This statement comes from an analysis of 2011 business transactions identified and reviewed by a little known interagency group called the Committee of Foreign Investment in the United States (CFIUS).  Created by President Ford in 1975 through Executive Order 11858, the Committee is charged with reviewing and “merger, acquisition or takeover . . . by or with any foreign person which could result in foreign control of any person engaged in interstate commerce in the United States.”  The Committee, chaired by the Secretary of the Treasury, may take any measure it deems appropriate to assure covered transactions do not threaten national security interests at home.

The opaque review process has led some to call for a more transparency to better guide foreign investors looking to acquire critical technologies in the United States.  In doing so, the Committee runs a serious risk of exposing vulnerable sectors of our nation’s economy.

Last fall, President Obama, in an unprecedented exercise of Presidential authority, ordered a Chinese firm to divest its interest in a wind farm project in Oregon.   Acting on a recommendation from CFIUS, the president cited national security concerns over the Ralls Corporation’s acquisition of property in near a U.S. Navy base used for training missions for drone aircraft.  In an equally unprecedented response, Ralls Corporation filed suit challenging the Presidential and CFIUS orders.  In February, The U.S. District Court for the District of Columbia dismissed all claims but one – Ralls argued the ruling constitutes a “taking” of property in violation of its due process rights under the Fifth Amendment.

Given the national security implications at stake, the court should deny Ralls’ request for insight into President Obama’s decision last fall.  Subsection C in Section 721 of the Defense Production Act of 1950 as amended by the Foreign Investment and National Security Act of 2007 (FINSA) explicitly exempts from the Freedom of Information Act all materials provided to the President for review for the purposes of CFIUS process.  This 2007 amendment to the Committee’s mandate leaves open the exception for review necessary for any judicial action; however, the president’s decision falls in line with stated criteria he may consider in his decision.

Subsection F of FINSA lays out certain criteria to be considered during the review process.  Specific factors include “domestic production needed for projected national defense requirements,” “the capability and capacity of domestic industries to meet national defense requirements,” relations between the host country in which the acquiring company is located, and “such other factors as the President or the Committee may determine to be appropriate.”

The proximity of the wind farm the U.S. Naval base directly conflicts with the ability of the Navy to conduct drone test flights away from prying eyes.  No one can argue that these flights do not comport with the Committee’s mandate for protecting “domestic production need[s] for projected national defense requirements.”  Furthermore, America is not shying away from Chinese foreign direct investment (FDI), but the reality of bi-lateral relations cannot be overlooked – China is after our technology.  Given the input of the Intelligence Community into the briefings and review process, the court should defer to the administration’s ruling.

Considered against the backdrop of the 2012 report to Congress, pulling back the curtain on evidence reviewed by CFIUS and the reasoning behind its findings would give a peak into what economic sectors and businesses the United States believes are vital to national security.  Explaining reasoning behind the Ralls ruling will please one company, but it may encourage a more focused targeting state-backed acquisition of businesses dealing with critical infrastructure.  CFIUS is an important regulatory check on the increasingly complex global marketplace that must balance foreign investment in technology with national security concerns.

As any news ticker will reveal, conventional arms are the mainstay of any country’s national defense, and unfortunately the tools of any conflict, uprising, atrocity, or drug and crime organization. Because of this, arms trade is big business, worth approximately $70 billion annually. According to the Stockholm International Peace Research Institute, the top three exporters in 2012 were the United States, Russia, and China at $8.8, $8, and $1.8 billion in trade respectively. In a comprehensive attempt to regulate this trade, Article 2 of the ATT covers nearly all conventional arms: battle tanks, armored combat vehicles, large-caliber artillery, combat aircraft, attack helicopters, warships, missiles and missile launchers, small arms, and light weapons. Additionally, Article 3 requires that countries create a national control system to regulate the export of ammunition for conventional arms under the same guidelines, and Article 4 requires the same guidelines for parts and components used to assemble conventional arms. Although the Bush administration did not support the ATT, preferring national controls over an international treaty, U.S. policy changed in 2009 under the Obama administration and now the U.S. appears to fully support the ATT (including a vote in favor on April 2). However, Russia and China are two notable and powerful abstentions from last week’s vote, and their ratification of the ATT seems unlikely in its current form.

