A lot more is known since January 2017 when I wrote a piece for Just Security arguing that the Russian interference in the 2016 U.S. election should be interpreted as a violation of international law. We now know that the operation has continued since the election, and that it is a broad, deep and targeted intervention into U.S. society. Recognizing this as an internationally illegal act is important because it provides a legal basis for the use of proportional countermeasures (otherwise illegal actions) to force an immediate cessation of the ongoing campaign—both in cyberspace and in the real world—and to deter any further intrusion. Yet it should also be made clear that concluding the Russian actions violated international law does not provide legal grounds for an armed response; this is not an armed attack.
Last year the attribution found in the Intelligence Community’s report on Russian hacking, and the fact sheet explaining the Obama administration’s response to it, already indicated that Russia’s intention was to target and erode the legitimacy of the U.S. government and its democratic institutions. Yet Russia’s actions do not appear to have been interpreted as a breach of international law by President Barack Obama because the public response was comprised only of retorsions (unfriendly but lawful actions). With Special Counsel Robert Mueller’s indictment of 13 Russian individuals and three Russian entities for conspiring to defraud the United States, among other charges, the operation is now being pursued as a domestic crime. That indictment also took a substantial step forward in the establishment of facts. In this light, it is worth building on the case I previously put forward to further explain that this multi-pronged and sophisticated campaign should no longer be viewed as occurring within a grey zone of international law. If we are to accept the attribution made by the U.S. intelligence services, the Russian activity was, and continues to be, “coercion” and thus a transgression of the international law principle of non-intervention.
In a nutshell, the guiding precedent on this matter explains that for an intervention to be illicit it must be 1) within another State’s domaine réservé (i.e. strictly an internal affair) and 2) must meet the standard of coercion. A State should clearly “decide freely” who leads its government, so our attention must be on the latter. The Tallinn Manual 2.0, a valuable analysis by experts on how international law applies to cyber operations, explains this point in Rule 66: “Cyber means that are coercive in nature may not be used to alter or suborn modification of another State’s governmental or social structure.” Since the term coercion and all its derivatives are undefined in international law, this is the pivotal concept that must be fleshed out to determine illegality—a knotty nub indeed.
While some experts apply a strict doctrinal interpretation, I advocate that the “nature of state interests” at stake—namely the vital societal dynamic of legitimacy—requires that we take into account the “scale” and “reach” of an operation to understand if it is coercive (building on the work of law professor Sean Watts). When all that we have learned over the last 15 months is combined with what we already knew, the Russian-ops are a clear violation of this standard. Put simply, this piece will review the debate and focus our attention on the breadth, depth and precision of the Russian intrusion in order to clarify this as an illegal act.
Status of the Debate
To begin, it is useful to provide a brief overview of how the Russian operation has been interpreted thus far. For example, an eminent authority on the application of international law in cyberspace, Michael Schmitt, wrote an article in May 2017 presenting the Russian strategy as intentionally working within grey zones of the law and aptly labelled it as, “asymmetrical lawfare.” He explained at the time that there was uncertainty if the Russian interference could be dubbed an illicit intervention because: “It is unclear whether facilitating the release of actual e-mails—as distinct from, for example, using cyber means to alter election returns—amounts to coercion as a matter of law.”
What is of consequence here is that this assessment is focused on the activities directly related to the hack of the Democratic National Committee (DNC). This has been commonly seen as the crux of the foreign interference and thus the only place to find relevant legal facts. However, Schmitt also expressed his opinion on our central question: “The opposing, and slightly sounder, view is that the cyber operations manipulated the process of elections and therefore caused them to unfold in a way that they otherwise would not have. In this sense, they were coercive.”
Though it was a minority view, certain experts involved in Tallinn 2.0 asserted that a full understanding of “context and consequences” was required to determine if an activity has “the potential for compelling the target State to engage in an action that it would otherwise not take.” Indeed, these elements will expose the scope and intensity of a cross-border campaign. Otherwise the action might be categorized as persuasion, public diplomacy or propaganda. As will become clear, this is unfitting for the extensive Russian election interference.
Today’s dependence on cyberspace, and the ease with which States can now meddle in the internal affairs of others, means that we are seeing a sharp and worrisome increase in sophisticated versions of interference. We only need to look at elections in the United Kingdom, France, Germany, Spain, Mexico and Italy, to see this type of disruptive cyber activity spreading. With this in mind, it is helpful to remember that this is a particularly obscure legal question: “Just as the reach of international law is constantly changing, so too is the line between what is, and what is not, prohibited under the non-intervention principle.”
