Authored by nineteen international law experts, the “Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations” published in 2017 , is the updated and considerably expanded second edition of the 2013 “Tallinn Manual on the International Law Applicable to Cyber Warfare”. It is an influential resource for legal advisers dealing with cyber issues. The Tallinn Manual 2.0 is the most comprehensive analysis on how existing international law applies to cyberspace. The Tallinn Manual is available in both paper and electronic copies from Cambridge University Press (© Cambridge University Press 2017). The drafting of the Tallinn Manual 2.0 was facilitated and led by the NATO Cooperative Cyber Defence Centre of Excellence.
The Tallinn Manual 2.0 analysis rests on the understanding that the pre-cyber era international law applies to cyber operations, both conducted by and directed against states. This means that that cyber events do not occur in a legal vacuum and states both have rights and bear obligations under international law.
The focus of the original Tallinn Manual was on the most severe cyber operations, those that violate the prohibition of the use of force in international relations, entitle states to exercise the right of self-defence, and/or occur during armed conflict. Tallinn Manual 2.0 adds a legal analysis of the more common cyber incidents that states encounter on a day-to-day basis and that fall below the thresholds of the use of force or armed conflict.
As such, the 2017 edition covers a full spectrum of international law applicable to cyber operations ranging from peacetime legal regimes to the law of armed conflict, covering a wide array of international law principles and regimes that regulate events in cyberspace. Some pertain to general international law, such as the principle of sovereignty and the various bases for the exercise of jurisdiction. The law of state responsibility, which includes the legal standards for attribution, is examined at length. Additionally, numerous specialised regimes of international law, including human rights law, air and space law, the law of the sea, and diplomatic and consular law, are examined in the context of cyber operations.
Professor Michael Schmitt, a Senior Fellow at the Centre from the United States Naval War College and the University of Exeter, directed the Tallinn 2.0 initiative. Liis Vihul, currently the Ambassador of the NATO CCDCOE served as Managing Editor. Additionally, a team of legal and IT experts from the Centre supported the effort. The expanded edition of the Tallinn Manual, like its predecessor, represents only the views of its authors, and not of NATO, the CCDCOE, its Sponsoring Nations, or any other State or organisation.
The Tallinn Manual process is continuing with a legal, technical, strategic and operational assessment of cyber scenarios, with the aim of publishing a practical reference source for Cyber Commands.