The three countries who voted against the resolution were the Democratic People’s Republic of Korea (North Korea), Iran, and Syria; in fact, the resolution went to a vote because these three countries, already under seemingly ineffective arms sanctions, blocked its adoption through consensus. As the delegate from

France noted during general statements, the multilateral consensus that many abstaining countries wished for was essentially achieved with the exception of countries that were already in violation of international law. Needless to say, ratification of the ATT by these three countries should not be expected.

In voting against the resolution, North Korea and Iran argued that ATT Article 7 afforded an “imbalance” of power that favored exporting countries, fearing that the requirement to assess an importer’s human rights record would be used for political abuse and subjective discretionary judgment. Syria and North Korea objected strongly to the ATT’s lack of language banning weapons trade to unauthorized, non-State actors – a concern shared by Russia as well as many other countries on all sides of the debate. Iran and Syria, along with several abstaining countries, voiced apprehension that arms transfer to foreign occupiers or aggressors had not been prohibited. Lastly, China felt that not all of its concerns were met in the ATT draft, and regretted that an international treaty such as the ATT was not adopted by consensus – the latter expressed by other abstaining countries.

Without ratification by Russia and China, little practical effect will be seen on the flow of arms to countries which currently maintain a position on our government’s radar, notably Iran, North Korea, and Syria. Further, even with the full support of Russia and China, the trade of conventional and unconventional weapons amongst Iran, North Korea, and Syria appears to continue despite current sanctions and will undoubtedly continue regardless of the ATT. Until the ATT becomes ratified and enjoys implementation by a critical mass of countries around the world, arms trade will likely continue being business as usual in near future. The ATT does not remove weapons already owned, and there are far too many weapons presently in the hands of actors whom many countries, including the United States, would prefer otherwise. Nonetheless, the ATT is an essential step in the right direction. With time and increased international support, supplemental measures and amendments should build momentum towards achieving the goals set forth in the foundation of this historical treaty; ultimately improving the lives of individuals subjected to violence around the world and enhancing the security of countless nations including our own.

Presented by the American Constitution Society, LL.M. Student Board, and the National Security Law Brief

Thursday April 18, 2013

12:00-1:30pm, includes lunch

4801 Massachusetts Avenue, NW, Washington, DC 20016, Room 602

The United States’ expanding use of armed drones has sparked numerous discussions on the legality and ethical desirability of their use. Yet the discussions seem to be merely focusing on the nation’s current practice and less on other states that will surely be deploying the warfare technology in the near future. This panel will aim to shift the current debate on the use of drones by the US to the question of how increased use will impact the laws of war and our constitutional ideals.  To what extent can the US serve as a positive example for the international community with regard to using drones or has a precedent already been set? 

PANELISTS

• Joshua Foust (Moderator): Writer in international affairs (theatlantic.com, Registan.net, PBS Need to Know), former research Fellow at the American Security Project, former senior intelligence analyst for
  price of viagra

  the U.S. military.

• Nathan Sales: Assistant Professor of Law at George Mason University School of Law, former Deputy Assistant Secretary for Policy Development at the U.S. Department of Homeland Security.
• Stephen Vladeck: Professor of Law and Associate Dean for Scholarship, Washington College of Law, Senior Editor of Journal of National Security Law and Policy, Senior contributor lawfareblog.com, Chair-Elect of the Section on Federal Courts of the Association of American Law Schools, the Supreme Court Fellow at the Constitution Project, and a fellow at the Center on National Security at Fordham University School of Law.
• Benjamin Wittes: Senior Fellow in Governance Studies at the Brookings Institution, member of the Hoover Institution’s Task Force on National Security and Law, co-founder and editor in chief lawfareblog.com.

