Veriden Yıkıma: Büyük Veri Saldırılarının Hukuki Zorlukları

Year 2025, Issue: 30, 75 - 108, 28.07.2025

Berkant Akkuş

Abstract

Teknolojinin hızlı gelişimi büyük olumlu sonuçlar doğurmuş olsa da, bu tür faydalar teknolojinin uygunsuz kullanım tehdidiyle gölgelenmektedir. Siber saldırılarla ilgili olaylar, silahlı kuvvet ve meşru müdafaa hakkı konusundaki geleneksel uluslararası hukuka meydan okumaktadır. Bu çalışma, mevcut yasal çerçevenin siber operasyonlara nasıl uygulandığını ve bu durumun ortaya çıkardığı zorluklar ile sorunları ele alarak bu konuyu eleştirel bir şekilde değerlendirmektedir. Çalışma, siber operasyonların hangi koşullar altında kuvvet kullanımı olarak değerlendirilebileceğini ve meşru müdafaa hakkını doğurduğunu araştırmaktadır. Büyük veri saldırılarına atıfta bulunarak, yeni bir uluslararası hukuk aracı uygulama fikrinin çekici bir çözüm gibi görünse de, aslında düzelttiğinden daha fazla sorun yaratacağını savunmaktadır. Buna göre, silahlı kuvvet bağlamının ötesinde var olan büyük veri saldırıları, makul bir şekilde silahlı kuvvet eşiğine ulaştığı düşünülemez. Ayrıca, mevcut yasal çerçevenin siber operasyonlara genişletilmesi, zorluklar barındırsa da, şu ana kadar sorunlardan çok fayda sağlamıştır. Mevcut sorunların, pratik durumlar ortaya çıktıkça kademeli olarak çözüleceği öngörülmektedir.

Keywords

Siber operasyonlar, büyük veri saldırıları, kuvvet kullanımı, uluslararası hukuk

FROM DATA TO DESTRUCTION: THE LEGAL CHALLENGES OF BIG DATA ATTACKS

Abstract

The rapid development of technology has produced hugely positive outcomes, yet such benefits are placed in the shadow of the threat of the inappropriate use of technology. Incidents involving cyber-attacks have posed challenges to traditional international law on armed force and the right to self-defence. This study critically evaluates this issue, with focus on how the existing legal framework applies to cyber operations, and the challenges and issues that this gives rise to. The study explores the conditions under which cyber operations amount to a use of force giving rise to the right to use force in self-defence. With reference to big data attacks, the study argues that while the notion of implementing a new international legal instrument may appear to be a promising solution, it promises to create more problems than it remedies. Accordingly, big data attacks that exist beyond the armed force context cannot be reasonably deemed to reach the threshold of armed force. Furthermore, the extension of the existing legal framework to cyber operations, although it is not without challenges, has thus far proven more beneficial than problematic. It is predicted that existing issues will be gradually resolved as practical situations arise.

