This article explores the problems of tackling cyber terrorism in US courts, as the difficulties of cross-border cases and sovereign defendants bring new challenges when seeking justice for terrorist acts. Following several high profile cases over the last two decades, Charles H. Camp and Theresa Bowman explain how the legal definition of “terrorism” is becoming out-dated as terrorism becomes technological.
Acts of cyber crime and acts of terrorism both share the distinction of offering unique challenges to domestic courts hoping to protect the rights of victims no matter where the perpetrator is located. Hackers and terrorists alike may wreck substantial havoc remotely from anywhere in the world, often with the aid or urging of a foreign government. The prosecution of foreign governments for cross-border torts under US law is evolving to meet the conceptual challenges posed by modern international crime.
In the United States, lawsuits against foreign sovereigns must satisfy one or more exceptions to the general rule that a foreign sovereign is immune from suit. The Foreign Sovereign Immunities Act (“FSIA”) is the exclusive jurisdictional tool by which US plaintiffs may bring a lawsuit against a foreign sovereign government. Lawsuits against foreign governments for their involvement in acts of terrorism, and cyber crime must pass through the FSIA by satisfying at least one of several exceptions to the rule that foreign sovereigns are immune from suit.
When the FSIA was enacted in 1976, a modern understanding of “terrorism” was still young. For decades, terrorism had been understood largely within the revolutionary context of post-colonial movements, prompting the now widely rejected dictum that “one’s man’s terrorist is another man’s freedom fighter.”1 It was not until 1996 that Congress amended the FSIA to include an exception for acts of terrorism. That exception, however, applies only to countries designated as “state sponsors of terrorism at the time” of the act.2 As of this writing, only three countries are included on the list.[ms-protect-content id=”5662″]
Where the claim is against a foreign government or government entity that is not a listed sponsor of terrorism, plaintiffs with claims arising out of terrorist acts instead often frequently look to the non-commercial tort exception.
The text of the tort exception (28 USC. 1605(a)(5)) includes a few important limitations on the kind of tort claims US courts may hear against foreign sovereigns. 1605(a)(5) applies to 1) claims for “money damages” for 2) “personal injury or death, or damages to or loss of property” 3) “occurring in the United States” and 4) “caused by the tortious act or omission of that foreign state.”
Notably absent from 1605(a)(5) is any express limitation on the type of tort for which state immunity can be abrogated. Interestingly, when Congress crafted the tort exception, it cited the “problem of traffic accidents” as a major type of tortious activity implicating 1605(a)(5).3
Congress’s conception of cross-border torts may have been very narrow by modern standards, but the drafting of 1605(a)(5) was deliberately broad. Congress purposefully “cast [the tort exception] in general terms” so that it could restrict immunity for “all tort actions for money damages”.4 Because of this, 1605(a)(5) provides an exception to immunity for a tort based upon an act of terror or a cyber attack in the same way that it would for a tort based upon a fender bender.
One modern challenge to the application of 1605(a)(5) to international torts is the question of how exactly to categorise the injury caused by hacking, wiretapping, and other invasions of privacy.
1605(a)(5) provides an exception for claims for “personal injury or death, or damages to or loss of property”. The remote installation of software that destroys or damages computers or information networks surely constitutes “damage to… property”, but what about the installation of software for surveillance purposes? How should courts treat other unauthorised surveillance tactics by foreign sovereigns such as wiretapping?
Recent scholarship suggests convincing answers to these questions, urging that wiretapping and other electronic surveillance intrusions are “invasions of privacy” which constitute a “personal injury” under 1605(a)(5).5 There is already some judicial support for this approach in the United States. In different, albeit similar, contexts, several federal US courts have already observed that a violation of privacy is a personal injury as “an injury to feelings”.6
Another modern challenge in applying 1605(a)(5) to international cross-border torts as 1605(a)(5)’s territoriality or “occurring in the United States” limitation.