Specifically, license plate readers have the ability to read hundreds of license plates per minute and transmit that date to law enforcement officers. License plate readers alert law officers if the license plate corresponds with a vehicle that has been reported stolen, with a vehicle that’s registration has been suspended, or if the person to whom the vehicle is registered has an outstanding arrest warrant. Thus, law officers can stop vehicles that are suspected of being involved in terrorist or criminal activities without actually witnessing that activity. When used correctly, license plate readers can stop potential crimes before they happen; however, law officers must ensure this technology is used appropriately so as not to create a surveillance society.

There is a very real potential that law officers’ use of license plate readers could be unconstitutional. The International Association of Chiefs of Police noted that the technology could be used to infringe upon first amendment rights, such as using it with cars that are parked outside of places where known antiwar organizations are meeting, or could be used to sell the data to private firms, thus infringing on citizens’ right to privacy.

The American Civil Liberties Union is also very concerned over the potential infringements that license plate readers pose on personal liberties and individual privacy. Over the past few years, the ACLU has filed a number of suits against federal agencies to compel production of documents and information that has been procured by these surveillance technologies. The ACLU’s lawsuits were filed following the organizations failed requests for documents from the Department of Justice and the Department of Homeland Security under the Freedom of Information Act.

This lawsuit stems from the fear that license plate readers could be used to track individuals, as they record the time and location of hundreds of vehicles per minute. While one federal court reasoned the information sought by the ACLU would give criminals access to information that would allow them to circumvent police measures, license plate readers continue to present a threat to individual liberties and privacy. Further, the ACLU is concerned with the length of time law enforcement and government agencies keep the information gathered by license plate readers. Boston Police records show that information gathered by license plate readers is stored for 90 days, unless officers decide the information is necessary to keep for investigatory or intelligence purposes, thus allowing officers to keep this information for an indefinite period of time.

Thus, while license plate readers and other surveillance equipment serve an important national security function, allowing law officers to more easily apprehend suspected terrorists and criminals, this technology also has the very real possibility of infringing on civil liberties and constitutional rights. Governmental agencies need to take action to protect citizens’ rights while still protecting national security interests. Therefore, strict rules and regulations must be implemented to strike the appropriate balance for all interested parties.

The House Intelligence Committee will be debating the bill in closed sessions due to the possible discussion of classified information. But in an open letter to the House Intelligence Committee, the ACLU and several other privacy organizations urged the Committee to hold an open markup of the bill and post any considered amendments online for the public to read.

CISPA aims to defend US computer networks against hacking and cyber-attacks both foreign and domestic. The base bill, H.R. 624, states its goal as improving the sharing of information about cybersecurity between the intelligence  community and cybersecurity entities and encouraging the sharing of such information to improve defenses to potential attacks and response time in the event of an attack. The term “cybersecurity entities” is not defined under the bill, but it has been taken to mean internet and telecommunications providers, social media and email providers, as well as other entities that provide security and services for computing networks.

Several privacy groups are up in arms about the bill and are requesting that the House amend the bill to better protect privacy and limit government uses of information collected under CISPA. Many groups in the tech industry argued when the bill originally passed in the House that it was too far-reaching — it protected from prosecution or lawsuit any cybersecurity provider who provided information to the government for cybersecurity purposes. It also listed protection of intellectual property

as one of the ways the federal government could use information it gained access to under the law. Privacy advocates worried that the bill would authorize cybersecurity providers to remove content, block individuals’ access to certain sites or block their accounts entirely based on the information gained under the law.

In response to these privacy concerns, the newest version of the bill has changed in some significant ways. First, the new bill removes all reference to “intellectual property” in the bill. Importantly, this distinguishes the bill from SOPA and allays the fear that the law could be used to strengthen anti-piracy laws without anyone noticing. However, the bill still includes “investigation of cybersecurity crimes,” which are not defined in the bill. That phrase seems broad enough to cover piracy without  a specific limitation excluding it.

Second, a new amendment has been proposed that would permit lawsuits to be brought against the federal government for any violation of restrictions placed on the government’s use of information shared under the act. Proponents of the amendment explain that this will allow individuals recourse if their information is misused. However, there are two immediate problems with this solution. First, the amendment does not clarify who may bring a suit; is it the cybersecurity providers who may sue if the government uses the information they provide in a manner inconsistent with the law, or the individuals whose information was actually released? Second, an amendment allowing lawsuits for money damages against the government does not really create a strong enough deterrent if the government wants to access an individual’s information. Additionally, the bill still offers immunity from suit to providers who share information with the government under the law. This is a worrisome issue, because it means that users of services such as Gmail could have no recourse if Google decided to give their information to the government, as long as the government did not subsequently misuse that information.