Thus, it is not surprising that there are others wrestling with this issue: Jens David Ohlin has recommended a more proper rubric would be self-determination, and Samuli Haataja suggests that “information ethics” should inform our legal interpretation of damage and violence in cyberspace. Each is valuable, and I would suggest there are ways to integrate them into providing further substance and shape to the term of coercion.
It is also worth noting two other important sources here. The first is an article co-authored by former Vice President Joe Biden entitled, “How to Stand Up to the Kremlin: Defending Democracy Against Its Enemies.” In it, coercion is used no less than five times. Repetition of this key legal term (in my italics below) cannot be an accident as the authors call for defensive action:
Russia’s assault on democracy and subversion of democratic political systems calls for a strong response. The United States and its allies must improve their ability to deter Russian military aggression and work together more closely to strengthen their energy security and prevent Russia’s nonmilitary forms of coercion.
Secondly, even though President Donald Trump has called Russian election interference a “made-up story,” White House documents confirm that not only is Russia engaged in a (dis)information operation, but also that democratic legitimacy is indeed the target. The National Security Strategy, released in December, states:
A democracy is only as resilient as its people. An informed and engaged citizenry is the fundamental requirement for a free and resilient nation. For generations, our society has protected free press, free speech, and free thought. Today, actors such as Russia are using information tools in an attempt to undermine the legitimacy of democracies.
This last phrase (in my italics) echoes my claim that such campaigns are “cyber ops to erode legitimacy.” Because this is a sine qua non for all States, it can amount to a destabilizing blow rendering an adversary inert.
Evidence of a Broad, Deep and Targeted Operation
We can now turn to compile some of the additional evidence that has been building (while still recognizing there remains much to learn). A greater appreciation of the expansive costs, planning and aims of Russia’s intervention helps bolster my judgment of coercion by exposing the massive “scale” and “reach” of the operation. Perhaps most telling, Bob Bauer, a former White House counsel and specialist in campaign finance law, concluded that the Internet Research Agency, the Russian entity found to be directing the operation, “is now revealed to have essentially been among the largest Super PACs operating in the 2016 elections.”
Beyond the DNC hack and the release of Democratic emails to WikiLeaks, Mueller’s indictment exposed, in vivid details, an additional component of an extensive conspiracy to obscure and confuse the electorate’s clear understanding of the presidential candidates and related politics, starting as far back as 2014.
To influence/manipulate U.S. citizens, Russian operatives and entities:
- generated “political intensity through supporting radical groups, users dissatisfied with social and economic situation and oppositional social movements”;
- purchased space on servers inside the U.S. to hide Russian origin of activity;
- stole the identities of real U.S. persons;
- communicated with “unwitting members, volunteers, and supporters of the Trump Campaign,” as well as grassroots groups that supported Trump; successfully got them to distribute Russian-generated materials;
- “engaged in operations primarily intended to communicate derogatory information about Hillary Clinton, to denigrate other candidates such as Ted Cruz and Marco Rubio, and to support Bernie Sanders and then-candidate Donald Trump” (i.e. they were involved during the primaries);
- promoted false allegations of voter fraud by the Democratic Party through posts, hashtags and purchased ads;
- organized, coordinated and promoted political rallies in the U.S.;
- paid money to cover expenses for rallies;
- purchased ads to promote these rallies;
- “asked one U.S. person to build a cage on a flatbed truck and another U.S. person to wear a costume portraying Clinton in a prison uniform. Defendants and their co-conspirators paid these individuals to complete the requests”;
- encouraged U.S. minority groups not to vote.
The scale and reach of these efforts were magnified by:
- the investment of millions of dollars and the employment of hundreds of people;
- the tracking and study of U.S. politics and social issues to target operations;
- the amassing of hundreds of thousands of online followers to their thematic group pages on social media sites;
- thousands of dollars spent every month to promote these social media groups;
- creation and control of numerous Twitter accounts collecting hundreds of thousands of followers;
- tracking and measuring performance of online content through metric reports;
- contacting media outlets to promote activities inside U.S.
These activities, taking place on the Internet and in the real world, certainly go well beyond the dissemination of (sometimes doctored) stolen emails. This activity clearly represents a broad and deep intrusion into the U.S. electoral process. If we accept a less doctrinal approach, all of this points to a clearer legal conclusion than previously thought.