What happens, for example, when the tort, by its nature, is more often than not initiated and even carried out from a remote international location? The installation of software on a hard drive may take place wholly within the United States, may cause damage to a computer or information network wholly within the United States, and yet the perpetrators never step foot within the United States. This is the reality and the challenge of modern cyber crime.
So far, US courts have largely treated cyber torts as occurring within the United States, although not expressly for the purposes of the 1605(a)(5). In the leading case on this issue, United States v. Ivanov, the defendant argued that because he was physically in Russia at the time he allegedly hacked computers located in the US, he could not be charged with violations of US law.7 The federal trial court rejected this argument, finding that the offences the defendant allegedly committed “by means of a complex process initiated and controlled form a remote location” nonetheless “occurred within the United States.”8 Only one court has declined to follow Ivanov, only to be subsequently reversed on that issue.9
Similarly, modern acts of international terrorism are nearly always cross-border affairs. Because terrorism is a subset of extra-state warfare frequently carried out on the ground level by non-state actors,10 terrorist acts are frequently the result of proximate acts of planning and conspiracy taking place in a territory other than that of the intended victim.
Many US courts have responded by retracting immunity for sovereigns who took part in those conspiracies. In the case of Letelier v. Republic of Chile, Courts applied the tort exception even though the tortious acts within the United States were carried out following a series of directly related events overseas. A car bomb exploded in Washington D.C., but was planted “purportedly at the direction and with the aid of… the Republic of Chile.”11 Despite the overseas planning precipitating the execution of the tort within the US, the Court still applied 1605(a)(5). Likewise, in Liu v. Republic of China, 892 F.2d 1419 (9th Cir. 1989), the Court applied 1605(a)(5) to an assassination carried out by two gunmen in California following a conspiracy hatched and developed overseas.
In Doe v. Bin Laden, Plaintiffs named Afghanistan as a defendant for its alleged participation in a conspiracy to plan and carry out the terrorist attacks of September 11, 2011. A federal US court of appeal, the Second Circuit Court of Appeals, presumed, without comment, that it was possible for claims to proceed against Afghanistan under 1605(a)(5) for alleged acts of conspiracy in Afghanistan related to terrorist acts in the United States.
Despite the long history of cases recognising overseas planning and conspiracy activity as a part of a tort taking cognisance under 1605(a)(5), the Second Circuit Court of Appeals has recently dismissed claims against Saudi Arabia for lack of jurisdiction under 1605(a)(5) because the alleged conspiracy and provision of financial aid to September 11, 2001 perpetrators by the sovereign defendants was undertaken outside of the United States.12 In that case, the Court drew a distinction between the tort of the September 11, 2001 attacks which occurred within the United States and the tort of “funnelling money” and “giving money and aid to purported charities that support al Qaeda” as occurring outside of the United States.13 The court did not comment upon whether it would have decided the issue differently had the financial aid been connected more directly with perpetrators of the tort occurring within the United States. It remains to be seen whether the Second Circuit’s decision opens the door to continued arguments that mere “funding” of cross-border torts is purely extraterritorial activity.
As US courts continue to keep pace with new types of tortious activity which require a re-examination of traditional notions of territoriality and injury, several policy considerations will likely continue to resurface.14
One such policy consideration is whether preserving immunity in cases where foreign governments would otherwise be directly regulated by agreed-upon treaty limitations subverts the power of diplomatic practice and international law.
Immunity provisions like the FSIA are vital to the protection of the rights and sovereignty of foreign nations in domestic courts, as well as the promotion of principles of comity and fairness. And yet, the FSIA, and immunity provisions like it, serve an additional purpose of working in tandem with domestic and international laws to protect the rights of individual domestic litigants from state actors who may otherwise feel diminished pressure to pursue their objections across international borders with impunity.
In the case of cyber crimes and unauthorised surveillance, there already exists a multitude of treaties setting out the legal channels by which a sovereign state’s law enforcement and intelligence agencies may utilise resources located with another territory. Such treaties involve fully negotiated and agreed upon procedures for the oversight of cross-border investigations.
