Authored by Shatakshi Singh and Shivesh Saini, V Year Students, University School of Law and Legal Studies, Guru Gobind Singh Indraprastha University, New Delhi

Introduction

The rise of Intangible Cultural Property and the evolution of warfare highlight the need for extensive regulation. However, humanitarian regulations, established well before the era of cyber warfare, raise questions about their applicability. These conventions were crafted during the two world wars, with a primary focus on saving lives and cultural property from the horrors of kinetic warfare. While this foundation remains essential, the intricacies of modern military operations demand an expansion of this evolving legal framework.

The preservation of Intangible Cultural Heritage (ICH) and a state’s cyber protection are intertwined. The digital revolution has enabled states to convert heritage, both tangible and intangible, into digital forms like 3D visuals, scanned texts, and audio recordings. Platforms such as YouTube house vast collections of moving images, while Wikipedia serves as a digital repository of cultural knowledge. Similar platforms like CyArk digitally preserve    cultural sites, as seen with the Bamiyan Buddhas in Afghanistan. China’s digital protection of its intangible cultural heritage, like the Silk Road project and collaborations with Samsung Galaxy, has seen notable success. This technological evolution necessitates regulation, especially in the situations of armed conflict. It is vital to include cyber-attacks in the armed conflict definition, even without specific rules. The principles like Marten’s clause from the Geneva Conventions and Additional Protocols becomes relevant, ensuring protection based on principles recognized by civilized society and guided by public conscience, preventing legal vacuums in the absence of a comprehensive legal framework.

Existing International law for cyber-attacks on Intangible Cultural Assets. 

The key regulations for addressing frequent cyber-attacks on intangible cultural assets are rooted in International Humanitarian Law (IHL). Article 35 of Additional Protocol 1 (AP I) embodies the principle which primarily aims to mitigate suffering from the weapons of superfluous injury and is reinforced by key IHL principles: (a) proportionality, (b) distinction, and (c) military necessity. Considering the foundational nature of these IHL principles, it is reasonable to assert that disproportionate cyber-attacks on intangible cultural property of public significance are prohibited and forbidden, irrespective of the conflict’s nature.

In the realm of IHL regulations, a pressing issue is whether the definition of an ‘attack’ in AP 1 effectively applies to cyber-attacks targeting ICH. To meet the criteria for categorizing an act as an ‘attack’ under Article 49(1), it must demonstrate systematic action foreseeing harm or destruction to a person or object. However, uncertainty arises when considering cyber-attacks that affect the functionality of the targeted object without complete destruction. Many experts argue that any act requiring restoration of the affected system should be deemed an ‘attack.’ The International Committee of the Red Cross (ICRC) supports this broader interpretation, which could serve as a default rule for liability under other relevant conventions. In this reference, the Nicaragua judgment provides a pertinent reference for determining whether a specific act constitutes an ‘attack’ on ICH. The International Court of Justice (ICJ) mandates to consider the ‘scale’ and ‘effect’ of an act to assess its nature, which are thresholds for evaluating both qualitative and quantitative aspects. In conclusion, if a cyber-attack meets the required scale and effect criteria, it should qualify as an ‘attack,’ without a rational basis to exclude such cyber operations from this definition. Hence, if a state or non-state entity offers formal training to a group of hackers against another state, this action amounts to an ‘attack’ as defined by Article 49(1).

Defining an attack is the initial step in establishing liability and promoting clarity in the context of IHL conventions. The principles of the 1874 Brussels Convention which protects cultural property should be considered alongside with the 2003 UNESCO Convention. The term “practice and customs” in the UNESCO Convention encompasses oral traditions and knowledge, particularly the transfer of knowledge from one generation to the next, ensuring its continuity. They are also safeguarded under the International Labour Organisation Convention no. 169 and the UN Declaration on the Rights of Indigenous People. Similarly, The Hague Protocol of 1954, along with its subsequent additional protocols, constitutes a specialized framework dedicated to safeguarding tangible cultural heritage during times of armed conflict. Its primary objective is to ensure the protection of cultural property of significant importance to people. The criteria for determining the threshold of importance, however, remains a subject of debate, with prevailing scholarly opinion suggesting that individual states should be responsible for designating monuments of national significance. While some disparities exist between the 1954 Hague Convention, which emphasizes objects of great importance, and the later protocols, which refer to the safeguarding of ‘cultural and spiritual heritage,‘ the fundamental objective remains consistent, according to the ICRC.

In a parallel development, the 2003 UNESCO Convention shares similarities with the 1954 Hague Convention, particularly in offering appropriate protection to cultural property. This is evident in the preparation of nominations for the 2003 UNESCO Representative List of the Intangible Cultural Heritage of Humanity, mirroring the 1954 Hague Convention list and the 1972 World UNESCO lists. These lists serve as guidelines for state forces in preserving tangible cultural heritage. Given the shared historical monuments of public importance between the Hague Convention and these lists, a compelling argument can be made for similar protection of Hague convention to be extended to Intangible cultural properties featured on the 2003 UNESCO Representative List of Humanity’s Intangible Cultural Heritage. It recognizes the interdependence of intangible and tangible heritage within groups, advocating for integrated safeguarding that is consistent, mutually beneficial, and reinforcing.

Protection of Intangible Cultural Assets under International Criminal Law.

