Jurisprudence: Deliberating upon Cyber Economic Espionage

By: Priyadarshini Barua


INTRODUCTION

At the China Institute Event in April, New York, Gilbert Kaplan, an undersecretary for international trade at the US Commerce Department, said that China is “stealing American intellectual property and engaging in commercial cyber espionage”. It is not the first time that the country has been accused of economic espionage. Back in 2014, Reuters reported that the United States had charged five Chinese military officers and accused them of hacking into American nuclear, metal and solar companies to steal trade secrets. More recently in 2016, according to CBC News, US and UK have alleged that Russian government-backed hackers had infected computer routers across the globe in a cyber-espionage campaign that targeted government agencies, businesses and critical infrastructure operators.

These are just a few of the reported incidents related to transnational economic espionage over the past couple of years. The aggressive development of cutting-edge technology, especially the increasing dependence on the internet has made cyberspace a vulnerable place where hackers can target any information across the world. There is no scope for control because this illegal trade is virtual, i.e., mostly over the cyber domain. For instance, the Russian hackers were rumoured to create a malware called Uroburos which was ‘designed to steal files from nation states’ infrastructure, intelligence agencies and high profile enterprises.

This is a growing concern which needs to be addressed at the earliest. The essay, therefore, seeks to define economic espionage and grasp its nature from the perspective of Jurisprudence. Following which, it delves into the different approaches to combat this issue.

WHAT IS TRANSNATIONAL ECONOMIC ESPIONAGE OVER CYBERSPACE?

The term economic espionage has not been defined yet at the international level, either in a statute, treaty or convention. Hence, we take recourse to the Economic Espionage Act of the United States to define this particular term: the theft or misappropriation of a trade secret with the intent or knowledge that the offense will benefit any foreign government, foreign instrumentality, or foreign agent. In other words, economic espionage refers to state-sponsored activities directed to steal trade secrets from foreign countries in order to acquire an unfair leap ahead on technological developments. While there are numerous ways of engaging in economic espionage like establishing joint business ventures, recruiting intelligence officers under diplomatic cover, etc., economic espionage over cyberspace relates exclusively to targeting websites, infecting computer software and introducing viruses into databases, thereby stealing important trade secrets across transnational boundaries. To simplify further, a hypothetical example can involve a company based in the USA which has developed a cure for, say, cancer. The country had worked on this particular area for years, expending large amounts of resource and manpower. If a government-sponsored group of hackers in China infiltrate their database, the country would lose its competitive edge and would be at a serious disadvantage as the cure can now be replicated and sold at cheaper rates. It allows the beneficiary to skip the R&D process and proceed straight to the markets.

CYBER ESPIONAGE FROM THE ANGLE OF JURISPRUDENCE

The essay seeks to comprehend the nature of cyber economic espionage from the angle of Jurisprudence, specifically, from the perspective of Legal Positivism and Natural Law Theory. For this, it first attempts to find a basis from the famous Case of Speluncean Explorers written by Lon Fuller.[1] Further, recommendations to tackle cyber economic espionage are discussed.

THE CASE OF THE SPELUNCEAN EXPLORERS, 1949

The case of the Spelucean Explorers is a hypothetical case in which five explorers were trapped in a cave with scant provisions. On the twentieth day, through a portable wireless machine, the explorers could contact the rescuers. They were informed that the rescue would take another ten days and chances of their survival were very low. At this, one of the trapped explorers asked whether they could survive for those ten days if they consumed the flesh of one of their members. The chairman of the physician’s committee, though reluctant, answered in affirmative. Later on, at the time of the rescue, it was found that one of them was actually killed and eaten. This case raises the question of morality and law, but more importantly, offers an insight into the four perspectives of exploring a situation. These four perspectives have been used in the following as a basis to explore cyber economic espionage.

CAN YOU LEGALLY EXCUSE CYBER ECONOMIC ESPIONAGE?

The answer may be surprising but it seems like cyber economic espionage can indeed be legally excused. The main basis for forwarding this claim rests on international law, or its lack thereof in matters related to espionage, let alone economic espionage. While malicious cyber operations can be argued as a violation of Article 2(4) of the United Nations Charter, i.e. prohibiting the use of force, however, the fact remains that most activities so reported involving low- level cyber operations which do not warrant the need to enforce the Charter.

