Home > Law essays > Cyber-operations can and should fall within the purview of international criminal law under the Rome Statute

Essay: Cyber-operations can and should fall within the purview of international criminal law under the Rome Statute

Essay details and download:

  • Subject area(s): Law essays
  • Reading time: 17 minutes
  • Price: Free download
  • Published: 25 February 2021*
  • File format: Text
  • Words: 4,817 (approx)
  • Number of pages: 20 (approx)

Text preview of this essay:

This page of the essay has 4,817 words. Download the full version above.

I. INTRODUCTION
In 2007, cyberattacks were launched in Estonia against government, banking and newspaper websites. The websites faced unprecedented levels of internet traffic caused by botnets generating waves of spam and requests leading to the websites to crash. The cyberattacks consisting of Distributed Denial of Service (“DDoS”) attacks occurred after the Estonian government relocated a soviet World War II memorial from its downtown. The Estonian government blamed Russia for the cyberattacks, and Russia vehemently denied any involvement.
In 2008, Georgian government websites were struck by a series of cyberattacks. These attacks vandalised the websites by hacking and replacing the images of the Georgian president to Adolf Hitler. The cyberattacks also consisted DDoS methods and occurred before the Georgian military moved into South Ossetia, on the border with Russia. Commentators speculate the likelihood of Russian involvement, although Russia consistently denies involvement.
In 2010, an Iranian nuclear facility was hit by cyberattacks. A computer malware infected the process control software that tuned the speed of the spinning centrifuges in the nuclear facility, causing the centrifuges to start and stop rapidly whilst affecting their spin speeds. The malware completely destroyed a thousand centrifuges and further impaired thousands more. This set back Iran’s nuclear program by 12 to 18 months. In 2012, it was revealed that the malware was launched jointly by the United States and Israel.
In 2017, cyberattacks were launched against Ukrainian banks, government ministries, newspapers and electricity firms. The “NotPetya” malware launched purported to request for money in exchange for the unlocking of files. Although no physical harm was reported to have occurred, the cyber-attacks are estimated to have caused at least US$10 billion in economic damage. Commentators have classified the cyberattacks as attempts by the Russian government to cripple Ukraine.
The above four examples illustrate how the use of cyber-means to further state interests is becoming increasingly common. Such furtherance of state interests has fortunately not resulted in the loss of life or injury to persons. However, such consequences cannot be precluded. For example, had the 2010 cyberattacks on the Iranian nuclear facility been directed at launching nuclear missiles instead of destroying the facility’s centrifuges, irreparable and unimaginable consequences would ensue. The capacity of a state to inflict harm through cyberattacks is indeed great.
How then, has the international law responded to the ever-evolving nature of technologically driven warfare such as the use of cyberattacks? More specifically, can the perpetrators of cyberattacks be brought to justice under international criminal law? Given the increasing sophistication of cyberattacks and its concomitant ability to cause grave harm, this question is of utmost significance.
This paper argues that cyber-operations can and should fall within the purview of international criminal law under the Rome Statute. Part II begins by outlining the salient features of the Rome Statute, its purpose and its significance in the development of international criminal law. Part III analyses how cyber-operations can feature within the Rome Statute, attracting criminal liability as either a crime of aggression or a war crime, notwithstanding that the Rome Statute does not explicitly address cyberattacks. Part IV discusses conceptual and operational difficulties in regulating cyber-operations under the Rome Statute. In particular, the rules of interpretation under the Rome Statute will be examined, along with definition problems in operationalising the regulation of cyber-operations. Part V discusses the use of extra-judicial mechanisms to clarify the state of law, but reasons that this poses no difficulty to the regulation of cyber-operations before such mechanisms are engaged. Part VI concludes.
II. INTERNATIONAL CRIMINAL LAW AND THE ROME STATUTE
A. THE DEVELOPMENT OF INTERNATIONAL CRIMINAL LAW
International criminal law is the body of law that proscribes certain conduct as serious atrocities. The need for international jurisdiction over such crimes is premised on the concept of impunity – that some of the most serious crimes known to mankind may go untried and unpunished because they are perpetrated by the leaders of states who will not, for obvious reasons, prosecute themselves. The concept of impunity finds its roots in the Nuremberg Trials against Nazi criminals, where such criminals were brought to justice despite domestic German courts not prosecuting them. Following the spirit of the Nuremberg Trials and to continues its legacy, the Rome Statute’s chief motive is to “end impunity for all those who perpetrate the most serious of crimes”.
