The Law of Neutrality and the Sharing of Cyber-Enabled Data During International Armed Conflict

The question of the extent to which neutral States are allowed to share (cyber-enabled) data during international armed conflict has rarely been addressed by governments and academia. There are two reasons for this gap: first, States are traditionally reluctant to publicly discuss or internationally regulate sharing of information with partners. Second, the law of neutrality has become a niche discipline in the past years when major international armed conflicts (IAC) were often considered to be passe. However, in today's digitalized societies, information has acquired a value similar to physical goods. Supporting a belligerent with data may therefore be just as problematic from a neutrality perspective as delivering weapons. This paper discusses the important implications of the law of neutrality for neutral States to share data obtained in cyberspace. After introducing a neutrality framework that takes contemporary State practice into account, I illustrate that the discussions on neutrality in the context of the Russia-Ukraine war are neither new nor unaddressed. A short case study will outline the inherent tensions between a neutral State's impartiality and its preventive obligations. Weighing these two factors in the context of an interconnected, cyber-driven security landscape, I argue that during an IAC, a neutral has the ability, but not the obligation, to share certain information with selected partners. However, this does not include militarily actionable data, as such sharing would violate the neutral State's fundamental impartiality obligations.