“If the injustice is part of the necessary friction of the machine of government, let it go, let it go: perchance it will wear smooth — certainly the machine will wear out . . . but if it is of such a nature that it requires you to be the agent of injustice to another, then I say, break the law. Let your life be a counter-friction to stop the machine.”
— Henry David Thoreau
“The fact that it is illegal is in itself an affront to the government it seeks to challenge.”
— Jean René Santiago Cruz
Social protests have taken a new direction. Rather than occupying streets, squares, and buildings, anonymous activists and organizations seeking political change are now attacking and hacking servers and websites. Cyber attacks have transformed social protest, aligning themselves with on-going sociopolitical struggles to exercise direct action against governments and their associates. These cyber protests, commonly termed Operations, can be performed from anywhere in the world — an international phenomenon that no border can control.
The Internet can be used to steal confidential information, to cripple another country’s infrastructure, to disrupt military plans, and to suppress operations and uprisings. The destructive potential of the Internet in an increasingly digital age generates unique concerns for both States and citizens, but used strategically, it is a powerful tool to the very physical violence applied liberally by oppressive States. The illegal nature of cyber attacks, characteristic shared with acts of civil disobedience, forms part of its effectiveness — their illegality should not be confused with injustice for it is justice it usually fights for.
On Monday, March 28, 2016, seventeen Angolan activists were jailed on charges of plotting a rebellion against the Angolan government and Jose Eduardo dos Santos, president of Angola since 1979. Amnesty International urged the Angolan government to release the peaceful campaigners and to refrain from unjustly silencing dissenting views. Only two days later, twenty Angolan government websites were rendered inaccessible due to an Anonymous Portugal’s cyber attack, claiming that the hack was in retaliation to the unjust sentencing of the activists.
A cyber weapon may also be employed to leak confidential information, which can, in effect, generate the necessary conditions for massive social protest. An example would be the Panama Papers, where more than 11 million files were leaked,exposing “the myriad ways in which the rich can exploit secretive offshore tax regimes.” The Panama Papers represent one of the biggest data leaks in history — and they are already having a direct effect in a number of States. The leaked data include the disclosure of a secret offshore company of the wife of Iceland’s Prime Minister, Sigmundur Davíð Gunnlaugsson. The documents show that through this offshore company, Gunnlaugsson was a creditor to three of Iceland’s failed banks, while at the same time, he had negotiated a compromise with the creditors of Iceland’s failed banks in his role as Prime Minister. As a result, more than 10,000 protesters gathered outside of the Parliament in Reykjavik, pressuring Gunnlaugsson to step down. In fact, on April 5, 2016, the Prime Minister left office.
Cyber weapons have become the newest — and possibly the most effective — social protest tool, and in an era where technology has become widely accessible to even the most remote corners of the world, the Internet serves as a vital platform for sharing news and information, with over three billion users worldwide. Groups like Anonymous have relied on malicious attacks over the Internet, such as DDoS (Distributed Denial of Service) attacks, for their hacktivism.
However, cyber weapons, are precisely that, weapons. Their purpose depends on who wields them. These weapons are not exclusively utilized to promote a sense of justice, and neither are they being used solely by independent groups. Perhaps you have experienced a malicious cyber-operation first hand; your credit card number may have been stolen and used on a purchase hundreds of miles away or to extract cash from an ATM. Even worse, you may have experienced personal information such as a social security number taken from you to create a false ID for illicit purposes. You may also have simply been unaware that the website that you most frequently visit was disrupted due to a massive cyber attack.
On October 2016, half of the Internet in the United States and in certain areas of Europe was shut down by a DDoS attack. The attack disrupted the Dyn, Inc. DNS Servers, which are responsible for providing service to popular websites like Twitter, Spotify, and Reddit, amongst many others. The attack is believed to be the largest cyber attack in history. Although the real perpetrators of the attack are yet unknown, it is believed that possible “amateur hackers” were behind the it, using the Mirai IoT botnet, a type of malware designed to remotely control other computers.
More often than not, little to no information can be retrieved regarding the identity of individuals who steal digital property. Moreover, authorities often cannot help individuals stop the use of their information without access to the expensive, latest generation law enforcement tools capable of addressing increasingly common digital threats. This underscores the importance of knowing and understanding how the cyberspace we use works. The number of people around the world relying on technology for their daily tasks is steadily growing, yet we understand very little about how the technologies we use function. The technological illiteracy of common citizens and even some law enforcement is used to the advantage of hackers, such as Anonymous, who have exploited this weakness to commit malicious cyber operations. At the moment, there are no solid plans of action to stop or mitigate such attacks.
The fact that these attacks are performed in cyberspace has implications for International Law. Attacks on governmental infrastructures, such as the ones suffered by Estonia in 2007, have given rise to efforts to elaborate on the application of International Law in the cyber context. The Tallinn Manual, for example, has become a well-regarded treatise on the International Law applicable to cyber attacks. The manual was developed by an international group of experts, comprised of individuals from various intelligence agencies around the world who have dealt with the subject in the course of their careers. It is an international effort to interpret existing International Law to allocate and attribute responsibility to States when individuals, entities, or government themselves are harmed by such attacks.
Cyber attacks are borderless crimes, yet they have surged as an effective tool to create and promote true sociopolitical change. Their anonymous and decentralized nature has given a strong voice to many who remain marginalized and voiceless. However, they are a double-edged sword. Some actors often use them to cause serious damage to individuals and States alike. The production of international legal tools, such as the Tallinn Manual, is necessary to establish a rule of law regime in an otherwise lawless area, in order to promote a collective international effort to protect States and citizens from potential and actual harm. Cyber attacks are a mechanism that can be used to harm or to benefit a collective — we hope it is used for the latter, and that the international community as a whole contributes to making that happen. Consensus on promoting that noble purpose, however, is complicated by the fact that social protest implies a schismatic relationship between individuals and governments, and where an individual may see a benefit to the collective, or the promotion of social justice, the State sees dangerous dissidence to be suppressed by violent means.
Revolutionary movements throughout history have ordinarily been preceded by acts of civil disobedience. In a constantly evolving cyber world, cyber activism wears the badge of contemporary civil disobedience through the exploitation of cyber security boundaries, which serves to further highlight how the most important information-sharing platform of our time has its limits and flaws. But those exploited flaws have a silver lining, because every day we have access to more and better information, and some of the most important revelations of recent times have been made possible thanks to the illegal taking or leaking of information over the internet. Even today, social activism — now in the form of cyber attacks — has paved, and is paving, the way for fundamental changes in our history.
 Operation Tunisia, Operation Libya, Operation Bahrain, Operation Morocco, Operation Egypt, Operation Payback, Operation Ferguson, see http://www.newyorker.com/magazine/2014/09/08/masked-avengers
 A Distributed Denial of Service (DDoS) occurs when a server deliberately receives more traffic than it can handle, usually from fake or duplicated IP addresses. The server, in order to protect itself, shuts down and causes the website it hosts to go offline.
 Large DDoS attacks cause outages at Twitter, Spotify, and other sites https://techcrunch.com/2016/10/21/many-sites-including-twitter-and-spotify-suffering-outage/
 Flashpoint: Friday’s DDoS attacks were likely conducted by amateur hackers https://www.yahoo.com/news/friday-ddos-attacks-were-likely-220308971.html?ref=gs
 Michael N. Schmitt, Tallinn Manual on the International Law Applicable to Cyber Warfare (Gen. ed. 2013).
 Id. at Introduction, p.9.