Archives for April 2019

U.S. Department of Justice Publishes White Paper on the Cloud Act

April 12, 2019 by Bruce Zagaris Leave a Comment

On April 10, 2019 the U.S. Department of Justice announced the public release of a white paper on the Clarifying Lawful Overseas Use of Data Act (CLOUD Act). Enacted in March 2018, the Act updates the legal framework for how law enforcement authorities may request electronic evidence required to protect public safety from service providers while respecting privacy and foreign sovereignty.

Deputy Attorney General Rod Rosenstein promises the DOJ will be proactive in working, both in the U.S. and abroad, to promote greater understanding and appreciation of what the CLOUD Act does.

The CLOUD Act has two distinct parts. First, the Act authorizes the U.S. to enter into bilateral agreements to facilitate the ability of trusted foreign partners to obtain the electronic evidence they required to fight serious crime. To qualify under the Act, a partner country must adhere to baseline rule-of-law, privacy, and civil liberties protections. Through bilateral agreements, each country would agree to lower the legal barriers that prevent their communication service providers from complying with qualifying lawful orders for electronic data issued by the other country. By lowering legal barriers, each country could serve its legal process, such as search warrants, directly on the providers of the other country, significantly increasing the speed and efficiency compared with existing methods of transferring electronic evidence.

Second, the CLOUD Act sets forth in U.S. law the principle – longstanding in both the U.S. and in many foreign countries, that a company subject to U.S. jurisdiction can be required to produce data within its custody and control, regardless of where it chooses to store that data at any point in time. This was a key issue in United States v. Microsoft Corporation, No. 17-2, a case argued before the Supreme Court on February 27, 2018 This provision simply codified what had been the law and practice prior to the 2016 Microsoft decision by a court of appeals, and ensured that the U.S. continued to be in compliance with its obligations under the Budapest Cybercrime Convention, which requires all member states to have the power to compel providers in their territory to disclose electronic data in their control, no matter where stored. The CLOUD Act provision did not change whether or not a provider is subject to U.S> jurisdiction, nor did it provide U.S. law enforcement any new authority to acquire data.

The Act formalizes the process for companies to challenge a law enforcement request. The Act imposes certain limits and restrictions on law enforcement requests to address privacy and civil liberty concerns.

The DOJ compiled the white paper with the input of components cross the DOJ, including attorneys from the Criminal Division and the National Security Division. The white paper discusses the interests and concerns that prompted the enactment of the CLOUD Act and provides a distillation of the effect, scope, and implications of the Act, as well as answers to frequently asked questions.

On April 5, 2019, Deputy Assistant Attorney General Richard W. Downing delivered remarks at the Academy of European Law Conference on “Prospects for Transatlantic Cooperation on the Transfer of Electronic Evidence to Promote Public Safety” in London, United Kingdom He said at the start of his remarks that, since it was enacted last March 2018, the CLOUD Act has, unfortunately, been the subject of many misconceptions, and is viewed by some with suspicion. That may not be surprising, given the complexity and technicality of some of the issues involved. Downing continued that “one particularly inaccurate statement about the Act being made in some circles is that it is a U.S.-centric law designed solely to serve U.S. interests and U.S. needs. “ Downing said that in fact the impetus for the CLOUD Act came from our foreign law enforcement partners, who expressed a need for increased speed in obtaining evidence held by U.S. providers – evidence which is normally obtained through the Mutual Legal Assistance Treaty – or “MLA” – process.

The current issue of the IELR will have additional discussion of the white paper on the CLOUD Act and its implications.

Arrested and Awaiting Potential Extradition, Julian Assange Set to Face Judgement

April 11, 2019 by Alex Psilakis Leave a Comment

On April 11, 2019 WikiLeaks co-founder Julian Assange was arrested at the Ecuadorian embassy in London. Upon Ecuador’s invitation, British authorities entered the embassy and detained Assange, charging him with failure to surrender to the court in a previous case. Yet British authorities eventually commented that they arrested Assange on the United States’ behalf. The U.S., who unsealed an indictment against Assange the same day that he was arrested in the UK, are pursuing his extradition for his efforts to disclose classified information that the government believes would have injured the U.S. But even this potential outcome faces complications. Prior to confirming Assange’s exit from the embassy, President Moreno of Ecuador insisted that the UK refuse to extradite Assange to a country in which he could face torture or the death penalty as a form of punishment. The UK confirmed this agreement in writing. Although Assange would only face a maximum sentence of five years if convicted of the U.S. charges against him, this condition nevertheless complicates a case that already crosses multiple borders and fosters intense emotional polarization.