Today, international criminal justice is served via the establishment of a permanent court seated in the Hague, the International Criminal Court (“ICC”) . Article 5(1) of the Rome Statute states that the ICC has jurisdiction over genocide, crimes against humanity, war crimes as well as crimes of aggression. These crimes are equally serious but distinct from each other.
B. KEY FEATURES OF THE ROME STATUTE
There are two salient features of the Rome Statute: That of individual criminal responsibility and that of the principle of legality. First, Article 25(1) and (2) of the Rome Statute confirm the universal acceptance of the principle of individual criminal responsibility, as recognised in the Nuremberg Trials. Article 25(3) of the Rome Statute establishes the concept of individual criminal attribution, which manifests through one’s own acts, through one playing the role of a co-perpetrator or through one committing a crime through another person. It can also manifest through one ordering or inducing the commission of a crime, or through aiding and abetting the commission of the crime.
The relevance of international criminal law in the context of cross-border cyber-attacks rests, first and foremost, on the assumption that the primary perpetrators may be identified such that individual criminal responsibility can be ascribed. This, however, is contentious and poses a practical difficulty of regulating cyberattacks under international criminal law. This will be discussed further in the next section.
Secondly, the far reaching effects of international criminal prosecution have caused states to adopt provisions to limit the ICC’s jurisdictional capacity. The principle of legality, enshrined in Article 22 of the Rome Statute, provides that ambiguity in a definition of a crime must be resolved in favour of the defendant. Like the presumption of innocence and the standard of proof, the legality principle is a safeguard for the accused; it is a safeguard which prevents judicial overreach through an extension of the law by way of analogy. Some scholars cite the principle of legality as an argument for why cyberattacks cannot be prosecuted under the Rome Statute. This argument will be refuted in the next section.
III. CYBER-OPERATIONS AND THE ROME STATUTE
Having established the key features of international criminal law under the Rome Statute, this section will (A) define the key terms associated with cyberwarfare, (B) highlight the special implications of cyberwarfare as compared to conventional warfare and (C) analyse how cyber-operations feature within the crimes existing under the Rome Statute.
A. DEFINITIONS
A cyber operation can be defined as the “reduction of information to electronic format and the actual movement of that information between physical elements of cyber infrastructure”. Cyber operations can be classified into three main categories: computer network attacks (“CNA”), computer network exploitation (“CNE”) and computer network defence (“CND”). CNA refer to cyber operations which “disrupt, deny, degrade or destroy information resident in computers and computer networks, or the computers and networks themselves”. CNE focuses not on the interruption but collection of data; they refer to “[e]nabling operations and intelligence collection to gather data from target or adversary automated information systems or networks”. CND, as its name suggests, focuses on the protection against CNA and CNE through intelligence, domestic law enforcement and military capabilities; it refers to the “[a]ctions taken to protect, monitor, analyse, detect, and respond to unauthorized activity within … information systems and computer networks”.
With reference to the above, cyberattacks broadly refer to the use of either a CNA or CNE. Indeed, NATO has defined cyberattacks as the either the “[a]ction taken to disrupt, deny, degrade or destroy information resident in a computer and/or computer network, or the computer and/or computer network itself”, or the “[a]ction taken to make use of a computer or computer network, as well as the information hosted therein, in order to gain advantage”. The terminology of a cyberattack should not be confused with existing terms under international law such as the “use of force”, an “armed attack” or an “attack”.
As the above illustrates, there are a variety of ways in which a cyberattack can take place. Hackers may launch a worm into the adversary’s system, such as in Stuxnet; they may shut down computer systems via a DDoS attack; or they may remotely assume control over computer systems, obtain access to files or perform actions against the interests of the adversary.
The conduct of warfare in cyberspace has commonly been termed cyberwarfare. Warfare is defined as the conduct of military hostilities in situations of armed conflict; cyberspace is defined as a globally interconnected network of digital information and communications infrastructures, including the Internet, telecommunications networks, computer systems and the information resident therein. Cyberwarfare exists only when the means by which an attack is executed is through cyberspace – the mere fact that computer systems are down does not mean that cyberwarfare has occurred. To illustrate, infecting the adversary state’s computer network with a computer worm would be an act of cyberwarfare, but bombing a military facility’s cyber defence systems would not. At the same time, cyberwarfare includes an attack through cyberspace which results in physical harm to life or objects. For example, the shutting down of a hospital’s power grid through a DDoS attack executed through cyberspace has the likely consequence of causing injury to patients on electronically-powered critical life support.
