Author granted license

Creative Commons Attribution-NonCommerical-ShareAlike 4.0 International

Document Type


Publication Date





American Society of International Law




Tallinn 2.0 grapples with the application of general international law principles through various hypothetical fact patterns addressed by its experts. In doing so, its commentary sections provide a nonbinding framework for thinking about sovereignty, raising important considerations for states as they begin to articulate norms to resolve the question of precisely what kinds of nonconsensual cyber activities violate well-established international laws — a question that will likely be the focus of international lawyers in this area for some time to come.

This essay focuses on one area of state practice where states are already dealing with these issues: the use of hacking techniques by law enforcement agencies to collect evidence stored on foreign-located computers whose location is unknown at the time of the search. It shows how the resulting cross-border cyber-exfiltration operations are in tension with international legal norms, and face a greater risk of public exposure than those conducted by military or intelligence agencies. It then argues that, for the United States, these potential drawbacks may present an opportunity, by providing a specific context for the articulation of norms in cyberspace.


Portions of this essay are drawn from Ahmed Ghappour, Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web, 69 STAN. L. REV. 1075 (2017).

Find on SSRN



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.