Filed in March 2018 but unsealed on April 11, the U.S. indictment against Assange alleges that the WikiLeaks co-founder attempted to hack into and steal classified information on the U.S. government. Specifically, the charge states that Assange sought to break a password to a classified U.S. government computer, conspiring to commit computer intrusion. Had the plan succeeded, Manning could have browsed computers with a username that did not belong to her, making it difficult for authorities to spot Manning as the source of the break-in. The indictment notes how Chelsea Manning, who was imprisoned for violating the Espionage Act, not only assisted Assange in this process, but in many before it. Manning allegedly provided Assange 250,000 State Department cables, 800 Guantanamo Bay detainee assessment briefs, and hundreds of thousands war-related significant activities reports on the conflicts in Iraq and Afghanistan. He would then post such information to WikiLeaks, making it publically available. Even though the indictment makes clear that Assange and Manning formed a password-breaking agreement, it makes no mention as to whether the plot succeeded, or if it was even carried out. Additionally, some view the narrowness of this allegation as a means to avoiding conflicts with the First Amendment’s guarantee to freedom of the press.

A controversial figure, Assange has proven elusive amongst law enforcement agents for the past decade or so. He first faced charges in 1995, when Australian authorities accused him of committing a number of hacking activities. He plead guilty and paid fines worth thousands of Australian dollars, but he did not receive jail time because he pledged never to reoffend. He founded WikiLeaks in 2006, and both he and the organization rose to prominence in 2010, when they released footage of a U.S. helicopter targeting civilians in Iraq. He published a trove of classified military documents on the U.S. conflicts in Iraq and Afghanistan soon after.

In that same year, the Swedish Prosecutor’s Office issued two arrest warrants against Assange, charging him with two separate cases of rape and molestation, which he denied. The charges came two days after he applied for residency in Sweden, seeking to take advantage of its strong laws in favor of whistleblowers. Though the charges were rapidly dropped, they were picked up again months later (and included an additional charge of unlawful coercion), when Assange arrived in London. Sweden issued an international arrest warrant for Assange, leading to a year-long battle in the British courts that eventually saw the UK Supreme Court rule in favor of his extradition to Sweden. Months later, in August 2012, the Ecuadorian embassy in London granted Assange asylum, fearing for his human rights were he to be extradited to Sweden. Sweden dropped the sexual molestation and unlawful coercion charges against Assange in 2015, as well as the rape charge in 2017, yet Assange remained in the embassy. Though the UK and Ecuador attempted to negotiate his release on multiple occasions, the talks continually failed, as Assange feared that arrest by UK authorities would lead to extradition to the U.S. Nevertheless, on April 11, 2019, Ecuador revoked their protection of Assange, and invited British authorities into the embassy to arrest him.

In a video released online, President Moreno of Ecuador noted why he rescinded Assange’s claim to asylum. He criticized Assange for continuing to interfere in the internal affairs of individual states, which included publishing a wide array of documents tied to the Vatican in January 2019. He further condemned Assange for apparently remaining involved in WikiLeaks, when his status as an asylum grantee prevented him from getting involved in the affairs of other countries. Yet he stressed that, prior to revoking Assange’s claim, he gained a written guarantee from the UK that they would not extradite Assange to a country that could employ torture or the death penalty on him. Reports also indicate that Assange continually clashed with embassy staff. His WikiLeaks-related activities caused the embassy to strip him of internet access. Additionally, the embassy imposed tighter rules on him in late 2018, pushing him to pay his medical and phone bills, as well as better clean up after his pet cat.

After the arrest, District Judge Michael Snow of the UK wasted little time in finding Assange guilty of the 2012 charge of failing to surrender to the court. Although he would face up to 12 months in prison for this charge, it remains to be seen whether he will serve this time (or any time) in the UK, or if he will undergo extradition to the U.S. He is set to appear at the Westminster Magistrates’ Court on May 2 through video link to address the topic of extradition. The Swedish Prosecution Authority has even begun to consider reopening their investigation into an Assange, as the statute of limitations expires in August 2020.

Reactions to the arrest – and potential extradition – have proven mixed in the UK and across the globe. While Prime Minister Theresa May praised the ruling, noting that “in the UK, no one is above the law,” the opposition Labour Leader Jeremy Corbyn objects to extradition, instead claiming that Assange brought to light “evidence of atrocities in Iraq and Afghanistan.” The American Civil Liberties Union (ACLU) made clear their sharp opposition to the arrest and extradition request, declaring that “any prosecution by the United States of Mr. Assange for Wikileaks’ publishing operations would be unprecedented and unconstitutional, and would open the door to criminal investigations of other news organizations.”

According to his lawyer, Assange kept his comments brief, saying, “I told you so.”

While some view Assange’s arrest as an unjust attack against a freedom fighter, others view it as a long-deserved takedown of a criminal. Additionally, his potential extradition to the U.S. dramatically raises the stakes of the situation. Though some government officials and civil society activists believe a U.S. conviction of Assange a stab at the First Amendment, the Department of Justice has filed specific, narrow charges against Assange in the hope of making that point mute. Debate will undoubtedly continue on the legality of Assange’s actions, only to escalate when the U.S. decides whether or not to extradite him to the U.S.