Because the law is set up as a voluntary information-sharing program, private companies can decide whether and how much of their customers’ information to share with the government. But this kind of privacy information-sharing is not currently illegal, so why do we need new legislation to “encourage” it? This version of CISPA may be an improvement over the older version, but it still has several provisions that could be used to harm private security interests.

The AUMF is a joint resolution that was passed by Congress and signed by George W. Bush in response to the attacks on the United States during September 11, 2001. The resolution granted the President the power to use all “necessary and appropriate force” against those whom he determined “planned, authorized, committed or aided” the 9/11 attacks, or who harbored said persons or groups in order to prevent future attacks. This joint resolution was targeted towards al Qaeda in Afghanistan and the Taliban rulers who sheltered and aided the terrorists. AUMF was expanded in 2002 in the Authorization for Use of Military Force Against Iraq Resolution of 2002 to authorize military action against Iraq as well. This expansion had many justifications, one of which was the notion that al Qaeda groups were in Iraq.

Now, in our waning war against al Qaeda, many people believe that the AUMF must be expanded to include the ability for military action against new terrorist groups springing up in the wake of Al-Qaeda’s demise. Republican Sen. Bob Corker of Tennessee, a ranking member of the Senate Foreign Relations Committee, announced his plans this week to introduce legislation to expand AUMF to address these “new generation” terrorist groups. As a justification for this action he states that, “[f]or far too long, Congress has failed to fully exercise its constitutional responsibility to authorize the use of military force… I urge the committee to consider updating current antiterrorism authorities to adapt to threats that did not exist in 2001.” Advocates for the legislation are afraid of the legislative limits that have stayed stagnant as al Qaeda’s morphing organization has turned from a strong, centrally organized group to many separate franchises spread throughout the world, introducing new threats that cannot be fought within the current powers of the AUMF. The advocates for expansion do concede that some terrorist groups with ties to al Qaeda can be sufficiently brought into the scope of the AUMF as it currently stands. However, as the ties to al Qaeda get blurrier, so does the government’s legal standing to use military force.

Counter to these worries of an imminent threat to the U.S. from new emerging terrorist groups, opponents to the AUMF expansion ask to be shown where the threat actually lies. Opponents argue that AUMF was narrowly tailored to al Qaeda, the Taliban, and those who aided in attacks on the U.S. home front.  They point to the idea that in a time where we are about end our armed conflict with al Qaeda in the name of victory; expansion of AUMF shouldn’t even be on our minds. As well as to the fact that the only new terrorist group that has been found to have the intent and capacity to launch attacks on U.S. soil (al Qaeda in the Arabian Peninsula) falls clearly within the scope of the AUMF’s current authority. Expansion opponents believe this preemptive and sweeping military legislation to combat a faceless, future enemy would be counterproductive since there are already sufficient legal powers in place that give the government power to combat terrorist’s threats. There is no evidence these new terrorist groups will ever pose a threat to the U.S. and to impose new legislation would take the AUMF from a defensive role

to an offensive one, which could pose a threat to the international community’s stability.  The opponents stand behind the government’s use of military force in situations that merit such action, but find that the other side’s justifications for expanding the AUMF, as of this moment, fall short of such merits.

If and when the time comes, and a new terrorist group presents an imminent threat to the U.S., the President can ask for a narrowly tailored expansion of AUMF from Congress to specifically include the threatening group. However, to this day, there is no evidence of any such terrorist groups. So, in the end we have to ask ourselves, is a simple presupposition of danger without proof enough to expand and change the nature of already adequate legislation or is Sen. Corker correct in thinking that expansion is the only legal way to keep the U.S. safe from new terrorist threats?

