Statement by the International Committee of the Red Cross (ICRC), delivered by Véronique Christory, Senior Arms Adviser, at the Open-Ended Working Group on Information and Communication Technology in New York, 13 December 2023

STATEMENT 14 DECEMBER 2023

Ambassador Gafoor, excellencies, dear colleagues,

The International Committee of the Red Cross (ICRC) is grateful for the opportunity to address this sixth session of the Open-Ended Working Group.

We commend States for adopting an annual progress report earlier this year, which recommends States to continue to engage in focused discussions on how international law applies in the use of ICTs. This includes international humanitarian law.

The ICRC shares the concern of States about the continuing increase in incidents involving the malicious use of information and communications technology by State and non-state actors, in particular during armed conflict.

In our view, focused exchanges among States on the limits that IHL imposes on such operations are urgently needed.

We would therefore like to highlight two issues that we believe require particular attention by States in this working group.

First, we are concerned with belligerents that are using cyber operations not only against their adversaries but also to target civilians. As a result, new risks arise for populations already
enduring the horrors of war.

This means that life-saving hardware in hospitals risk becoming inoperable, power grids on which civilian lives depend are disabled, and data collected by
humanitarian organizations and used exclusively for humanitarian ends may become lost or unavailable.

In many instances, cyber operations do not result in physical damage but in disrupting or disabling digital infrastructure and services. This new, digital dimension can be addressed
through existing rules of international humanitarian law.

This requires, however, that the long-standing rules of IHL be interpreted and applied in ways that ensure adequate protection
for civilians, civilian infrastructure, and civilian data in our increasingly digitalized societies. Interpretations of IHL that focus solely on the protection of civilian objects against physical
damage are insufficient. In our view, exchanges among States on this issue are of great importance and urgency.

The second matter of serious concern for the ICRC, and which we believe this working group should focus on, is the growing involvement of civilians – individuals, hacker groups, and
companies – in digital operations related to armed conflicts.

The more civilians take part in military operations, and the more civilian infrastructure, such as civilian satellite communication or cloud infrastructure, is used for military purposes, the greater the risk of civilians and civilian infrastructure being targeted. This trend risks undermining the universally supported principle of distinction and must be reversed.

To this end, we call on States to stop turning a blind eye to the participation of civilian hackers in armed conflict. In addition, States and the tech sector should consider the potential risks that arise when civilian digital infrastructure is used for military purposes, and work towards a common understanding of limits on the military use of civilian digital infrastructure during armed conflicts.

In October this year, the ICRC Global Advisory Board on digital threats during armed conflicts released its Final Report, which outlined four guiding principles and 25 recommendations to protect civilians against such threats.

These principles and recommendations were developed jointly with a group of high-level leaders and experts from the legal, military, policy, technological, and security fields. We would like to draw delegates’ attention to this report and hope some of these recommendations can also inform the work of this group.

During the March session of next year, the ICRC will co-organize a side-event to discuss these guiding principles and recommendations.

Thank you.