The eternal balance between military necessity and humanity lies in the centre of the law of armed conflict, as ‘ordinarily, military necessity will point in one direction and humanitarian considerations in another’.

The principle of military necessity, having the principle of humanity as its counterbalance, has been authoritatively defined by an American Military Tribunal in the 1948 Hostages Case (part of the ‘Subsequent Proceedings’ at Nuremberg) as follows:

‘Military necessity permits a belligerent, subject to the laws of war to apply any amount and kind of force to compel the complete submission of the enemy with the least possible expenditure of time, life and money’.

On the other hand, the principle of humanity necessitates that the attack should not cause unnecessary suffering or unwarranted injury for a military purpose.

Major Jensen, a professor of international law at the US army, claims that

‘though intertwined, a separate look at military necessity and humanity, as they relate to the use of computer network attacks (CNA), will illustrate that the current laws of war are sufficient to guide commanders in the use of CNA as a method or means of warfare’.

However, in reality, his stipulation cannot be so easily applied in information attacks beyond any doubt. The reason for that is the means of cyber warfare such as viruses, logic bombs or DDoS attacks, designed to render unusable network systems, do not have predesigned final outcomes. A hostile virus will replicate itself without knowing in advance how and where it will spread; a DDoS attack will render an entire network of botnet computers as ‘zombies’ but without any antecedent knowledge about which exactly the compromised machines will be.

Thus, not only is ‘the least possible expenditure of time, life and money’ particularly hard to be established in computer network attacks, but the application of ‘any amount and kind of force’ is equally difficult to quantify.


See generally, The Law of Armed Conflict: Constraints on the Contemporary Use of Military Force By Howard M. Hensel; The Law of Armed Conflict: International Humanitarian Law in War By Gary D. Solis; International law and armed conflict: exploring the faultlines: By Michael N. Schmitt, Jelena Pejic, Yoram Dinsṭein.; The conduct of hostilities under the law of international armed conflict By Yoram Dinstein; The contemporary law of armed conflict By Leslie Green; The law of war By Ingrid Detter Delupis, 2nd edn CUP 2000
ICRC has contributed with a recent customary IHL database published with the results of research on customary humanitarian law conducted in 2005, available at

Convention for the Amelioration of the Condition of the Wounded and Sick in Armed Forces in the Field, Aug. 12, 1949 [GC I]; Convention for the Amelioration of the Condition of the Wounded, Sick and Shipwrecked Members of Armed Forces at Sea, Aug. 12, 1949 [GC II]; Geneva Convention Relative to the Treatment of Prisoners of War, Aug. 12, 1949 [GC III]; Geneva Convention Relative to the Protection of Civilian Persons in Time of War, Aug. 12, 1949 [GC IV].

Protocol Additional to the Geneva Conventions of 12 August 1949, and Relating to the Protection of Victims of International Armed Conflicts, June 8, 1977 [AP I]; Protocol Additional to the Geneva Conventions of 12 August 1949, and Relating to the Protection of Victims of Non-International Armed Conflicts, June 8, 1977 [AP II].

Protocol additional to the Geneva Conventions of 12 August 1949, and relating to the Adoption of an Additional Distinctive Emblem, December 8 2005 [AP III].

See MN Schmitt, Wired Warfare: Computer Network Attack and the Jus in Bello, International Law Studies Series. US Naval War College, Vol. 76, pp. 187-218368.; K Dorman, Applicability of International Humanitarian Law to Computer Network Attacks, ICRC.

AP I article 2.

GC Common article 2.

See further analysis by Walker for definition of ‘attack’ under IHL, and methodology for applying that definition to the use of information-based capabilities. Walker develops a triple methodology: actors-based, results-based and consequences-based methodology to determine that cyber attacks constitute ‘acts of violence’. Also Schmitt, wired 376-7.

For instance, ICRC embeds the principle of proportionality within the principle of distinction. See further JM Henckaerts, Study on Customary International Humanitarian Law, (2005)37 International Review of the Red Cross, available at$FILE/customary-law-rules.pdf. Others, such as Aldrich, make a triple distinction among necessity, humanity and consider the principles of neutrality, perfidy and ruses of war to be classified under the principle of chivalry.

For the principle of non-intervention and neutrality see Delibasis 14, Kastenberg, Kelsey; Walker, Schmitt-Diniss 16

Case No. 47, The Hostages Trial, The United States of America vs. Wilhelm List, et al., United States Military Tribunal, Nuremberg, pg. 66, (ix) The Plea of Military Necessity, available at

See JH Doyle, Jr., Computer Networks, Proportionality, Military Operations in CNA+IL, Wedgwood, Banks 22 , Delibasis2 14, Schmitt wired 391, Jensen