Some recent editorials note that moving drone operations from the CIA to the DoD invokes the classic Title 10-Title 50 debate. These articles focus on the potential shift in oversight authority over drone strikes from the House and Senate Select Committees on Intelligence to the House and Senate Armed Services Committees and on whether the shift in authority will result in increased accountability and transparency. For instance, Wired’s Spencer Ackerman believes that although the DoD is “more likely” to grant Congress insight into its drone operations, little will change because “the important leverage points over the drones . . . are political, not institutional.” Slate’s Fred Kaplan is more optimistic, but hedges his bets on whether additional oversight will actually occur. Unfortunately, in an attempt to simplify the debate for their readers, some authors have misconstrued several key elements in the Title 10-Title 50 debate.

Scholars and practitioners use the term “Title 10 authority” as a catchall phrase to describe the legal authority for military operations. Unfortunately, the use of the term in this way is misleading because “Title 10 – Armed Forces” does not contain actual operational authorities; it merely describes the organizational structure of the Department of Defense. In fact, the U.S. military’s true operational authority stems from the U.S. Constitution and the President’s Commander-in-Chief power.

Like the term “Title 10 authority,” Title 50 authority is a misnomer. Title 50 is often referred to as the CIA’s authority to conduct its intelligence operations and covert actions –like drone strikes. Yet Title 50 of the United States Code is actually titled “War and National Defense.” Thus, it contains much more than just CIA authority. Military personnel can also act under Title 50 authority – a fact often overlooked in news articles and editorials. In fact, the DoD undertakes the majority of intelligence activities under Title 50 authorities.

Like moving drone operations from the CIA to the DoD, the Title 10-Title 50 debate is really about oversight and accountability, particularly congressional oversight.

Title 10 oversight lies with the House and Senate Armed Services Committees and the Executive Branch. In terms of operational oversight, it primarily consists of oversight over “traditional military activities.” Traditional military activities are undertaken: 1) By military personnel; 2) Under the direction and control of a United States military commander; and 3) related to ongoing hostilities where the fact of the U.S. role in the overall operation is apparent or to be acknowledged publicly.

With regard to drone operations, the keys aspects of this definition include who is undertaking the strikes and under what command structure; the strikes’ relationship to “ongoing hostilities;” and the level of secrecy involved. Current DoD drone operations in Afghanistan, for instance, would clearly fall under congressional oversight of traditional military operations. It is also clear that any CIA drone strikes would not fall under Title 10 oversight.

However, there are multiple scenarios in which DoD drone operations would not fall under Title 10 oversight. Given the conjunctive, three-part test defining a traditional military activity, drone operations 1) outside the context of ongoing hostilities, 2) under CIA command and control, or 3) not acknowledged publicly, would not be considered traditional military activities, regardless of whether military personnel piloted the drone and pulled the trigger. Therefore, the Obama Administrations’ impending decision to move drone operations from the CIA to the DoD may have several loopholes.

Indeed, these operations would likely be considered “covert actions” and held accountable to Title 50 oversight and accountability. A covert action is “an activity or activities of the United States Government to influence political, economic, or military conditions abroad, where it is intended that the role of the United

States Government will not be apparent or acknowledged publicly.”

Overall, Title 50 oversight may actually be more stringent, though less transparent, than Title 10 oversight. Drone operations classified as covert actions –whether undertaken by the CIA or the DoD- are subject to both a presidential finding and congressional notification requirement. Section 413(b) of Title 50 of the U.S. Code requires the President to keep the congressional intelligence committees “fully and currently informed” of all ongoing covert actions. It also requires the President to report his presidential finding to the intelligence committees “as soon as possible after such approval and before the initiation of the covert action.” However, in “extraordinary circumstances affecting vital interests of the United States,” this prior notification requirement can be limited to the so-called “Gang of Eight.” Although in these extreme cases the prior notification requirement is limited, it is important to note that, at least under the statutory authority, the President simply cannot refuse to notify Congress.