Keywords

Cyber operations, big data attacks, use of force, international law

Ethical Statement

There is no requirement of Ethics Committee Approval for this study

References

• Barkham J, ‘Information Warfare and International Law on the Use of Force’ (2001) 34 NYUJ Int’l L. & Pol. 57
• Batinga J, ‘Reconciling the Global North-South Divide on the Use of Force: Economic Coercion and the Evolving Interpretation of Article 2(4)’ (2024) 41 Wis. Int’l LJ 103
• Bell AM, ‘Using Force against the Weapons of the Weak: Examining a Chemical-Biological Weapons Usage Criterion for Unilateral Humanitarian Intervention under the Responsibility to Protect’ (2013) 22 Cardozo J. Int’l & Comp. L. 261
• Boer LJ, ‘Restating the Law as It Is: On the Tallinn Manual and the Use of Force in Cyberspace’ (2013) 5 Amsterdam LR 4
• Brunnee J, ‘The Security Council and Self-Defence: Which Way to Global Security?’ in The Security Council and the Use of Force (N Blokker & N Schrijver eds, OUP 2005)
• Buchan R and I Navarrete, ‘Cyber espionage and international law’ in Research handbook on international law and cyberspace (N Tsagourias & R Buchan eds, Edward Elgar Publishing 2021)
• Cassese A, International Law (2nd edn, OUP 2005)
• Check T, ‘The Tallinn Manual 2.0 on Nation-State Cyber Operations Affecting Critical Infrastructure’ (2022) 13 Nat’l Sec. L. Brief 1
• Clark, D & S Landau, ‘Untangling Attribution’ in Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for US Policy (National Research Council 2010)
• Coco A, T Dias and T Van Benthem, ‘Illegal: The SolarWinds hack under international law’ (2022) 33 European Journal of International Law 1275
• Constantinou A, The Right of Self-Defence under Customary International Law and Article 51 of the UN Charter (Sakkoulas 2000)
• Corn G & E Jensen, ‘The use of force and cyber countermeasures’ (2018) 32 Temp. Int’l & Comp. LJ 127
• Derian-Toth G, R Walsh, A Sergueeva, E Kim, A Coon, H Hadan & J Stancombe, ‘Opportunities for public and private attribution of cyber operations’ (2021) 12 Tallinn Paper Series 8
• Devins C, T Felin, S Kauffman, R Koppl, ‘The Law and Big Data’ (2017) 27 Cornell Journal of Law and Public Policy 363
• Dinniss HH, Cyber Warfare and the Laws of War (CUP 2012)
• Dinniss HH, ‘The nature of objects: Targeting networks and the challenge of defining cyber military objectives’ (2015) 48 Israel Law Review 39
• Dinstein Y, War, Aggression and Self-Defence (CUP 2010)
• Dobinson I & F Johns, ‘Legal research as qualitative research’ in Research methods for law (M McConville & WH Chui eds, 2nd edn, Edinburgh University Press 2017)
• Efrony D & Y Shany, ‘A rule book on the shelf? Tallinn manual 2.0 on cyberoperations and subsequent state practice’ (2018) 112 American Journal of International Law 583
• Eichensehr KE, ‘Not illegal: The SolarWinds incident and international law’ (2022) 33 European Journal of International Law 1263
• Focarelli C, ‘Self-defence in cyberspace’ in Research handbook on international law and cyberspace (N Tsagourias & R Buchan eds, Edward Elgar Publishing 2021)
• Foltz A, ‘Stuxnet, Schmitt Analysis, and the Cyber ‘‘Use-of-Force’’ Debate’ (2012) 67 Joint Force Quarterly 40
• Gill TD, ‘The temporal dimension of self-defence: Anticipation, pre-emption, prevention and immediacy’ (2006) 11 Journal of Conflict and Security Law 361
• Green JA, ‘The ratione temporis elements of self-defence’ (2015) 2 Journal on the Use of Force and International Law 97
• Gunatileka S, ‘“Big Data Breaches”, sovereignty of states and the challenges in attribution’ (2024) 5 University of Colombo Review 104
• Hayward RJ, ‘Evaluating the Imminence of a Cyber Attack for Purposes of Anticipatory Self-Defence’ (2017) 117 Colum. L. Rev. 399
• Hernandez G, International Law (OUP 2019)
• Hollis DB & TJ Van Benthem, Threatening Force in Cyberspace (Temple University Legal Studies Research Paper 2021)
• Jensen ET, ‘Computer attacks on critical national infrastructure: A use of force invoking the right of self-defence’ (2002) 38 Stan. J. Int’l L. 207
• Kilovaty I, ‘Attacking Big Data as a Use of Force’ Big Data and Armed Conflict: Legal Issues Above and Below the Armed Conflict Threshold (L Dickinson & E Berg eds, Vol. 9, OUP 2024)
• Koh H, ‘International Law in Cyberspace: Remarks as Prepared for Delivery by Harold Hongju Koh to the USCYBERCOM Inter-Agency Legal Conference Ft. Meade, MD, Sept. 18, 2012’ (2012) Harvard International Law Journal Online 54
• Kretzmer D, ‘The inherent right to self-defence and proportionality in jus ad bellum’ (2013) 24 European Journal of International Law 235
• Kumar D, ‘Interpretation of International Law under the Tallinn Manual(s)’ (2021) 3 Indian JL & Legal Rsch. 1
• Lavania A, ‘The Need to Fill Legal Vacuum in International Law to Deal with Non-State Actors in Cyber Operations’ (2022) 5 Int’l JL Mgmt. & Human. 462
• Lin HS, ‘Offensive cyber operations and the use of force’ (2010) 4 J. Nat’l Sec. L. & Pol’y 63
• Lubell N, Extraterritorial Use of Force Against Non-State Actors (OUP 2010)
• Marelli M, ‘The SolarWinds hack: Lessons for international humanitarian organizations’ (2022) 104 International Review of the Red Cross 1267
• Melzer N, Cyberwarfare and International Law (Policy Commons 2011)
