Research Repository

‘Cyber Due Diligence’: A Patchwork of Protective Obligations in International Law

Coco, Antonio and de Souza Dias, Talita (2021) '‘Cyber Due Diligence’: A Patchwork of Protective Obligations in International Law.' European Journal of International law, 32 (3). pp. 771-806. ISSN 0938-5428

chab056.pdf - Published Version
Available under License Creative Commons Attribution.

Download (390kB) | Preview


With a long history in international law, the concept of due diligence has recently gained traction in the cyber domain, as a promising avenue to hold States accountable for harmful cyber operations originating from or transiting through their territory, in the absence of attribution. Nonetheless, confusion surrounds its nature, content and scope. It remains unclear whether due diligence is a general principle of international law, a self-standing obligation or a standard of conduct, and whether there is a specific rule requiring diligent behaviour in cyberspace. This has created an ‘all-or-nothing’ perception: either States have agreed to a rule or principle of ‘cyber due diligence’, or no obligation to behave diligently would exist in cyberspace. We propose to shift the debate from label to substance, asking whether States have duties to protect other States and individuals from cyber harms. By revisiting traditional cases, as well as surveying recent State practice, we contend that — whether or not there is consensus on ‘cyber due diligence’ — a patchwork of different protective obligations already applies, by default, in cyberspace. At their core is a flexible standard of diligent behaviour requiring States to take reasonable steps to prevent, halt and/or redress a range of online harms.

Item Type: Article
Divisions: Faculty of Humanities
Faculty of Humanities > Law, School of
SWORD Depositor: Elements
Depositing User: Elements
Date Deposited: 17 May 2021 14:31
Last Modified: 18 Aug 2022 10:48

Actions (login required)

View Item View Item