In Targeting Venezuela, The Trump Administration Targets Cuba

April 9, 2019 by Alex Psilakis Leave a Comment

On April 5, 2019, the Trump administration announced its decision to issue sanctions against 34 ships owned or operated by Petroleos de Venezuela, S.A., the state-run oil company. The administration also levied sanctions against two international companies that ship Venezuelan oil to Cuba. Days later, on April 8, the Trump administration issued another ruling against Cuba, prohibiting Cuban athletes from playing in the MLB unless they defected. Although MLB officials asserted that they worked closely alongside the Treasury Department in 2018 before signing any sort of agreement with Cuba, the Trump administration displayed no hesitancy in striking down such a deal. Both of these decisions, which took place within a week of each other, reveal a new, serious strategy of the Trump administration: to pressure Venezuela and Cuba.

While the Trump administration has unquestionably issued these sanctions to further tighten the financial stranglehold on Venezuela, one primary objective of these levies is to cut off the oil trade to Cuba. On average, Venezuela ships Cuba 20,000 to 50,000 barrels of oil a day. In response, Cuba shares intelligence and counterintelligence services with them.

This relationship is founded in history. Although Venezuela proved a close ally of the U.S. during the Cold War, that position changed when Hugo Chavez rose to the presidency in 1999. Chavez, who viewed Cuba’s Fidel Castro as a sort of mentor, sought to aid the state, which had been struggling economically due to U.S. sanctions and the collapse of its long-time ally – the Soviet Union. After nearly falling victim to a coup attempt in 2002, Chavez eagerly embraced a new relationship with Cuba. In return for providing the Caribbean country free and subsidized oil, Cuba would offer Venezuela intelligence and military assistance, as well as doctors and teachers. Under Chavez’s successor, Nicolas Maduro, oil shipments to Cuba climbed as high as 100,000 barrels a day. Yet the number of Cuban operatives in Venezuela, as well as what role those operatives are acting in, remains a subject of debate. The Trump administration alleges that 20,000-25,000 Cuban individuals are serving in Venezuela’s military and intelligence services, as well as Maduro’s private guard. The Cuban government, which asserts that the number is 20,000, has stated that nearly all Cuban personnel in Venezuela are working in humanitarian roles, specifically as doctors and teachers.

Nevertheless, the Trump administration is anxious to limit Cuba’s role of influence in Venezuela however possible. In a statement on April 5, Treasury Secretary Steven T. Mnuchin made this clear, noting,

“Cuba has been an underlying force fueling Venezuela’s descent into crisis. Treasury is taking action against vessels and entities transporting oil, providing a lifeline to keep the illegitimate Maduro regime afloat. Cuba continues to profit from, and prop up, the illegitimate Maduro regime through oil-for-repression schemes as they attempt to keep Maduro in power. The United States remains committed to a transition to democracy in Venezuela and to holding the Cuban regime accountable for its direct involvement in Venezuela’s demise.”

To continue this pressure, the Trump administration announced – just three days after their implementation of sanctions – that Cuban athletes could not play in the MLB unless they defected from Cuba. On December 19, 2018, the MLB Players Association and the Cuban Baseball Federation (FCB) signed a deal that made is possible for Cuban nationals to play in the MLB without defecting from their home country. Similarly to agreements with Japan or Korea, the FCB would streamline the process for players joining the MLB, while retaining approximately 15-25% of their financial earnings. The MLB pursued this deal because, under the sanctions regime, Cubans must go to dangerously great lengths to play baseball in the U.S., often working with – and falling victim to – the ploys of smuggling syndicates. The MLB received legal authority to carry out such a deal in 2016, when the Treasury Department’s Office of Foreign Assets Control (OFAC) granted them a license to enter into a business arrangement with the FCB. Even though the Trump administration displayed skepticism of the deal’s legality up until its signing, OFAC nevertheless assured the MLB that the license was still valid.

The Trump administration’s ruling on April 8 overruled that assurance. Justifying their decision, a Trump administration official argued that the Obama administration inadequately interpreted the law. Additionally, they claimed that the Cuban government was taking part in human trafficking. Citing “facts recently brought to their attention” and discussions with the State Department, OFAC instead decided to prohibit the deal. OFAC further claimed that the FCB was tied to the Cuban government, and therefore ineligible to receive payments from U.S. businesses like the MLB. While such financial arrangements were possible under the Obama administration, the Trump administration has pulled a sharp one-eighty, implementing sanctions and embargos, while offering fiery rhetoric.

