Cybersecurity in Germany by Martin Schallbruch & Isabel Skierka

Author:Martin Schallbruch & Isabel Skierka
Language: eng
Format: epub
ISBN: 9783319900148
Publisher: Springer International Publishing

4.2 The German Military’s Role in the Cyber Realm

The German Bundeswehr is a defence army and a parliamentary army. Its fields of operation are very limited by the German constitution. Also, deployments require the explicit approval of the German Bundestag. The main purpose of the Bundeswehr is to defend Germany against armed attacks from outside. Beyond defence, the military may only be deployed in narrowly defined cases, which are expressly regulated by the constitution (“Verfassungsrechtliche Regeln für Cyberoperationen der Bundeswehr 2017). The German constitution makes a differentiation between the Bundeswehr’s intervention below the threshold of deployment and explicit deployments approved by parliament. Below the threshold, the German Armed Forces can, for example, take measures to secure themselves in the cyber sector. They are, however, limited because they do not allow any interference with the legal rights of third parties, i.e. no access to computer systems outside the German armed forces’ networks. Cases of cyber defence, in which the German Armed Forces provide assistance to other authorities within the framework of their powers (so-called administrative assistance), are not regarded as deployments. The Bundeswehr could, for example, support the BSI or the police forces in cyber defence activities on a selective and individual basis. However, administrative assistance is not sufficient as a legal basis for lasting institutionalised cooperation in which the military itself takes over cyber defence measures (Marxsen 2017, p. 546).

Cyber defence operations carried out under its own responsibility and affecting third parties must, in any case, be characterised as a deployment of the German Federal Armed Forces. It needs a legal basis for this. For domestic missions, only the competence of the German Armed Forces for defence is applicable. A prerequisite for this is an armed attack on the federal territory. It must be essentially the same as a military attack, both regarding its effects and its originator, a foreign state. Other cyber attacks fall within the competence of internal security authorities (Marxsen 2017, p. 548). Besides, the Bundeswehr would always need parliamentary approval for cyber defence missions. No problem at all is the execution of cyber operations within the framework of foreign missions of the German Federal Armed Forces, for which a mandate of the UN, NATO, or EU exists and which the Bundestag has approved. In this context, not only conventional weapons may be used, but cyber operations may be carried out as well.

The legal framework for the deployment of the German Federal Armed Forces in cyber defence is thus considerably restricted. The Bundeswehr will only be able to fend off cyber attacks in Germany if it can record a clearly belligerent cyber operation and obtain the approval of the Bundestag. Accordingly, the Bundeswehr has set up only tiny forces for Cyber Network Operations (CNO). They have never been deployed a single time, at least until 2015 (Bundesministerium der Verteidigung et al. 2015, p. 3). At the same time, however, the cyber domain has developed internationally as a central field of action for the military, without the threshold of armed attacks being typically surpassed.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.