Description

The harm prevention rule - including the due diligence standard of conduct it requires - is often seen as a potentially powerful accountability mechanism for malicious cyber operations of state and non-state actors when attribution fails. Yet a lack of clarity on its doctrinal status, content and scope has hampered its practical utility so far. To address this problem, the book provides the first comprehensive analysis of the harm prevention rule in cyberspace. Through an in-depth analysis of state practice and opinio iuris it carves out which risks of cyber harm trigger due diligence obligations to prevent harm and which measures states are required to take in concreto. The book differentiates between binding minimum standards and non-binding best practice standards.