Should civilian data be considered protected “objects” under international humanitarian law?

International Humanitarian Law (IHL) divides the world into legitimate military objectives and protected civilian persons and objects. While IHL provides clear guidance on how to distinguish one category from the other in the physical realm, the relatively new domain of cyberspace is characterized by a number of features unknown at the time of IHL’s creation. As a consequence, there is no consensus on whether and how the rules on targeting apply to digital data – and more specifically whether digital data can be considered an ‘object’ under IHL. The report aims to clarify the situation and aid in solving this problem.

The report identifies two major positions in the legal debate on the status of data: The traditionalist school, which emphasizes the fact that ‘an object’ has traditionally been defined as something visible and tangible, and that data therefore should not be considered an object, as the protection provided by IHL would otherwise extend beyond its intended scope; and the progressive school, which emphasizes that the purpose of IHL is to protect civilians from the effects of armed conflict, and that civilian data should therefore be considered an object, as the protections provided by IHL would otherwise be more restricted than intended. Both schools posit valid legal interpretations but arrive at polar opposite conclusions. The report therefore suggests a contextual interpretation as a supplement to the two schools: As the rules and legal structure of relevant IHL regulation intend to divide the world into objects that are either legitimate military objectives or protected civilian objects, it cannot have been the intention for anything directly targetable in an armed conflict to fall outside the scope of the rules. Through this approach, data should be considered an object and civilian data protected civilian objects.

The report goes on to review available government statements on the matter and compare them with official Danish statements. The report finds Denmark to be one of only three states maintaining a traditionalist interpretation of the question, while significantly more states – including several of Denmark’s close allies – support the progressive approach. Largest, however, is the group of states that either leave the question open or have yet to comment on it. Based on the analysis of the legal debate and state positions, the report concludes that the interests of Denmark are best served through the adoption of an open position, where technological advancements can give rise to new considerations on the matter, and through contributing to a clarification of the legal concept of ‘military operations’, which might shed light on aspects of the protection of civilian data under IHL, regardless of the outcome of the current debate on ‘data as an object’. 

The report makes the following recommendations:

  • Denmark should follow technological developments and the legal debate closely.
  • Denmark should seek to clarify the regulation of ‘military operations’ in cyberspace.