B. THE SPECIAL IMPLICATIONS OF CRIMES OCCURRING ACROSS CYBERSPACE
It must be recognised that cyberspace is a man-made construct. It is developed and operated by both public and private entities worldwide, and is constantly evolving with technological advancements. Cyberspace, unlike the physical world, knows no geographical boundaries – the speed at which information travels in cyberspace is far greater than that in the physical world. The implications of these unique features are fourfold. First, the anonymity afforded by cyberspace spells difficulty in identifying responsible perpetrators of cyberattacks. This difficulty in identification of perpetrators is exacerbated also by the fact that cyberattacks may be carried out in many different locations at the same time. Indeed, in the vast majority of cyberattacks thus far, the perpetrator of the attack has been unidentifiable, and in cases where the relevant perpetrators were identified, it was difficult to conclusively demonstrate the perpetrator’s involvement. This difficulty in the attribution of individual criminal responsibility for cyberattacks is fuelled by the use of botnets or IP spoofing. Further, in cases where non-state actors have been deemed responsible for cyberattacks, it cannot be precluded that the primary perpetrator who ordered or masterminded the attack was a state actor. This can be seen from the Georgian and Estonian incidents. In such situations, it is difficult, if not impossible, to conclusively prove state and individual involvement. Such difficulty is made worse by the complex nature of cyberattacks, which may be conducted through special servers hidden in different countries.
Secondly, the ubiquity and increasing reliance on cyberspace for critical infrastructures evinces the enormous capacity for cyberattacks to disrupt civilian life. Although Stuxnet has been the only known instance of physical destruction of property as a result of a cyberattack, cyberattacks have often interfered with other essential functions of civil life, such as the use of online banking and the viewing of online media. For instance, Estonian citizens perform nearly all of their transactions and government-related services through the Internet. Where such cyberattacks are targeted against critical civilian infrastructure, such as power grids or dams, the potential for civilian casualty or physical damage to property is boundless. In a rare instance, the 2003 24-hour power outage in the United States evinces how software defects may severely interfere with civilian life.
Thirdly, the sui generis nature of cyberattacks gives rise to issues regarding its categorisation under a traditional understanding of weaponry. Unlike firearms and ammunitions, cyberattacks do not always result in harm, although they are intended to cause inconvenience. Issues regarding the quantification of harm also arise – it is uncertain how loss of data of an adversary or function of systems can be quantified. This is contrasted to ascertaining the extent of harm caused by firearm or ammunitions, where death or injury toll can be counted. The difficulties of quantifying harm caused by cyberattacks also lead to issues regarding the principle of proportionality. One is unable to determine what sort of countermeasures would be deemed a proportionate response to a cyberattack, especially if one cyberattack is a CNA while the response is a CNE.
Lastly, cyberattacks have the potential to be uncontrollable. Unlike a traditional attack where its result can reasonably be predicted, the deployment of a cyberattack on another state’s computers may have a worse than anticipated effect. For instance, the Stuxnet worm was unintentionally spread to more than 40,000 computers as a result of the sophisticated nature of the networks involved.
C. INTERNATIONAL CRIMES COMMITTED VIA CYBER-OPERATIONS
Having examined the relevant definitions relating to cyberattacks, as well as identified special implications of cyberattacks, this part examines how such cyberattacks may feature within the framework of the Rome Statute. In particular, how cyberattacks feature as a crime of aggression and as a war crime.
1. Cyber-operations and the crime of aggression
The crime of aggression is understood by states party to the Rome Statute as being “the supreme international crime”. Aggression, according to the Nuremberg Tribunal, was the foundation on which many other heinous crimes flowed. Despite believing this, state parties to the Rome Statute were unable to come to a consensus on the definition of the crime of aggression and how it should be prosecuted. To recognise the heinousness of the crime, the state parties to the Rome Statute inserted a placeholder provision Article 5(2) when drafting the Rome Statute in 1998 and agreed to determine the crime of aggression at a later date in 2010 so as not to stall the enactment of the Rome Statute.
The definition of the crime of aggression was determined in the 2010 Review Conference, and enacted as Article 8 bis of the Rome Statute. Under Article 8 bis of the Rome Statute, the crime of aggression is defined as:

