion of State sovereignty, are not settled. The question is therefore not semantic; the consequences can be substantial, not least since cyberspace activities below a coercive intervention cannot be considered an international wrongful act if sovereignty is not a primary rule of law.
This article argues that the sovereignty of States, based on territorial integrity and political independence, is a primary rule of law in cyberspace. The breaches of sovereignty in cyberspace will however not follow the avenue of a violation of the territorial integrity but are based on a violation of the political independence. The method used to substantiate the argument is to compare the 1960s abduction of Eichmann to a present-day ‘deletion of a virtual Eichmann’. In the 1960s abduction of Eichmann both territorial integrity and political independence - related to inherently governmental functions - were violated. In a fictitious remote cyber activity to delete a hackers-group, the ‘virtual Eichmann’, it is difficult to determine a violation of territorial integrity when no physical or functional damage occurs. However, the inherently governmental functions of the State can and will be violated when a remote cyber operation is executed aimed at State functions such as taxation, law enforcement or elections, not least since these functions are less territorial in nature. Clarity regarding the exact threshold when inherently governmental functions are violated will require further State practice, but questioning ‘when’ the breach happens alludes to the existence of sovereignty as a primary rule of law in cyberspace.