The application of IHL and ICL to digitalized cultural assets and cyber-attacks raises questions about the obligations placed on perpetrators, particularly when intangible cultural heritage is at stake. The nature of the armed conflict, whether international or non-international, is a key determinant. The delinquency persists that whether the acts of non-state armed groups can be accredited to the state. The “overall control” test, as established by the ICTY in the Tadic case, helps determine the state’s influence over non-state armed groups, making it possible to apply regulations related to international armed conflicts.

 Non-international armed conflicts (NIAC), generally involves government forces and non-governmental organized armed groups that are not affiliated with the state. Cyber-attacks can be categorized as a NIAC only if the organization is well-armed and has a sophisticated command structure for extended military operations. However, identifying the applicability of humanitarian law in NIAC is challenging due to state reluctance, rebel anonymity, and the need for territorial control, which cyber activities alone do not equate to. Additionally, the limitations of IHL in protecting cultural heritage in non-state actor conflicts and the exclusion of military necessity further restricts its application within NIAC. International Criminal Law could address these deficiencies, though its applicability to cyber-operations targeting intangible assets in NIAC is itself a subject of debate.

Resorting to International Criminal law is crucial since existing conventions lack specific offenses for proportionate criminal liability. ICTY’s Article 3(d) criminalizes destruction or damage to institutions of religion, charity, art, and science which was added in response to the bombardment of Dubrovnik’s UNESCO heritage site. The Rome Statute outlines war crimes related to cultural property but lacks a clear ‘cultural property’ definition, borrowing terminology from earlier Geneva and Hague conventions. In the Al-Mehndi trial, the chamber emphasized considering symbolic value and assessed offenses based on emotional distress, aligning with precedents set in the Blaskic and Kordic judgments, where intent played a crucial role linking cultural property to persecution.

The term ‘persecution’ involves deprivation of an individual’s rights due to their identity. However, the International Criminal Court (ICC) cannot prosecute persecution as a standalone crime, it must be coupled with other offenses. In this regard, it can be combined with “other inhuman acts causing great suffering” outlined in Article 7(1)(k).  A significant legal innovation can be found in the Al-Mehdi case, where the perpetrator argued that the destruction of cultural property did not meet the gravity threshold required for ICC jurisdiction. Former ICC prosecutor Fatou Bensouda emphasized that what was at stake was not just physical structures but also their profound religious and cultural significance. The prosecution went further to highlight the destruction of intangible heritage in Mali during a critical stage of the proceedings. This precedent is crucial as it represents a unique instance where a culprit was prosecuted for crimes against cultural property, rather than against a person.

To fulfil the requirements under Article 7(1)(k) for crimes against humanity, the prosecution must demonstrate the presence of additional inhuman acts that collectively cause significant mental or physical suffering. The term ‘other inhuman acts’ is rooted in the ICTR charter and is recognized in Customary International Law by ICTY in the Tadic case. Those act must have an adverse consequences to be considered as inhuman. Such acts causing mental distress or moral agony do not need to involve rape or murder; they could even include acts like apartheid or discriminatory legislation. An act can be classified as an ‘Inhuman Act’ even if it causes temporary unhappiness or humiliation. Applying the same criteria to the destruction of cultural heritage would certainly hold perpetrators accountable, as evidenced in the Al-Mehdi case where witnesses’ emotional suffering, akin to ‘temporal humiliation,’ was evident when they witnessed the destruction of a holy gate.

Similarly, Article 25 of the Rome Statute establishes criminal liability for wrongful acts, including war crimes through cyber-attacks that breach customary international law. Liability for cyber operations hinges on the presence of the required Mens Rea under Article 30, with crimes falling under dolus directus of I or II degree for intentional acts. In cases of organized destruction of intangible assets through cyber-operations, hacker groups can be held accountable when acting under a joint plan as per the jurisprudential adaptation by the ICTY and ICC. Accordingly, the Liability can be extended to planning, preparation, and control over the crime, not limited to physical presence of perpetrator during its commission. Planting malware and launching DDoS attacks on intangible assets can result in criminal responsibility which can be imposed on military commanders or heads of state ordering acts that destroy intangible property. Military status is not a prerequisite for liability, making it applicable to non-military hackers as well.  The suffering of the human population is relevant in assessing liability for intangible asset destruction, treated as a separate offense without additional severity requirements.

Conclusion

Contemporary debates around digital Intangible Cultural Heritage and its protective regime under the 2003 UNESCO Convention pose substantial questions for International Humanitarian Law, which is traditionally focused on tangible cultural property. Existing humanitarian regulations, on their own, lack the capacity to provide sufficient protection. They must work in conjunction with the Rome Statute and Tallinn Manual. This ‘legal grey zone’ gained prominence during the pandemic and the digital age, questioning how digital assets intersect with humanitarian regulations. As demonstrated earlier, regulations, especially in NIAC, require support from International Criminal and Human Rights Law to enhance protection and prevent the destruction of intangible assets, as seen in Iraq in 2003. Such issues can only be addressed through the combined application of IHL, the Rome Statute, and Human Rights treaties.

This blog concludes that the rise of digital cultural property introduces intriguing issues at the intersection of international human rights law, cultural heritage, and cyberspace. Given the fundamental human right of internet access and the right to cultural heritage, protections for digital cultural property may be derived not only from international humanitarian law but also from international criminal law. The use of criminal law frameworks could provide stronger safeguards for digital cultural resources during peacetime, raising intriguing issues related to personal privacy, national security, intellectual property ownership and the application of human rights.

Picture Credit: Artnet News