• Motoyoshi Y, ‘The Legal Framework of the ‘Unwilling or Unable’ Theory and the Right of Self-Defence against Non-State Actors’ (2021) 37 Nihon University Comparative Law 25
• Nguyen R, ‘Navigating jus ad bellum in the age of cyber warfare’ (2013) 101 Calif. L. Rev. 1079
• O’Meara C, Necessity and Proportionality and the Right of Self-defence in International Law (OUP 2021)
• Osula AM, A Kasper & A Kajander, ‘EU common position on international law and cyberspace’ (2022) 16 Masaryk University Journal of Law and Technology 89
• Palleti VR, S Adepu, V Mishra & A Mathur, ‘Cascading effects of cyber-attacks on interconnected critical infrastructure’ (2021) 4 Cybersecurity 1
• Pipyros K, C Thraskias, L Mitrou, D Gritzalis & T Apostolopoulos, ‘A new strategy for improving cyber-attacks evaluation in the context of Tallinn Manual’ (2018) 74 Computers & Security 371
• Pradeep MD, ‘Legal Research-Descriptive Analysis on Doctrinal Methodology’ (2019) 4 International Journal of Management, Technology and Social Sciences 95
• Radziwill Y, Cyber-attacks and the exploitable imperfections of international law (Brill 2015)
• Reyes P, ‘Self-Defence against Non-State Actors: Possibility or reality?’ (2021) 9 Revista Facultad de Jurisprudencia 151
• Roscini M, ‘Threats of armed force and contemporary international law’ (2007) 54 Netherlands International Law Review 229
• Roscini M, Cyber operations and the use of force in international law (OUP 2014)
• Schmitt MN, ‘Cyber operations and the jud ad bellum revisited’ (2011) 56 Vill. L. Rev. 569
• Schmitt MN, ‘The notion of ‘objects’ during cyber operations: A riposte in defence of interpretive and applicative precision’ (2015) 48 Israel Law Review 81
• Schmitt MN, ‘Computer network attack and the use of force in international law: Thoughts on a normative framework’ in The Use of Force in International Law (T Gazzini ed, Routledge 2017)
• Schmitt MN, Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations (CUP 2017)
• Schmitt MN, ‘Big Data: International Law Issues Below the Armed Conflict Threshold’ in Big Data and Armed Conflict: Legal Issues Above and Below the Armed Conflict Threshold (L Dickinson & E Berg eds, Vol. 9, OUP 2024)
• Schmitt MN & S Watts, ‘Beyond state-centrism: International law and non-state actors in cyberspace’ (2016) 21 Journal of Conflict and Security Law 595
• Shackelford SJ, ‘From nuclear war to net war: Analogizing cyber attacks in international law’ (2009) 27 Berkeley J. Int’l Law 192
• Shaw MM, International Law (7th edn, CUP 2014)
• Simma B, DE Khan, G Nolte & A Paulus, The Charter of the United Nations: A Commentary (4th edn, OUP 2024)
• Simmons N, ‘A Brave New World: Applying International Law of War to Cyber-Attacks’ (2014) 4 Journal of Law & Cyber Warfare 42
• Stahn C, ‘Terrorist Acts as Armed Attack: The Right to Self-Defense, Article 51 (½) of the UN Charter, and International Terrorism’ (2003) 27 The Fletcher Forum of World Affairs 35
• Symon P, A Tarapore, ‘Defense Intelligence Analysis in the Age of Big Data’ (2015) 79 Joint Force Quarterly 5
• Tsagourias N, ‘Non-State Actors and the Use of Force’ in Participants in the International Legal System: Theoretical Perspectives (J D’Aspremont ed, Routledge 2011)
• Tsagourias N, ‘The Tallinn Manual on the International Law Applicable to Cyber Warfare: A Commentary on Chapter II—The Use of Force’ (2012) 15 Yearbook of International Humanitarian Law 19
• Tsagourias N, ‘Cyber attacks, self-defence and the problem of attribution’ (2012) 17 Journal of Conflict and Security Law 229
• Uniacke S, ‘The condition of last resort’ in The Cambridge handbook of the just war (L May ed, CUP 2018)
• Withers P, ‘Do we need an effects-based approach for cyber operations?’ in Research Handbook on Cyberwarfare (T Stevens & J Devanny eds, Edward Elgar Publishing 2024)
• Yoo J, ‘Using force’ (2004) 71 University of Chicago Law Review 729
• Ziolkowski K, Stuxnet: Legal considerations (NATO Cooperative Cyber Defence Centre of Excellence 2012)
• International Criminal Court, Report of the Special Working Group on the Crime of Aggression, ICC-ASP/7/ SWGCA/2 (2009)
• US Department of Defense, An Assessment of International Legal Issues in Information Operations (FAS 1999)
• United Nations Security Council (UNSC) Res 1373 (28 September 2001) UN Doc S/RES/1373
• United Nations Security Council (UNSC) Res 1368 (12 September 2001) UN Doc S/RES/1368
• Judgements
• Armed Activities on the Territory of the Congo (Dem. Rep. Congo v Rwanda) (2006) ICJ 6
• Bosnia and Herzegovina v Serbia and Montenegro (2007) ICJ 2
• Caroline v United States, 11 U.S. 496 (1813)
• Gabcikovo-Nagymaros Project (Hungary v Slovakia) (1997) ICJ 692
• Legal Consequences for States of the Continued Presence of South Africa in Namibia (South West Africa) notwithstanding Security Council Resolution 276 (1970), Advisory Opinion (1971) ICJ Reports 1971
• Legal Consequences of the Construction of a Wall in the Occupied Palestinian Territory (2004) ICJ Rep 28
• Legality of the Threat or Use of Nuclear Weapons, Advisory Opinion, 1996 I.C.J. 226
• Military and Paramilitary Activities in and against Nicaragua (Nicaragua v USA) (1986) ICJ Rep 14
• Oil Platforms Case (Islamic Republic of Iran v United States of America) (2003) ICJ Rep 4
• Prosecutor v Dusko Tadic (1999) ICTY Appeals Chamber, IT-94-1-A