In addition to this Mueller indictment, a great deal has been learned about the manner in which weaponized information flowed in Russia’s operation. The fact that top national security officials are sounding alarm bells in threat assessments and testimony before Congress makes the danger from the ongoing foreign-sponsored disruption all the more poignant. Here it will suffice to draw attention to a few sources that identify the machineries involved in the operation:
- We now have specific cases illustrating how bots, trolls & dezinformatsiya (deliberate falsehoods spread by design) were used to sow discord during the presidential campaign, and continued to do so. This article follows how information exfiltrated from the DNC made its way through U.S. courts and the media landscape from June 2016 through August of 2017. Specifically, the newspaper owned by Jared Kushner ran changing headlines that filtered through the newsfeeds of some Bernie Sanders supporters claiming a district court admitted that the Democratic primaries had been “rigged.” As the distorted story broke, a Hamilton 68 screenshot captures that bots and trolls linked to Russia worked to amplify it in social media;
- Fourteen former national security, intelligence, and foreign policy officials submitted an “unusual” amicus brief in a lawsuit against the Trump campaign et al. that proclaimed: “The threat posed to our democracy by Russian active measures campaigns is serious, ongoing and will require vigilance on the part of the U.S. government and people” (the sources cited in the brief are a good primer on Russian “active measures” and disinformation campaigns);
- RT and Sputnik, Kremlin-backed television stations, have been identified as a part of Russia’s new theory of war and interference, and both have now been required to register as foreign agents in the United States. Former Under Secretary of State for Public Diplomacy and Public Affairs explained it as such: “Disinformation is launched on Twitter; it is then covered by Russian outlets like RT and Sputnik; those stories are loaded up on YouTube and are then pushed out to sympathetic Facebook communities.”
This brings us to the new evidence that emerged just last week about the roles played by Facebook and Cambridge Analytica in targeting receptive individuals with great precision. Importantly, “fake news” on social platforms such as Facebook is almost impossible to monitor because their algorithms for pursuing amenable users are off limits to the general public, independent researchers and experts. This means we have no tracking of political microtargeting or measurements of its potency. Nevertheless, Cambridge Analytica has now burst onto the scene with the revelation that private data from some 50 million Facebook users was harvested and shared with the company for what has been called “psychological warfare” by whistleblower Christopher Wiley. Much more needs to be learned about the accuracy of this psychological profiling from digital footprints, but for our legal question what is relevant is whether the work of Cambridge Analytica can be attributed to Russia.
Given the interests at stake, it is my view that the vastly improved mechanisms for cross-border precision targeting of voters to spread personalized (dis)information and political activists for particular causes should have a bearing on the legal definition of coercion.
Conclusions
For months, the revelation of new facts demonstrating a deeply intrusive and expansive interference into the internal affairs of the United States has continued unabated, and it would be naïve to presume that there is nothing left to learn. My own interpretation of “coercion,” the pivotal legal term under discussion, revolves around understanding the potentially paralyzing effects of targeting and eroding legitimacy. With this core interest in jeopardy, and all that we have learned and watched over the last 15 months, the case has only become stronger for labelling what happened, and continues to occur, as coercion.
This developing picture has been sharpening dramatically and so I believe we have the necessary tools and evidence to reach three important conclusions.
First, there is a need to strengthen the norm of non-intervention. The United States and the Soviet Union/Russia have a long history of interference in the affairs of other States, but this by no means should lead us to assume that it is acceptable by law. The rapidly growing capacity for all States to engage in meddling through cyberspace signifies that steps should be taken to curb such action.
Secondly, it is important to recognize that there is indeed an available remedy. A first impulse of many may be to look for a response based in the law of self-defense. Yet such an approach presents real risks of escalation, and all indications are that the Russian operation did not rise to the level of an “armed attack,” or involve any use of force. Conversely, Schmitt has highlighted that otherwise illegal actions in the form of proportional countermeasures are available for malicious cyber-attacks that are found below this threshold (duly noting a political—not legal—breakdown on this question last year). Concluding that Russian intervention into the 2016 U.S. election, as well as continued Russian interference in American politics, represent an internationally wrongful act is significant particularly because, as Schmitt points out in his article: “U.S. Cyber Command possesses unparalleled capabilities to conduct operations below the armed attack threshold.” To wit, there are prudent and legal avenues for forcing termination of the campaign and deterring future intervention.
Of course, such a conclusion and decision to impose countermeasures obviously lies within the purview of the president, and so far, Trump appears to have given no orders to counter Russian meddling. If there could be agreement on the illicit nature of the Russian intervention, it would help to make plain the failure by Trump to defend the nation. Serious doubt has been raised before about whether he can “faithfully” execute his oath of office. Concluding that the Russian interference operation illegally intrudes into the internal affairs of this country concentrates that accusation against Trump on his sacred vow as president to “preserve, protect and defend the Constitution of the United States.”