“the planning, preparation, initiation or execution, by a person in a position effectively to exercise control over or to direct the political or military action of a State, of an act of aggression which, by its character, gravity and scale, constitutes a manifest violation of the Charter of the United Nations.”

Where an “act of aggression” refers to:

“the use of armed force by a State against the sovereignty, territorial integrity or political independence of another State, or in any other manner inconsistent with the Charter of the United Nations”.

Paragraph 2 of Article 8 bis lists seven particular acts which “qualify as an act of aggression”. These seven acts are directly lifted from Article 3 of the 1974 UN General Assembly Resolution 3314 – a non-binding recommendation to the UN Security Council on the definition of the crime of aggression in 1974. Developed 36 years before the Kampala Conference, which added the crime of aggression into the Rome Statute, the seven particular acts from Resolution 3314 are considered archaic – pertaining to classic invasion, military occupation or annexation by armed forces, naval bombardment and blockage, sending armed mercenaries, allowing one’s territory to be used for another state to invade a third state, etc. Unsurprisingly, the list makes no mention of the use of cyberattacks against another state.
From the foregoing, the relevant question is whether the conduct of cyber-operations against another state may amount to an act of aggression under the Rome Statute, notwithstanding that it is not explicitly listed as part of the seven acts qualifying as acts of aggression. This must be answered in the affirmative, for three reasons. First, the reference to “use of armed force” in Article 8 bis must be understood to include the conducting of cyberattacks on another state. Secondly, the list of acts enumerated in paragraph 2 of Article 8 bis is not exhaustive and does not preclude situations where cyberattacks are the means by which traditional acts of aggression are carried out. Thirdly, analogizing cyberattacks to the list of acts in Article 8 bis paragraph 2 is consistent with the principle of legality. These reasons will be explored in turn.
(a) Cyber-operations and the use of armed force
The reference by Article 8 bis to “the use of armed force” can be understood to include cyberattacks. “Armed force” must be interpreted with reference to the UN Charter, given that Article 8 bis makes explicit reference to the “Charter of the United Nations”. Thus, the text of the Rome Statute expressly requires the ICC to employ the relevant analyses on the terms “use of force”, “armed force”, and “armed attack” under Articles 2(4) and 51 of the UN Charter. This is reinforced by the requirement under Article 15 bis that the UN Security Council must have the opportunity to deem a state’s act as aggression prior to the ICC proceeding with investigations.
A use of force under Articles 2(4) and 51 of the Charter is not limited to any particular type of force. These articles apply “regardless of the weapons employed”. After all, there are various ways in which a state may be negatively affected. In the context of cyberattacks, an “international group of experts” on cyberwarfare commissioned by the NATO Cooperative Cyber Defence Centre of Excellence have created the Tallinn Manual: the product of a three-year long effort. In particular, the Manual states that:

“the mere fact that a computer (rather than a more traditional weapon, weapon system, or platform) is used during an operation has no bearing on whether that operation amounts to a ‘use of force’”.

Rule 10 of the Tallinn Manual provides that:

“A cyber operation that constitutes a threat or use of force against the territorial integrity or political independence of any State, or that is in any other manner inconsistent with the purposes of the United Nations, is unlawful.”

Rule 11 of the Tallinn Manual lays out the legal test for which a cyberattack can be said to amount to a use of force within the meaning of the UN Charter:

“A cyber operation constitutes a use of force when its scale and effects are comparable to non-cyber operations rising to the level of a use of force.” [emphasis added]