The Trump administration has made no secret of the fact that these rulings – the imposition of sanctions on April 5 and the overruling of the MLB-FCB agreement on April 8 – are direct retaliatory measures for Cuba’s assistance to the Maduro regime. When asked on Fox News if the MLB ruling was meant to pressure Cuba, Secretary of State Mike Pompeo replied, “Yep.” He further stated that the administration was “going to do everything we can to pull [Cuba] out” of Venezuela.

The timing of these decisions is by no means a coincidence. As the Trump administration is desperate to unseat Maduro as President of Venezuela, the U.S. is attempting to weaken his regime however possible. But even this has become more complicated, as Russia recently sent 100 military personnel to Venezuela offer technical assistance, dramatically disrupting any U.S. decision to pursue further involvement in the region. Since the administration has made clear from its first day in office how deeply it opposes Cuba’s regime, this mutual pushback against Venezuela and Cuba can be regarded as a sort of two-for-one deal. Yet it remains to be seen how effective these measures will prove in their effort to pull Cuba out of Venezuela. With a relationship rooted in over two decades of history, both regimes – who are desperate to hang onto power in times of economic trouble – will continue to oppose the Trump administration. Russia’s willingness to get involved in the region, regardless of the scale of such involvement, will further bolster the confidence of Cuba and Venezuela, while forcing the U.S. to deeply consider how they wish to proceed.

Trump Administration Set to Label Iran’s Islamic Revolutionary Guard Corps a Foreign Terrorist Organization

April 8, 2019 by Alex Psilakis Leave a Comment

On April 8, 2019, the Trump administration announced their plan to designate Iran’s Islamic Revolutionary Guard Corps (IRGC) a Foreign Terrorist Organization (FTO), as noted under Section 219 of the Immigration and Nationality Act. President Trump elaborated on the decision in a statement, declaring that,

“This unprecedented step, led by the Department of State, recognizes the reality that Iran is not only a State Sponsor of Terrorism, but that the IRGC actively participates in, finances, and promotes terrorism as a tool of statecraft. The IRGC is the Iranian government’s primary means of directing and implementing its global terrorist campaign.”

The State Department released a Fact Sheet outlining the specific reasons for which they declared the IRGC an FTO. They note, for example, that they held the IRGC responsible for the deaths of at least 603 American service members in Iraq since 2003, which constitutes 17% of American personnel killed in the region from 2003-2011. The State Department singles out one unit within the IRGC for specific condemnation – the Qods Force. They argued that the Qods Force has planned to carry out terrorist attacks in countries such as Germany, Kenya, and Turkey. Additionally, the Fact Sheet asserts that the Qods Force plotted an attack against the Saudi Ambassador to the U.S. in the U.S. Even though these attempted terrorist attacks in the U.S. and abroad were foiled, the Fact Sheet places great emphasis on the fact that they were plotted and nearly carried out. The State Department further criticizes the IRGC for their continued support to terrorist organizations, noting their tendency to offer groups like Hezbollah and Hamas assistance through means including financial and material support, training, and technology transfer. The Fact Sheet also points to Iran’s tendency to harbor terrorists sanctioned by states like the U.S. as a reason for the designation.

The State Department emphasizes that this designation is another step in the Trump administration’s long-term effort to maximize pressure against Iran’s present regime. Prior to the designation, the Trump administration had already sanctioned over 900 individuals, entities, aircrafts, and vessels related to Iran. Yet the State Department Fact Sheet makes clear that the Trump administration is not taking a wholly unprecedented step. Instead, they are building off of the legacy of past administrations. The Fact Sheet notes, for example, that the IRGC was previously sanctioned via Executive Order in 2007, 2011, and 2012. The organization was sanctioned in 2007 for supporting Iran’s nuclear and ballistic missile program, and again in 2011 and 2012 for its connection to Iran’s human rights abuses.

In his statement, President Trump made clear the consequences of violating this designation:

“If you are doing business with the IRGC, you will be bankrolling terrorism.”

As a result of the designation, the U.S. may deny entry to individuals that provided the IRGC material support, or take actions one step farther and prosecute those individuals for sanctions violations. Since many European and Asian companies deal with one of the IRGC’s numerous affiliates, this could further stress diplomatic relations between said countries and the U.S. The designation may also limit who U.S. troops and diplomats can communicate with in the Middle East, as Iraqi and Lebanese authorities are known to interact with IRGC officials or surrogates. Previous administrations have held back from making this great of a move against the IRGC for this very reason. The Pentagon, alongside U.S. intelligence agencies, have voiced concerns over how such a designation will limit their ability to interact with allies like those in Iraq and Lebanon. Shia militias associated with the Qods Force fought alongside the U.S. Air Force against the Islamic State at the Battle of Tikrit, proving key allies that helped achieve victory. Additionally, U.S.-backed Iraqi and Kurdish personnel have embraced the titanic burden of taking in the tens – if not hundreds – of thousands of refugees spawned from the recent fighting. Such cooperation will become immensely complicated, if not prohibited, when the designation takes effect on April 15.

