Legal Regimes Governing Cyber and Intelligence Operations

It is recommended that the course From Cold War Espionage to Cyberwars: history, theory, and practice of intelligence and cybersecurity (B780004101) is either studied at the same time as this course or passed previously. A student can still participate in the other elements of the programme if they have similar professional insights gained in other ways, e.g. through relevant courses or other education, or from work experience in the field.

Prior knowledge of the legal regulation of armed conflicts and intelligence operations is an advantage but not a prerequisite.

The course will be taught at the Defense Academy in Copenhagen and will consist of two seminar days and online lectures.

The students will be introduced to a number of topics, all of which play a central role in Denmark's ability to handle challenges in the field of cyber and intelligence. Topics include:

• The legal 'system' behind military cyber operations and intelligence activities - from a Danish point of view
• The national and international sets of rules that set the framework for Danish intelligence services and units' ability to obtain information in both wartime and peacetime
• The international law debate on the legal framework for cyber operations - focusing on the main conclusions and remaining bumps
• The international law regulation of espionage and the criminal law treatment of the subject
• The state's right to keep secrets, including the system for confidentiality and classification in Denmark - and the punishment for revealing state secrets
• Control of the intelligence services and cyber capacity in Denmark.

This course aims to provide participants with insight into the legal framework for military cyber operations and intelligence activities, as well as introduce participants to tools that can assist with analysis and discussion of the legality of - and the legal implications of - specific cyberspace and intelligence activities.

The participants will be able to use their knowledge of the legal rules that form the framework for Danish military cyber operations and intelligence activities, to analyze specific cases in this regard. Against this background, participants will be able to identify legal opportunities, challenges and constraints that may affect such activities.

The subject's literature totals approx. 600 pages that illuminate in various ways aspects of the national and international regulation of Danish military cyber operations and intelligence activities. The literature will include i.a. academic texts, legislation, court decisions, supervision reports, military doctrine as well as professional statements. In addition, use will be made of journalistic material that addresses some of the most debated and challenging issues surrounding the handling of cyberspace and intelligence activities. A complete bibliography will be published on ITSlearning before the start of the course. The subject syllabus will i.a. include:

• Excerpts from in particular the PET Act, the FE Act, the Defense Act and the Security Circular
• Excerpts from annual reports from the Danish Intelligence Service
• Asaf Lubin, The Reasonable Intelligence Agency, 47 Yale Journal of International Law (2021)
• Marc Schack, National Security and Confidentiality in Danish Law, U.2020B.237
• Excerpt from Michael N. Schmitt (ed.), Tallinn Manual 2.0 on the international law applicable to cyber operations (Cambridge University Press, 2017)
• State statements on the role of international law in cyberspace, including Norway, Norwegian position on selected questions of international law relating to cyberspace (May 2021) and the United Kingdom, Application of international law to states' conduct in cyberspace: UK statement (June 2021).
• Excerpt from the Defense Academy, Joint Defense Doctrine for Military Cyberspace Operations (September 2019)
• Excerpts from the Ministry of Defense & amp; The Defense Command, Military Manual of International Law for Danish Armed Forces in International Military Operations (September 2016).

The total workload for the student is 27 hours per. ECTS credits. A total of 135 hours for this subject. The lessons cover preparation, lectures, seminar days, exam preparation and the exam itself. The 135 hours are expected to be distributed as follows:

• Introductory day: 3 hours 
• Seminar days (in person): 12 hours
• Lectures (online): 6 hours
  
• Preparation: 57 hours
• Consultation for synopsis topic: 1 hour
• Exam and exam preparation: 56 hours