Connecting the dots between emerging tech and the DoD's new instruction on civilian harm mitigation
In December, at the premier U.N. venue for multilateral discussions on cyber, the International Committee of the Red Cross (ICRC) called on States to address cyber operations aimed at civilians and, additionally, to stop turning a blind eye to the participation of civilian hackers in armed conflict. On that first issue:
we are concerned with belligerents that are using cyber operations not only against their adversaries but also to target civilians. As a result, new risks arise for populations already enduring the horrors of war….
The statement goes on to explain the second issue. While not immediately relevant to this post but of great importance nonetheless, the ICRC is concerned with “the growing involvement of civilians – individuals, hacker groups, and companies – in digital operations related to armed conflicts.”
Disconnected from the ICRC’s statement, but not unrelated to its concern, in late December, the U.S. Department of Defense released the long-awaited Instruction 3000.17 on civilian harm mitigation and response CHMR).
What’s the DoD Instruction (DoD-I) got to do with new and emerging tech and the ICRC’s cyber statement at the U.N?
Potentially a lot.
I won’t critique the Directive, and I won’t go through all the tech-relevant aspects of the DoD-I. But, despite the word “cyber” not appearing in the DoD-I, the most obvious connection between the ICRC’s concerns and the DoD-I is that military operations—including cyber operations—must comply with the rules of IHL and the DoD-I to protect civilians. (A good thought-guide for States on how to go about doing this is the ICRC’s report “Avoiding Civilian Harm from Military Cyber Operations during Armed Conflicts.”)
Beyond a proscriptive relationship, the DoD-I positions technology as something that needs to be infused with civilian harm mitigation considerations as tools to proactively prevent civilian harm. It’s too soon to know how tech-related matters in the DoD-I will take shape, but it’s definitely not too soon to read a piece by my ICRC colleagues who proffered advice on where new and emerging tech can be used to mitigate civilian harm and when it might do the opposite by introducing risks.
To get a better sense of how the DoD-I talks about tech and civilian harm mitigation, here are few examples:
The Defense Technology Security Administration will need to consult “with the Military Departments and other technology release stakeholders to account for CHMR considerations in technology release policies and processes for international transfers that can improve ally and partner CHMR capabilities.”
The Under Secretary of Defense for Research and Engineering is responsible for advising “the CHMR Steering Committee regarding weapon systems, battlespace awareness, and mission command technologies, including existing and emerging technologies, that can be deployed across the joint force to enhance the DoD’s ability to mitigate and respond to civilian harm.”
Elsewhere in the DoD-I, though the word “technology” is not always spelled out, its presence is clear:
DoD components will need to “implement information collection and dissemination processes to enhance battlespace awareness of civilian population density, demographics, and dynamics, and of the locations and functions of civilian objects.” They’ll also need to “identify relevant potential capability improvements that further enable the discriminate use of force in different operational contexts, including by reducing risk to civilians and civilian objects while enabling the same or superior combat effectiveness.”
(Image captured from https://www.icrc.org/en/document/avoiding-civilian-harm-from-military-cyber-operations)