In the case of directing or supporting non-state actors to carry out acts of international violence, sovereign states arguably run afoul of Article 2(4) of the U.N. Charter, which broadly prohibits the use of force in international relations.
A second policy consideration will continue to be whether allowing states to retain immunity for cross-border torts would “encourage foreign states to allege that some tortious conduct occurred outside the United States. The foreign state would thus be able to establish immunity and diminish the rights of injured persons seeking recovery. Such a result contradicts the purpose of the FSIA, which is to ‘serve the interests of justice and… protect the rights of both foreign states and litigants in United States courts.’”15
Balancing these policy considerations with respect for foreign sovereign immunity may indeed serve to steer US courts in their treatment of cross-border torts. In turn, given the significant sums attached to many US plaintiffs’ tort claims, the threat of increased US litigation may likewise steer state practice.
About the Authors
Charles H. Camp teaches international negotiations at George Washington University Law School and is an international lawyer based in Washington, D.C. with thirty years experience representing foreign and domestic clients in international litigation, arbitration, negotiation, and international debt recovery. After practicing at large, international law firms for twenty years, Mr. Camp opened the Law Offices of Charles H. Camp, P.C. in 2001 to focus exclusively on effective, personalised representation in complex, international matters.
Theresa Bowman is senior associate at the Law Offices of Charles H. Camp, P.C., practicing in the areas of international commercial disputes and arbitration. Before her current post, Ms. Bowman, a graduate of the George Washington University Law School and President of the Student Bar Association, completed a post-graduate fellowship as a judicial law clerk for the Honourable Reggie B. Walton, District Court Judge for the District of Columbia.
1. For a fuller discussion of the United Nation’s rejection of the claim that political ends may in some cases justify terrorist means, see Slaughter, Anne-Marie, Note and Comment: Security, Solidarity, and Sovereignty: The Grand Themes Of UN Reform, 99 A.J.I.L. 619 (July 2005).
2. See 28 US Code § 1605(A)(a)(2)(A)(i)(I).
3. H.R. Rep. No. 94-1487, at 20-21 (1976), reprinted in, 1976 U.S.USC.C.A.N. 6604, 6619
4. H.R. Rep. No. 94-1487, at 20-21 (1976), reprinted in, 1976 U.S.USC.C.A.N. 6604, 6619.
5. Scott A. Gilmore, Suing The Surveillance States: The (Cyber) Tort Exception To The Foreign Sovereign Immunities Act, 46 Colum. Human Rights L. Rev. 227) at *258.
6. 46 Colum. Human Rights L. Rev. at *263 citing Bernstein v. Nat’l Broad. Co., 129 F. Supp. 817, 825 (D.D.C. 1955), Pearce v. E.F. Hutton Grp., Inc., 644 F. Supp. 1490, 1499 (D.D.C. 1987).
7. 175 F. Supp. 2d 367, 368 (D. Conn. 2001).
8. 175 F. Supp. 2d at 371.
9. MacDermid, Inc. v. Deiter, 2011 US Dist. LEXIS 137338 (D. Conn. 2011), rev’d 702 F.3d 725 (2012).
10. Meredith Reid Sarkees & Frank Whelon Wayman, Resort to War: A Data Guide To Inter-State, Extra-State, Intra-State and Non-State Wars, 1816-2007 333 (CQ Press, 2010) at notes 3, 333, 336.
11. 488 F. Supp. 665, 665-666.
12. See O’Neil v. Saudi Joint Relief Comm. (In Re Terrorist Attacks on September 11, 2011), 714 F. 3d 109 (2d Cir. 2013); In Re Terrorist Attacks on September 11, 2011, Opinion 03-MDL-1570 (GBD), 2015 US Dist. LEXIS 133289 (S.D.N.Y. 2015).
13. In Re Terrorist Attacks on September 11, 2011, Opinion 03-MDL-1570 (GBD) at 713 citing 714 F. 3d at 117 n.10.
14. Olsen v. Government of Mexico, 729 F.2d 641, 646 (9th Cir. 1984).