Iran, meanwhile, has sharply condemned the Trump administration’s decision. Iran’s Foreign Minister, Javad Zarif, has urged President Hassan Rouhani to label U.S. forces in the region as terrorists. He has specifically sought to target the U.S. Central Command (CENTCOM), which oversees U.S. operations across 20 states in the Middle East and parts of Asia. Iranian parliamentarians have also threatened to label portions of the U.S. military as terrorist groups.

While the decision to designate the IRGC as an FTO emphasizes how seriously the U.S. treats the threat of Iran, it further reveals the short-sighted nature of the Trump administration’s overall policy toward the Islamic Republic. By failing to adequately communicate with U.S. agencies like the Department of Defense, as well as isolating U.S. allies that have proven essential partners in military operations including the fight against ISIS, the Trump administration is set to implement a policy that leaves far too much room for collateral damage. As eager as past presidential administrations have been to punish the IRGC for their illicit, dangerous actions, those same administrations recognized that labeling the group an FTO would make an overly-complex situation nearly unmanageable. Even though this decision suits the Trump administration’s interests, it has frustrated parties within the U.S. and around the globe. Yet as this type of approach has not hindered the Trump administration’s dedication unraveling the Iran nuclear deal, it will almost certainly not hinder their approach here.

U.S. Revokes Entry Visa for ICC Prosecutor over Afghanistan Row

April 5, 2019 by Alex Psilakis 1 Comment

On March 15, 2019, the IELR Blog detailed how the Trump administration pledged to block the entry of International Criminal Court (ICC) officials seeking to investigate U.S. personnel. On April 5, the Trump administration kept their word, revoking the visa of Public Prosecutor Fatou Bensouda.

“We can confirm that the U.S. authorities have revoked the prosecutor’s visa for entry into the U.S.,” Bensouda’s office wrote.

Since 2017, Bensouda, alongside her colleagues at the ICC, have been investigating alleged war crimes in Afghanistan. The investigation has reviewed allegations against all parties, including Afghan security forces and the Taliban, as well as U.S. personnel. The investigation may even expand to consider CIA activity within Afghan detention centers. A 2017 report from the Prosecutor’s office, which requested permission to launch the aforementioned investigation, made this clear, noting,

“The information available provides a reasonable basis to believe that members of the United States of America (“US”) armed forces and members of the Central Intelligence Agency (“CIA”) committed acts of torture, cruel treatment, outrages upon personal dignity, rape and sexual violence against conflict-related detainees in Afghanistan and other locations, principally in the 2003-2004 period.”

The State Department has not been shy in opposing the ICC’s efforts. When they denied Bensouda’s visa, their logic fell on this harsh line, as a spokesperson stated,

“The United States will take the necessary steps to protect its sovereignty and to protect our people from unjust investigation and prosecution by the International Criminal Court…One such measure now being implemented restricts the issuance of U.S. visas for those ICC officials who are determined to be directly responsible for any ICC effort to conduct a formal investigation of U.S. or allied personnel without the relevant country’s consent.”

Although the U.S. signed the Rome Statute in 1998, bringing the court into existence, they never ratified the treaty, meaning that they are under no legal obligation to abide by the court’s decisions. The U.S. has long feared that officially joining the ICC would dramatically impede their judicial sovereignty. In 2001, the U.S. implemented the American Service Members’ Protection Act, which provides U.S. and allied personnel immunity from the ICC. Yet most American allies, such as Germany, have proven firm supporters of the court since its foundation.

The ICC, meanwhile, has taken this attack by the U.S. in stride. Since Afghanistan signed onto the Rome Statute in 2003, the ICC believes that they possess the right to try American personnel if they please. “The ICC, as a court of law, will continue to do its work undeterred, in accordance with those principles and the overarching idea of the rule of law,” the court said. Bensouda and her office personally specified that they would be a part of that work, stating, “The prosecutor and her office will continue to undertake that statutory duty with utmost commitment and professionalism, without fear or favor.”

These statements by both the U.S. and ICC should not be viewed as surprising. In March, both sides claimed that they would do as they have done, with the U.S. pledging to prohibit entry of those ICC members investigating U.S. personnel, and the ICC pledging to continue their investigation regardless. Nevertheless, the rapid deterioration in relations still serves as a surprise, as the U.S. has never gone this far in their opposition to the international institution. The Trump administration, however, is no stranger to breaking with precedent, whether that be by moving the U.S. embassy in Israel to Jerusalem, questioning the value of NATO, or threatening to close the U.S.-Mexico border. With no side willing to back down, this conflict between the U.S. and ICC is set to continue until the court releases the findings of its investigation. If charges are made against U.S. personnel – which the ICC has made clear is wholly likely – then this conflict will reach a new, unprecedented level; perhaps a level even unprecedented in the age of Trump.

