In recent years, legislative bodies such as the U.S. Congress and the U.K. Parliament have struggled to maintain a role for themselves in government decisions to conduct military operations against foreign adversaries. Some of these challenges arise from constitutional structures, but they are also due to the changing nature of conflict: a shift away from large-scale kinetic operations and toward smaller-scale operations—including cyber operations—that are less visible and that do not require robust legislative support. These modern operations leave legislatures to engage in ex post and sometimes ineffective efforts to hold their executive branches accountable for international uses of force and related military operations.
Because the use of increasingly autonomous cyber systems may draw States into hostilities without advance notice, these capabilities have the potential to further alter the existing relationships between executive branches and legislatures in making use of force decisions. Further, a State’s capacity to conduct autonomous cyber operations may alter the dynamics among different actors within executive branches themselves—by, for instance, diverting opportunities for deliberative input and oversight away from foreign, intelligence, and justice ministry officials and toward defense officials in the lead-up to conflict.
This article explores how the use of increasingly autonomous cyber capabilities may alter the current state of legislative oversight and internal executive decision making about sensitive cyber operations; illustrates how these changes may impact international peace and security; and identifies ways in which States may prevent a further loss of democratic accountability for significant cyber-related operations.