Unfortunately, cyber economic espionage is not explicitly prohibited either under the WTO rules or the TRIPS Agreement nor is it prohibited in international law. There remains a lacuna in the current law which needs to be addressed. In the meanwhile, such activities though frowned upon by the international community can be legally excused for lack of any provision to deal with it. At the domestic level, however, most countries have some variant of a criminal statute or a civil act to apply when their government or private sector has been victimized over the cyber domain. Not surprisingly though, these countries do not have a good track record of penalising the offenders. Therefore, in conclusion, economic espionage though a crime under municipal law can be legally excused at the international level.

CAN YOU LEGALLY JUSTIFY CYBER ECONOMIC ESPIONAGE?

Justification, as per Black’s Law Dictionary, means showing a sufficient reason in court to state why the defendant performed a particular act. In consonance with this understanding, a country, if found engaged in cyber economic espionage would have to legally justify its acts as per the existing law. But, as already mentioned, the lack of existing arrangements or tenets to penalize countries discovered engaging in the act implies that no justification is required. Even the Vienna Convention on the Law of Treatise, which is considered as an authoritative guide to state relations, does not provide any relief for economic espionage. It has been established that questions not regulated by the Convention continue to be governed by customary international law which has not, in this case, developed any custom in the field of cyber economic espionage. Thus, the necessity to justify does not arise on the basis that there is no violation of any law at the international level.

CAN YOU MORALLY EXCUSE CYBER ECONOMIC ESPIONAGE?

No, cyber economic espionage cannot be morally excused. This is propounded on the basis of the existence of intellectual property rights. The main essence of constituting the WTO or signing the TRIPS Agreement or instituting The Patent Cooperation Treaty is to protect intellectual property rights across transnational boundaries.  As already mentioned above, the WTO rules or TRIPS Agreement does not expressly prohibit cyber economic espionage, however, the letter and spirit of these agreements indicate that theft of trade secrets are prohibited. Such theft undermines the purpose of the agreement, i.e., to create a fair trade regime among member states. Trade thefts are also a violation of a right in rem[2], i.e. an interest protected against the world at large which ensures that a country can secure and utilize its property rights for its own benefit. Also, as per the ideas of ownership, a country developing intellectual property rights has the right to use and enjoy the thing owned; the right to manage it and the right to the income from it.

Trade secrets are a key part of the innovation process and are important to protect the development of new ideas. Trade thefts are detrimental to the growth of companies as they would have to compete against their own technology advanced by IP thieves. This can adversely affect the lives of those who are dependent upon the continued success of the company. A community may be dependent upon the contributions from the economic success of the company and may also affect the health of a particular industry and even the national economy. Hence, cyber economic espionage cannot be morally excused.

CAN YOU MORALLY JUSTIFY CYBER ECONOMIC ESPIONAGE?

Morality is subjective. It is simply a distinction between right and wrong or good and bad, depending on one’s consciousness. Hence, on an individual level, a country may morally justify its reasons for stealing trade secrets so as to advance its own economy. They can argue that it was the right decision based on the perspective that it was for the greater good of their own people. After all, the main reason for conducting economic espionage is to bolster the economy by using stolen trade secrets to generate wealth and spur development and growth of business within borders.[3] Again, the country whose secrets were stolen would consider the same act as morally unjust. The verdict, therefore, lies with the majority and as the international community would weigh in favour of the country whose secrets were stolen, therefore, the act of cyber economic espionage cannot be said to be morally justified.

IS CYBER ECONOMIC ESPIONAGE RIGHT OR WRONG?

The above are perspectives, based on certain criteria, and we further try to establish whether cyber economic espionage is right or wrong. Fuller’s account allows one to differentiate between Legal Positivism and Natural Law Theory. These theories of legal philosophy investigate a particular law as ‘right’ or ‘wrong’ on the basis of its tenets. The attempted conclusion is how either theory would investigate the situation of the lack of laws with respect to cyber economic espionage and aid to develop it further.

Legal Positivism tries to determine a percept as either law or not for a particular purpose in a given time frame.[4] It excludes the moral factor and so the absence of laws in cyber economic espionage would not render the act as ‘illegal,’ even though it might seem so. Therefore, cyber economic espionage is not wrong because there are no laws to determine its legality.  On the other hand, the central notion of Natural Law Theory rests on moral principles and is dependent on natural reason[5] to identify an act as either ‘right’ or ‘wrong’. Therefore, despite the lack of legal sanctions to address cyber economic espionage, nevertheless, it is a ‘wrong’ because it is against the nature of natural law, i.e. justice and morality.[6]