The operational issues which may arise from the above factors will be discussed below. Adopting the views of the ICJ and the NATO commission experts in the Tallinn Manual, it is discernible that the use of cyberattacks can constitute a “use of armed force” as required under Article 8 bis paragraph 1 as a fundamental requirement in the crime of aggression.
(b) A non-exhaustive list of acts constituting aggression
The second reason why cyberattacks do fall within the purview of the crime of aggression is that the list of acts under Article 8 bis paragraph 2 was not meant to be exhaustive. This is supported by both a literal reading of the provision and the negotiating history of the 2010 Review Conference. In listing the acts which qualify as an act of aggression, Article 8 bis paragraph 2 refers to such acts as “any of the following acts”. The usage of the term “any” suggests that the list was not meant to be exhaustive; for otherwise, the drafters would have used the terms “only the following acts”. This position is reinforced by an understanding of the negotiating history, which reveals that the only reason why the list of acts was kept narrow was not due to the need for exclusivity, but to prevent an overly broad definition which would violate the principle of legality, a rule of retrospective liability. Seen in this light, the list of acts was meant as guidance for what constitutes an act of aggression, without foreclosing the infinite circumstances which could possibly arise.
Those in favour of construing the list of acts as exhaustive would likely mention the omission of Article 4 of Resolution 3314 when importing the definition into Article 8 bis. Article 4 of Resolution 3314 reads: “The acts enumerated above are not exhaustive and the Security Council may determine that other acts constitute aggression under the provisions of the Charter.” However, the reason for its omission was not due to the fact that the list was meant to be exhaustive; rather, it was because states party to the Rome Statute were not comfortable with leaving the definition of aggression to be determined at the discretion of the UN Security Council – an important body, no doubt, but one completely unrelated to the ICC. The lack of certainty associated with this was thought to violate the principle of legality.
Some might also argue that states’ rejection of Venezuela’s proposal in 2007 to expand the list of aggressive behaviour was an indication that the list was meant to be exhaustive. Venezuela proposed to add two acts to the list in Article 8 bis paragraph 2: financial and commercial restrictions, and more importantly,

“any other form of attack which, without involving the use of armed force, violates the … territorial integrity … of [a] State”.

But the reason this proposal was eventually rejected was not due to a strict view of aggression; again, it was due to the fear of being overly expansive – the terms “without involving the use of armed force” was considered by states to be too broad. In the end, Article 8 bis paragraph 2 must be understood as a balance between an overly generic definition which risks violating the principle of legality, and an overly specific definition which would render proscribing aggression practically redundant. This is supported by the 2008 Working Group Report, which states that “the right balance had been struck . . . by including a generic definition in the chapeau of paragraph 2, along with the non-exhaustive listing of acts of aggression.”
(c) Consistency with the principle of legality
The third and final reason why cyberattacks do fall within the purview of the crime of aggression is that the use of analogies to the list of acts, as partially alluded to earlier, is not only consistent with the legality principle, it is essential for Article 8 bis to have any practical meaning. It should first be noted that instances of cyber aggression are completely analogizable to the existing list of acts under Article 8 bis paragraph 2. For instance, a state who sends a worm to infect the military facilities of another state may be said to fall afoul of subparagraph (a) of Article 8 bis paragraph 2, which proscribes “an invasion … of the territory of another state, or any military occupation, however temporary, resulting from such invasion”. Occupation may be understood as the “occupation” of a worm in the computers of the adversary state. A state who conducts a DDoS attack against the critical infrastructure of another state, thereby causing a severe disruption of services such as communications to the external world (as in Georgia and Estonia), may fall within the situation in subparagraph (c), which prohibits a “blockade” by states. A state who knowingly allows its territory to be the location from which a cyberattack is launched to a third state may fall afoul of subparagraph (f), which prohibits a state from “allowing its territory … to be used … for perpetrating an act of aggression against a third State”. More plausibly, a state who conducts a DDoS attack against the military infrastructure of another state, thereby crippling its defence systems, may well fall afoul of subparagraph (d), which prohibits an “attack by the armed forces of a State on the land, sea or air forces … of another State”.
It is, however, the very analogizable nature of crimes, and of cyberattacks, that states have been wary of the fundamental maxim nullum crimen sine lege, codified by the principle of legality. As alluded to above, the inclusion of Article 22 of the Rome Statute was to limit an unwarranted expansion of the law beyond what was contemplated. In particular, paragraph 2 of Article 22 reads:

“The definition of a crime shall be strictly construed and shall not be extended by analogy. In case of ambiguity, the definition shall be interpreted in favour of the person being investigated, prosecuted or convicted.”

