Maritime Cyber Risk and Legal Protection
Denizcilikte Siber Risk ve Hukuki Koruma
Halil Emre GÜRLER
Advancement of technology brought the concept of cyber risk in maritime domain. Thus, cyber peril has been articulated to known conventional perils of the sea. The precautionary measures and safeguarding actions against cyber risks have considerably increased, especially after extensively influential cyber-attacks took place dating from 2017. Since then, it has been under discussion how to provide effective and satisfactory legal protection against cyber risks, besides technical progress, in the studies carried out under the guidance of International Maritime Organization within the body of United Nations. As a matter of fact, inconvenience in identifying cyber-attackers also brings difficulties regarding liability and indemnification. Within this context, it is essential to assure the cyber risk within insurance coverage. However, the variety of cyber risks, their large scale and devastating impacts cause cautious approach to the subject-matter by the insurance providers in the business sector. Therefore, providing legal protection against cyber risks at sea and providing an insurance coverage to the cyber risks are significant issues that need to be worked on. Hence, considering that more than 85% of international commercial activities are carried out by sea, evaluating the importance of maritime cyber risk is indispensable. Within this framework, examination of maritime cyber risks and legal protection mechanisms are reviewed in this piece of work.
Maritime Law, Cyber Risk, Legal Protection, Insurance, Merchant Shipping.
Teknolojinin ilerlemesi ile denizcilikte siber risk kavramı ortaya çıkmıştır. Böylelikle denizdeki bilinen alışılagelmiş tehlikelere siber tehlikeler de eklemlenmiştir. Özellikle 2017 yılından sonra gerçekleşen geniş çapta etkili siber saldırılardan sonra siber risklere karşı alınan önlemler ve koruyucu çalışmalar önemli ölçüde artmaya başlamıştır. Birleşmiş Milletler bünyesindeki Uluslararası Denizcilik Örgütü öncülüğünde sürdürülen çalışmalarda teknik alandaki ilerlemelerin yanı sıra etkili ve tatmin edici hukuki korumanın nasıl sağlanacağı tartışılmaktadır. Nitekim, siber saldırganların belirlenmesindeki güçlük zarar sorumluluğuna ve tazmine ilişkin güçlükleri de beraberinde getirmektedir. Bu anlamda siber riskin sigorta teminatı ile güvence altına alınması elzemdir. Ancak, siber riskin çeşitlenebilirliği, etkisinin geniş çaplı ve yıkıcı olarak ortaya çıkabilmesi sigorta sektörünün konuya ihtiyatlı yaklaşmasına yol açmaktadır. Bu sebeple denizde siber risklere karşı hukuki koruma sağlanması ve siber risklerin sigortalanması üzerinde çalışılması gereken önemli konulardır. Nitekim, uluslararası ticaretin %85’ten fazlasının deniz yoluyla gerçekleştirildiği göz önünde bulundurulduğunda denizde siber riskin değerlendirilmesi elzemdir. Bu çerçevede çalışmamızda denizde siber riskler ve siber risklere karşı hukuki koruma mekanizmaları incelenmektedir.
Deniz Hukuku, Siber Risk, Hukuki Koruma, Sigorta, Deniz Ticareti.
I. INTRODUCTION
Since the beginning of maritime activities through conventional sea-going vessels, maritime sector utilizes technological developments. Developments in technology also bring risks. Marine activities are used for military purpose for security reasons, research, exploration, exploitation, sustainability, recreation, economic utilization, trade and transport.
Today, more than 85% of commercial transportation activities are carried out by sea1 ; maritime boundaries are protected by navy and coastal safety units; research, exploration and exploitation activities are carried out by sea platforms and vessels and finally sea vessels, structures at sea and ports are mutually dependent on each other. With the technological advancements, cyber threats have also articulated to the marine perils.
Most of the sea-going vessels, navigable structures, stable sea/ocean platforms, sea units, ports and their back-end structures are partially or completely computer based. Today, cyber threats have already affected the maritime activities running through conventional vessels; in fact cyber risk has a higher potential to affect autonomous vessels which are expected to be widely used in the near future. However, all electronic based systems and all kinds of maritime sector actors are potential targets of cyber risks.
Due to the continuous development of information technologies in maritime field, the diversification of cyber threats and the uncertainty of their consequences and impacts, existing legal protection mechanisms which are as significant as technical infrastructure need to be developed in order to protect interests.
From this point of view, in the first section, the concept of cyber risk in maritime field, its characteristics, impact and results are tried to be explained. In the second section, existing legal protections both public law and private law aspect against cyber risks are presented and discussed in the light of current developments by using qualitative method in the paper.
II. THE CONCEPT OF “CYBER RISK”
International Maritime Organization (IMO)2 defined maritime cyber risk as,
