The lines between civilian and military are increasingly blurred, creating ambiguity under international law when private contractors engage in offensive cyber-security operations on behalf of states. These private security companies (PSCs) are being contracted for cyber security to engage in offensive cyber operations, but states should not contract PSCs for offensive cyber operations. The next instalment of the 2014 Jr. Fellows Policy Briefs recognizes the benefits of cyber-security contracting and maintains that a transparent distinction should be established between PSCs and state militaries, whereby private actors would only be involved in defensive and supportive operations. The authors address the North Atlantic Treaty Organization to implement a contracting protocol that delineates appropriate classifications for the tasks and personnel required for private cyber-security contracts. They conclude that establishing an oversight organization and submitting a proposal to the International Law Commission to consider the roles of private security actors would create greater transparency and accountability for contracting.

Part of Series

The CIGI Junior Fellows program at the Balsillie School of International Affairs provides masters level students with mentorship opportunities from senior scholars and policy makers. Working under the direction of a project leader, each junior fellow conducts research in one of CIGI’s program areas. This series presents those policy briefs that met CIGI’s publications standards.
  • Justin Anstett is a candidate for the University of Waterloo’s M.A. in Global Governance at the Balsillie School of International Affairs (BSIA). 

  • Rebekah Pullen is a candidate for a Master’s of Global Governance at the BSIA, based at the University of Waterloo, in Waterloo, Ontario. She has her B. Arts Sc. (honours) with combined honours in political science, from the Arts & Science Program at McMaster University. Her research interests include nationalism and military culture, international law and cyber security.