Some might argue that this principle must preclude any analogy for cyberattacks to the list of acts under Article 8 bis. But a proper understanding of Article 22 reveals that it constitutes no such bar. Article 22 operates to limit a “definition” of a crime. When a crime is not well defined, in that the acts which constitute elements of the crime are ambiguous, it cannot constitute “fair warning to the subjects of potential criminal sanction”. Consequently, the victim must not be held criminally liable. However, the strict construction of the elements of a crime does not “stand in the way of progressive judicial clarification of the contents of an offence”; analogies remain a “valid and indeed necessary tool with which to construe the definition of crimes within the Statute”. What is important is that the resultant judicial clarification or analogy employed must be “consistent with the essence of the offence and could reasonably be foreseen” by the perpetrator.
It should be remembered that the list of acts in Article 8 bis are not, in the first place, elements of the crime of aggression; rather, they are descriptions of the type of conduct which would constitute aggression. Reasoning by analogy to these descriptions does not fall afoul of the principle of non-retroactivity as the essence of the offence, for instance, launching cyber-attacks on critical military infrastructure, is preserved, and must surely be reasonably foreseeable by perpetrators. Moreover, the list of acts in Article 8 bis are non-exhaustive, which contemplates the inclusion of other acts not listed – the use of analogies to identify such acts must therefore be warranted by the very text of Article 8 bis.
2. Cyber-operations and war crimes
In contrast to the crime of aggression, the jurisprudence of war crimes had begun from as early as the Nuremberg Tribunals. From the prosecution of Nazi criminals after the second World War to the establishment of the ad hoc tribunals for Yugoslavia and Rwanda by the Security Council resolutions of 1993 and 1994, by the time the Rome Statute was enacted, the body of law on war crimes was well established. War crimes, as its name suggests, bears reference to the laws of armed conflict, which is also, in more recent times, referred to as international humanitarian law.
A war crime is characterised by three main elements: first, a proscribed act; secondly, an international or non-international armed conflict; and thirdly, a nexus between the proscribed act and the armed conflict. Other special requirements include the need for a war crime to be “committed as part of a plan or policy or as part of a large-scale commission of such crimes”. In the context of cyberattacks, the question arises as to whether such attacks can constitute a proscribed act. Article 8 of the Rome Statute, which defines various types of war crimes, ranging from “grave breaches of the Geneva Conventions” including “wilful killing” and “torture or inhuman treatment”, to “other serious violations of the laws and customs applicable in international armed conflict, within the established framework of international law”.
In particular, Article 8(2)(b)(i) of the Rome Statute prohibits:

“Intentionally directing attacks against the civilian population as such or against individual civilians not taking direct part in hostilities”

Article 8(2)(b)(ii) of the Rome Statute also prohibits:

“Intentionally directing attacks against civilian objects, that is, objects which are not military objectives”

The question which arises is whether “attacks” under the above provisions can be understood as including cyberattacks. This must be answered in the affirmative, for two reasons. First, the reference to “attack” in Article 8(2) must be understood to include cyberattacks during a period of armed conflict. Secondly, interpreting “attack” as including cyberattacks is consistent with the principle of legality. These reasons will be explored in turn.
(a) Cyber-operations and armed attacks under the law of armed conflict
The term “attack” under Article 8(2) of the Rome Statute is not defined in the Rome Statute nor the Elements of Crime. It is, however, defined by the Additional Protocol I of the Geneva Convention, which the ICC should make reference as Article 8(2) of the Rome Statute makes explicit reference to “other serious violations of the laws and customs applicable in international armed conflict”. Article 49(1) of the Additional Protocol I of the Geneva Convention defines “attacks” as “acts of violence against the adversary, whether in offence or in defence”. “Acts of violence”, plainly interpreted, is not very helpful as it leads to two contrasting interpretations. On the one hand, it can be understood as the employment of violent means to achieve an end against the adversary. On the other hand, it can be read as the employment of any means to achieve a violent consequence against the adversary. A strict textualist approach does not, therefore, resolve the question.
Where the text is ambiguous, customary rules of treaty interpretation embodied in the Vienna Convention on the Law of Treaties mandates that a contextual interpretation, one which

...(download the rest of the essay above)

About this essay:

If you use part of this page in your own work, you need to provide a citation, as follows:

Essay Sauce, Cyber-operations can and should fall within the purview of international criminal law under the Rome Statute. Available from:<https://www.essaysauce.com/law-essays/cyber-operations-can-and-should-fall-within-the-purview-of-international-criminal-law-under-the-rome-statute/> [Accessed 29-03-24].

These Law essays have been submitted to us by students in order to help you with your studies.

* This essay may have been previously published on Essay.uk.com at an earlier date.