From an international enforcement perspective, the controversy concerns whether a powerful state can assert its power to give impunity to its nationals when they are under investigation for war crimes. If the U.S. protects its nationals from investigation for these offenses, then other countries, such as Russia and China, will emulate them.

North Korean Embassy Raid in Madrid Leaves Us with More Questions than Answers

April 5, 2019 by Alex Psilakis Leave a Comment

On February 22, 2019, 10 masked individuals broke into the North Korean embassy in Madrid. They tied up the eight people present at the embassy, placed bags over their heads, and, in some cases, beat and interrogated them. The group paid particular attention to Yun Sok So, an official in the embassy’s economics department. They not only beat him, but continuously pressured him to abandon North Korea. The assailants also stole a number of items, including pen drives, computers, and hard drives. One embassy employee managed to escape during the lockdown, screaming from outside to attract the attention of others, and eventually, the police. Yet when the police knocked on the embassy’s front door, they met what looked like a North Korean diplomat, who informed them that nothing was wrong. The police left, allowing the group to continue their raid. Approximately five hours after their arrival, the assailants fled the scene, stealing vehicles from the embassy only to abandon them on a nearby street. Some reports noted that the assailants were freedom fighters seeking to liberate North Korea, while others claimed that the aggressors had ties to the CIA.

Yet as the weeks passed, the case only proved more complex. Evidence revealed that Kim Hyok Chol, one of Kim Jong-Un’s most revered diplomats, formerly served as the North Korean Ambassador to Spain, until he was expelled in 2017 because of the Kim regime’s continued nuclear testing. Kim Hyok Chol was seen as one of the prime architects of the Trump-Kim meeting in Vietnam, which occurred only days after the raid. Reports also indicated that individuals with ties to the U.S. and South Korea took part in the raid. Adrian Hong Chang, a Mexican citizen who currently resides in the U.S., led the raid. Hong Chang allegedly posed as a “managing partner” of a fictitious firm interested in investing in North Korea. He asked to meet with Yun Sok So, presenting a false business card. Moments later, the assailants stormed the embassy. When police checked in on the embassy during the raid, it was likely Hong Chang that convinced them that all was well and calmly turned them away. After the raid, Hong Chang traveled to Lisbon, where he flew back to the U.S. Five days later, he reached out to the FBI, offering to share the “audiovisual material” he acquired during the raid.

Spanish authorities also identified two other individuals that took part in the raid – U.S. citizen Sam Ruy and South Korean citizen Woo Ram Lee. Jose de la Mata, a judge on Spain’s national court, pioneered the investigation into the raid, and has since issued international arrest warrants for Hong Chang and Ruy. However, their exact locations are unknown, or have at least not been disclosed. The FBI, meanwhile, has refused to comment on the situation.

North Korea did not officially comment on the incident until March 31 – over a month after it occurred. They called the raid “a grave terrorist attack” that served as a “flagrant violation of international law.” According to the 1961 Vienna Convention on Diplomatic Relations, the raid was undeniably a violation of international law. Article 22, Section One of the Convention states that “the premises of the mission shall be inviolable,” while Section Three notes that, “the premises of the mission, their furnishings and other property thereon and the means of transport of the mission shall be immune from search, requisition, attachment or execution.” Judge de la Mata also mentioned that the raid could result in a variety of charges against the assailants, such as theft using violence, membership in a criminal organization, and illegal detention.

However, this is unlikely to deter the group that has since claimed responsibility for the raid. At the end of March – again, about a month after the raid – Free Joseon (Free North Korea) admitted to leading the raid. A defector group dedicated to overthrowing the North Korean government, Free Joseon has continually served as thorn in the side of the Kim regime. In 2017, they claimed to have taken Kim Han Sol under their protection. Kim Han Sol was the son of Kim Jong Nam, who was the brother to Kim Jong Un. Kim Jong Nam was mysteriously assassinated in 2017 – some think by his brother. Believing him under threat, Free Joseon (then known as Cheollima Civil Defense) stated that they secured Kim Han Sol’s protection. Kim Han Sol has not been seen in public since 2017, when he appeared in a video published by Cheollima Civil Defense.

The mystery and multiple layers behind this case make it sound like a spy thriller. Since North Korea rarely acknowledges events like these – events that may be viewed as failures by the regime – their willingness to do so here stresses not only how far word is spreading of the raid, but how frustrated the regime is by the raid itself. Additionally, U.S. ties to the raid are too coincidental to ignore. With Spanish reporters arguing that two of the raiders possessed ties to the CIA, and Judge de la Mata noting that one was a U.S. resident and another a U.S. citizen, suspicions that the U.S. was to some degree involved in the raid are becoming too pressing to ignore. The raid’s near-timing to the Trump-Kim talks in Vietnam – which the former North Korean Ambassador to Spain played a key role in orchestrating – only adds to the suspicions. Even though Free Joseon claimed responsibility for the raid, their involvement alongside U.S.-affiliated individuals begs the question – to what degree is the U.S. affiliated with the defector group? Finally, Spain’s decision to issue international arrest warrants for at least two individuals allegedly involved in the raid, as well as consider pressing further charges, emphasizes that Spain will not simply let this go, even though Spanish-North Korean relations are far from perfect.