Ultimately, as many of the recent editorials note, any shift in the operational authority over drone strikes from the CIA to the DoD may have little practical effect. This posting explains that the intended increase in accountability and transparency may actually be prevented by the Title 10-Title 50 legal framework meant to provide congressional oversight over drone operations. This is because Congress’ Title 50 oversight functions are meant to provide limited, yet timely information for those operations that, if made public, would prove damaging to U.S. national security or foreign relations. In contrast, Congress’ Title 10 oversight is less stringent because did not envision the military engaging in ongoing hostilities against a global terrorist threat. Given the legal framework governing operational oversight, the Obama Administration might consider providing more transparency and accountability through regularly scheduled, voluntary briefings rather than shifting operational command and control.

On March 26, President Obama signed into law H.R.933, the Consolidated and Further Continuing Appropriations Act, to prevent a government shutdown. However, Section 516 of the Act contains a curious cyber-security provision barring NASA, the Justice and Commerce Departments and the National Science Foundation from purchasing any information technology systems, “produced, manufactured or assembled” by organizations, “owned, directed, or subsidized by the People’s Republic of China” unless the head of the purchasing agency consults with the FBI and determines that the purchase is “in the national interest of the United States”.   Although the provision went largely unnoticed in the immediate aftermath of the Act’s passage, it has drawn increasing scrutiny in recent days.  Section 516 is unique insofar as it is one of the first laws to specifically target the sale of Chinese produced information technology products to U.S. departmental agencies.  Also, it seems to be one of the first concrete steps taken by the Obama administration to address a critically vulnerable area, cyber-security.   However, the efficacy of the provision in protecting American cyber-security is dubious, and the motivations behind the inclusion of the provision more so.

First, and perhaps most importantly, the provision barely addresses American cyber-security vulnerabilities.  Second, the provision is largely an empty gesture.  The Obama Administration could easily decide that an “information technology ‘system’ is created whenever an English-language manual is shrinkwrapped to a Chinese-sourced router.  As long as the shrinkwrapping is done by an American contractor, the newly minted “system” might fall outside the scope of the law.” Third, the measure will likely do nothing to stop the steady stream of

Chinese cyber-attacks, but could do a great deal of economic harm to Chinese companies such as Lenovo, which provides information technology services to the United States military and NASA.  Indeed, in 2011, the United States imported almost $130 billion of “advanced technology products” from China, or roughly one-third of total advanced technology imports that year, a staggering amount which Section 516 will undoubtedly affect.  Moreover, American companies may also be inadvertently barred from selling their information technology products by Section 516 if their suppliers are directed or subsidized by the Chinese government.  Although Section 516 is a concrete step in addressing the basic issue of Chinese cyber-espionage, ultimately, this provision seems destined to offer little towards an actual solution to American cyber-security vulnerabilities.

However, the State Departments hands are tied when it comes to the security of its missions. Many people believe that the U.S. Marine Security Guards protect the mission compounds; however, the Guards’ primary mission is to protect the classified

material located in the compound. Instead, the U.S. missions rely upon security arraignments with the host country, or hire private contractors to protect the mission if host support is lacking. A 1990 law mandates that the State Department accept the lowest bid for private security contractors, which often leads to the hiring of thousands of guards based on how cheap they are rather than their quality of work.

The concerns over cost cutting were highlighted in the Benghazi attack where the February 17 militia, assigned to protect the mission, was insufficient and did not have the requisite skills and reliability to provide a reasonable level of security on a 24/7 basis for the eight-acre compound. Additionally, fifteen months prior to the Benghazi attacks, the heavily guarded U.S. Embassy in Pakistan had dozens of its local guards walk out for three days protesting the inadequacy of their pay, putting the security of the embassy at risk. Currently it is estimated that there are 30,000 local guards protecting 285 U.S. diplomatic missions worldwide. Two-thirds of posts that were surveyed about their security protection reported problems with the private security guards, such as absenteeism and high turnover rates.

Before Secretary Clinton left her post, she urged Congress to change the law that requires that security contracts be awarded on a “lowest price” basis.  However, changing the law would increase the cost of diplomatic security, an issue that would be difficult to pass in budget conscious Washington. Nevertheless, Congress recently passed a bill that allowed the State Department flexibility in hiring local guards for hostile or high-risk areas, such as Afghanistan and Pakistan, based on a best-value analysis, rather than lowest-cost, but that provision expires in the end of September.

