IW.64 If this is the case, then NATO failed. Two NATO specialists were dispatched to Tallinn but little else was or could have been done given that so much of the internet is run by the private sector and international organizations. There are signs though that this mindset is now changing. On June 14, 2007 NATO defense ministers held a meeting issuing a joint communiqué that includes the placement of a newly planned NATO Cybernetic Defense Center in Estonia.65 Other proposals include the development of redundant networks of backup servers. Dealing with cyber attacks has never been in NATO’s mandate, but if the increasing number and scale of cyber attacks is any indication, it soon could be integral to NATO’s mission. This is especially true as Rein Lang, Estonia’s justice minister, has complained that “international law is of little to no help” in dealing with cyber attacks.66
Sovereignty over the Information Commons
Before an international legal regime can be developed to deal with cyber attacks, the theoretical justifications for regulating cyberspace need to be considered.67 Two options exist. First, the international community can accept that cyberspace is an arena
64 Davis, supra note 2.
65 Bush, llves eye tougher tack on cybercrime, AFP News, Jun. 25, 2007.
67 Rosenau (1992) identifies six pillars that have traditionally upheld the autonomous state system: a cost/benefit ratio for the use of force, low physical externalities, low-levels of economic interdependence, low information flows, a predominance of authoritarian government limiting information flows, and a high degree of cultural, political, and economic heterogeneity. James N Rosenau, Governance without Government: Order and Change in World Politics 1-29, 58-101 (1992).