Like a spy thriller, it is difficult to predict what answers, if any, we will get to this mystery.

Iranian Hacking Raises Issues about Gaps in International Legal Frameworks involving Cyber-Attacks

April 3, 2019 by Evan Schleicher Leave a Comment

In late March, Microsoft reported that it had taken down 99 websites which had been used by a company referred to as Phosphorus to target the computer systems of businesses and government agencies, as well as activists and journalists involved in advocacy and reporting on issues relating to unrest in the Middle East. Microsoft obtained a federal judge’s approval on March 15 to disable the websites that it detected and had been tracking for six years. Although multiple intelligence agencies and groups pointed to Iran as the culprit, the difficulty of attributing cyber-attacks and operations to particular state actors and the lack of international legal frameworks to deal with cyber issues makes it highly likely that Iran will escape international condemnation.

To begin, effective attribution of attacks to state actors is difficult, complex, and highly time consuming. Most hackers have the technical capability to cover their tracks extremely well and an attack, even if it can be connected to a computer or a facility, often cannot be connected indelibly to specific individuals or groups. Further, because the process of global investigation requires the investigator to follow official, and at times bureaucratic, legal channels to request assistance, investigations can end up being subordinated to political agendas or to the whims of particular states. Thus, while the ability to conceal the source of attacks does become imminently more difficult as the attacks increase in both sophistication and in scale, it is still possible for deception, deflection, and misinformation to make it unclear exactly who is responsible for cyber-attacks.

Even in seemingly clear-cut cases, there is often significant skepticism about the source of attacks. For example, after the Obama Administration pinned the 2014 Sony hack on the Democratic People’s Republic of Korea, a variety of academics and hackers expressed public skepticism, pointing to things like a seeming insider’s knowledge of Sony systems and the ability of IP addresses to be used across geographies as evidence that the DPRK was not the Sony hacker. This uncertainty was also present in a hack discovered by McAfee which spanned 72 networks globally, including the United Nations, governments, and corporations. In characterizing the source of this attack, an expert at the Center for Strategic and International Studies said that the attack was “very likely” undertaken by China, while the Chinese said nothing and the Defense Department said that “it is unknown who is perpetuating these intrusions,” although it is known that China has been pursuing similar capabilities. Even in cases with clear motives, state actors retain significant capacity for plausible deniability.

Another equally pressing issue regarding cyber warfare is the relative absence of international legal standards governing cyber actions. In February 2018, UN Secretary-General Antonio Guterres gave two speeches in which he argued that a lack of rules governing cyber warfare and cyber conduct constituted a global threat. While some sources have argued that international legal standards already apply to cyber warfare and conduct, the United Nations (“UN”) Group of Governmental Experts (“GGE”) on Developments in the Field of Information and Telecommunications in the Context of International Security stated in 2013 that “the application of norms derived from existing international law . . . is essential to reduce risks to international peace, security and stability.” Such derivation requires extensive debate, discussion and, eventually, agreement, and thus cannot be merely extrapolated from existing laws. Unfortunately, consensus has yet to emerge, as GGE talks broke down in 2017, leaving the international legal community without agreed upon standards for applying existing international law to the cyber domain.

There is a set of guidelines derived from existing international law and generally accepted (at least implicitly) by Western countries – the Tallinn Manual. It is not followed by many countries, most notably Russia, due to the perception of Western bias in the manual itself. Russia has thus developed a similar, but not exactly parallel, set of standards based on the UN Charter, which specifically emphasizes respect for national sovereignty and non-interference.

Unfortunately, as there is insufficient evidence to support claims of a distinct customary international law rule of territorial sovereignty applicable to cyberspace operations, current norms remain insufficient to parse out the legal space in which cyber-attacks and warfare exist. Further, because the principle of sovereignty is differentially applied to different domains (land, sea, air, space), there would have to be legal consensus on how it applies to the domain of cyberspace before the principle could hold any legal weight.

The lack of easy, universal application of current international legal norms to cyber warfare is compounded by the tendency of powerful states such as Russia and the United States to use the development of cyber norms as a conduit by which to score policy wins. In October 2018, it was reported that “Russia [was] planning to submit two UN resolutions, one on a code of conduct to regulate states behavior in cyberspace and one on a new UN cybercrime convention.” The US, in response, publicly announced Russian complicity in multiple hacks, using this revelation to damage Russian progress on its resolutions. This oppositional approach has been consistent between the two countries, making it unlikely that any comprehensive international legal norms on cyber warfare will be agreed upon anytime soon.