Additionally, in February, the Senate approved legislation that would allow the State Department to transfer roughly $1.1 billion to improve security at U.S. embassies. Unfortunately, Congressional Democrats argue that the automatic spending cuts known as the sequester would cut $168 million from the State Department’s “Worldwide Security Protection” and “Embassy Security, Construction and Maintenance” accounts, which received roughly $2 billion in fiscal year 2012. The Department has asked for $2.4 billion for fiscal year 2013. The Worldwide Security Protection funding supports the funding for local guard units at diplomatic missions and residences.

As former Secretary of Defense Gates noted in 2009, it is in the security interests of the United States to have a well-funded State Department, as they are often the first line of defense in protecting the United States and its interests. An inadequately funded security department, combined with “lowest price” security hiring, places the U.S. diplomatic corps in danger of other attacks along the lines of Benghazi.

The lack of a comprehensive regime to govern transfers and use of drone technology is problematic for both the law of war and the national security generally. Despite the debate regarding the legality of targeting, the law of war permits targeting of civilians who directly participate in hostilities for the duration of their participation. References to this doctrine are found either explicitly or implicitly in defining the scope of civilian protection in the Geneva Conventions of 1949 and the Additional Protocols One

and Two. Direct participation in hostilities usually takes the form of civilians engaging in attacks with conventional weapons or perpetrating terrorist attacks in an area governed under the laws of war.

The proliferation of drone technology opens a new avenue for participation in two ways: hacking or fielding drones. Drones, as with any other piece of technology that relies on wireless signals to operate, are vulnerable to hacking attacks, a fact demonstrated by students in the US. With the ability to hack drones, it is possible in the not too distant future that a civilian could pilot a drone into a military camp or a crowded street by fooling its guidance signal and video feed.

Assuming interest and demand for drones rises, it is a certainty that drones and the technology to build them will appear on the black market if it has not already. The transnational black market for arms is both virtual and extensive in its offerings. Yet numerous arms deals occur without any online trail. The increase in civilian use of drones, coupled with continual research and development of military models will ensure future black market venders could provide more compact lethal models for terrorists and organized crime. Even if more lethal models are currently unavailable on the black market, civilian models can always be repurposed.

The potential for either remotely sabotaging or employing repurposed civilian drone models provides a platform previously unavailable for civilians to attack soldiers or commit terrorist attacks. The use of drones would effectively allow civilians to launch attacks from neighboring countries without ever personally entering a combat zone. Countering these individuals with armed force opens a host of legal problems relating to the sovereignty of States, law of neutrality in armed conflict, and domestic questions of the legality of force against nationals. Efforts to prosecute individuals engaging in the use of drones to launch attacks from other countries would likely be an ineffective deterrence because of the lengthy legal process required for such. It is also possible the countries being asked to extradite such individuals lack the ability to locate and arrest those individuals in a timely manner.

Those attempting to hack a drone, depending on their location, could effectively render them useless. Insurgents in Iraq, utilizing a $26 computer program, were able to monitor information feeds from US drones, in effect creating an early warning system to evade them.  Al Qaeda has used even published a manual on how to evade drones and released it online, allowing such knowledge to proliferate. Countermeasures could be taken to ensure hacking is more difficult by adding certain features, but it is questionable whether such measures would accompany a legal regime designed to make drones more secure generally.

Bilateral agreements, the Wassenaar Arrangement, and the Missile Technology Control Regime (MTCR) collectively govern transnational drone transfers. These voluntary agreements have not stemmed the proliferation of drones as other countries have developed or are developing their own models. Neither the MTCR nor the Wassenaar Arrangement directly address the proliferation of drone technology per se, but address them either as a means of missile delivery or dual use technologies employed by drones.  Ironically, the US has sold drone technology, increasing the rate in which this technology proliferates.

The proliferation of drone technology cannot be reversed. What is needed is a binding international regime to regulate their use and measures to incorporate cybersecurity practices into security the global positioning satellite technology drones use to navigate. Anything less leaves the law hopelessly behind technology.