The experts behind the manual — two dozen officers, academics, and researchers drawn mainly from NATO states — didn't always agree on how traditional rules applied in a cyberwar.
Self-defense was a thorny issue. International law generally allows nations to strike first if they spot enemy soldiers about to pour across the border, but how could that be applied to a world in which attacks can happen at the click of a mouse?
Other aspects of international law seemed obsolete — or at least in need of an upgrade — in the electronic context.
Soldiers are generally supposed to wear uniforms and carry their arms openly, for example, but what relevance could such a requirement have when they are hacking into distant targets from air-conditioned office buildings?
The law also forbids attacks on "civilian objects," but the authors were divided as to whether the word "object" could be interpreted to mean "data." So that may leave a legal loophole for a military attack that erases valuable civilian data, such as a nation's voter registration records.
The Tallinn Manual: http://www.ccdcoe.org/249.html
Raphael Satter can be reached at: http://raphae.li/twitter