I believe that the theory of Natural Law always takes precedence over Legal Positivism. Morality is in many ways an integral part of a law and legal development[7] and lawmakers need to consider the tenets of morality while framing laws least civilization falls into disaster. The Nazi Regime in Germany during the 1940s instituted the Nuremberg racial law which extinguished any human right that ever existed.[8] Similarly, the American slave codes in the 18th century questioned the existence of morality in the prevailing legal system. The Positivist theory would not criticize these laws and simply see it ‘as it exists’, so long as it governs the society at large. But, the Natural Law Theory delves into such an existing legal framework and considers it from a moral perspective, whether it is guiding civilization to higher development or not. When such an investigation ensues, we can easily conclude that the above passages in history clearly ridiculed the very concept of human rights and humanity.

On the basis of such an argument, economic espionage is basically cheating or stealing from another country. Though there are no laws to govern this behaviour, yet the moral consciousness and natural reason dictate it to be against progress. It is to another country’s detriment and is against the very tenets of the basis of human civilization like justice, reason, ethics, etc.[9] Further, social contract theories suggest that certain rights have to be surrendered in order to continue living in peace. Such surrendering of rights is based on social contracts, arising out of a moral duty, which is essential for human civilization to live in peace. Drawing a similar analogy, the country’s duty not to engage in trade thefts arises out of a social contract which must be respected to live peacefully. If economic espionage continues without any repercussions, it would act as a disincentive for companies to innovate further. It could lead to the collapse of entire industries and adversely affect the world economy at large. In light of this argument, a list of recommendations to combat this problem is elucidated below.

COMBATING CYBER ECONOMIC ESPIONAGE

It is imperative that the laws need to be amended with changing times in order to deal with the proliferation of reported cyber economic espionages. Currently, the WTO panels have limited jurisdiction and ‘cannot interpret and enforce non-WTO laws other than to the extent necessary to interpret and apply WTO provisions.’ This means that WTO members are only obliged to fulfil commitments that they have consented to; therefore, a country has to prove a violation of a particular rule in order to file a case before the panel. This can sometimes prove to be a challenge which is why alternative methods are required to undertake this problem.

The WTO forum could be provided with more powers to adjudicate upon matters of trade thefts and should have a list of sources of law that are applicable to decisions of the WTO panels, similar to the hierarchy of sources set out in Art 38(1) of the Statute of the International Court of Justice. The TRIPS agreement could insert a clause to deter member countries from engaging in such acts and could further provide penalties to countries found stealing trade secrets. There can also be a separate treaty or a new agreement drafted under WTO to address cyber economic espionage. All in all, there needs to be some international norm to prohibit states from stealing IP in the cyber domain. While such decisions will take time, in the meanwhile, pressure can come from the international community at large. If all counties systematically impose sanctions on the country stealing trade secrets, then it would also serve as a deterrence policy and would prevent other countries from engaging in such acts. These countries can also function on a forum, independent of the WTO, to identify common strategic goals to address this problem.

To reduce risks of economic espionage, countries could further strengthen their cybersecurity in collaboration with private companies. For instance, the United States’ Federal Bureau of Investigation organizes training sessions and initiates working partnerships with the private sector to identify the flaws and strengthen the security system. This may not be an easy solution yet it serves in the long run for most countries to keep their intellectual property safe.

CONCLUSION

It has been found that cyber economic espionage does not violate any rules in international law. However, because of the increase in such reports, there needs to be a precise system in place to adjudicate upon such matters, either by strengthening the WTO forum or establishing a different forum altogether to deal with IP thefts. Cyber economic espionage has been found to be harmful to countries that are dependent on it for its competitive edge and can prove to be disastrous for their economies. Therefore, a comprehensive code of conduct to regulate fair trading practices must be developed for countries to protect their trade secrets.

[1] Wacks, Understanding Jurisprudence: An Introduction to Legal Theory (5th ed, OUP 2018).

[2] Fitzgerald,  Salmond on Jurisprudence (12th ed, Sweet and Maxwell 2016) 43.

[3] Concierge Security Report, Industrial and Economic Espionage Mindstar, Security & Profiling 2016.

[4] Dias, Jurisprudence (5th ed, LexisNexis 2013) 499.

[5] ibid.

[6] Mahajan’s, V. (2016).

[7] Freeman, Lloyd’s Introduction to Jurisprudence (8th ed, Sweet & Maxwell 2014).

[8] Mahajan’s, V. (2016).

[9] ibid.


(Priyadarshini is currently a student at Gujarat National Law University, Gandhinagar.)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s