In the absence of agreed upon norms, rogue actors such as Iran and Russia will be able to use cyber warfare with relative impunity. For example, by exploiting the gaps in the existing international structure regarding cyber-attacks – the difficulty of attribution and the lack of international legal norms – Russia has been able to win significant strategic victories with very little pushback from the international community. In Estonia in 2007, in Georgia in 2008, and in Ukraine beginning in 2014, the Russian government used cyber weapons to attack infrastructure and to produce widespread confusion. Specifically, in Ukraine, there has been a significant number of attacks. On December 23, 2015, malicious actors opened breakers at some 30 distribution substations in the capital city Kiev and western Ivano-Frankivsk region, causing more than 200,000 consumers to lose power. Nearly a year later, another substation was rendered powerless. Explaining the Russian strategy regarding these sorts of cyber-attacks, Thomas Rid, a professor in the War Studies department at King’s College London, put it simply: “They’re testing out red lines, what they can get away with…You push and see if you’re pushed back. If not, you try the next step”.

Given the poor track record of the international community and the United States in responding strongly to Russian cyber-attacks, it seems highly likely that they will fail to respond politically to Iranian (and other state actors) actions as well.

___

Evan Schleicher is an Editorial Intern with the International Enforcement Law Reporter. He is also an MA candidate in Security Policy Studies at George Washington University’s Elliott School of International Affairs.

U.S. HSA Signs MOC on Border Security Cooperation with 3 Northern Triangle Countries

April 2, 2019 by Bruce Zagaris Leave a Comment

On March 28, 2019, Secretary of Homeland Security Kirstjen M. Nielsen signed on behalf of the United States a Memorandum of Cooperation (MOC) on border security cooperation in Central America.

HSA Secretary Nielsen met with Guatemalan Minister of Government Enrique Degenhart, Honduran Security Minister Julian Pacheco, and Salvadoran Minister of Justice and Public Security Mauricio Landaverde

The MOC – the first ever multilateral compact on border security – has the goal of improved synchronized cooperation between the countries to strengthen border security, prevent the formation of new migrant caravans, and address the root causes of the migration crisis through synchronized efforts and will include the following: human trafficking and smuggling; combating transnational criminal organizations and gangs; expanding information and intelligence sharing; and strengthening air, land, and maritime border security.

The signatories will pursue each of these focus areas through an array of agreed-upon initiatives. Technical working groups with representatives from each country will monitor the initiatives and ensure they are carried out expeditiously. The law enforcement groups will meet periodically throughout the year, with Secretary Nielsen and the Northern Triangle Ministers continuing to meet in the coming months to ensure continued momentum.

Secretary Nielsen expressed her gratitude for the continued collaboration and partnership of the three countries as they work to slow the increased irregular migration and develop a regional approach to addressing the ongoing humanitarian and security emergency at the southern border of the U.S.

Notwithstanding Secretary Nielsen’s expression of gratitude to the three governments, late on March 28, 2019, U.S. President Donald Trump notified Congress that it intends to reprogram $450 million in aid to the three countries and has already sent instructions to embassies in the region.

In 2016, after an increase of Central American children came to the Texas border, the Obama administration doubled aid to the region to approximately $750 million. The aid targets violence and insecurity as well as governance and corruption. Much of the aid is disbursed through U.S. civil society organizations.

The initiatives of the U.S. and other governments against transnational organized crime in Central America can be classified in eight areas: whole-of-government solutions; interdiction of criminal flows; targeting of transnational criminal organization leaders; use of the military in a domestic law enforcement; institutional reform within law enforcement; targeting the financial flows and resources of organized criminal groups; prison control and reform; and binational and multinational cooperation against organized crime. The MOC is a non-binding document that essentially entails a commitment to continue ongoing talks and cooperation efforts on security and law enforcement.

On March 31, 2019, President Trump threatened to close the border with Mexico, notwithstanding warnings that shutting the border would cause immediate economic damage on U.S. consumers and businesses while doing little to slow the flow of migrants into the U.S.⁵

Clearly cutting aid to the three Northern Triangle countries and shutting the border with Mexico would exacerbate the problem since the violence, insecurity and lack of opportunities in the three countries stimulate the demand to emigrate to the U.S. The lack of a comprehensive and bipartisan approach to immigration continues to deteriorate the U.S. institutions and processes by which the U.S. government is able to deal with the migration crisis. A key country in terms of its location and the similarity of its legal system with the three Northern Triangle countries is Mexico.

The current issue of the IELR will discuss these developments in more detail.

___

[5] David J. Lynch, Maria Sacchetti and Joel Achenbach, Threat to close border is pressed, Wash. Post, Apr. 1, 2019, at A1, col. 3.