I. Introduction

At any given time, millions upon millions of people connect to each other via cyberspace.1 While a convenient method for grandparents to view pictures of their grandchildren, the Internet is also an exceedingly effective vehicle by which to attack a state, a company, or an individual. These attacks occur with frightening frequency, over 1,000 per hour in Great Britain alone2; and Britain recognizes the severity of the cyber threat.3 In the first four days of the November 2012 fighting between Israel and Gaza militants, over 44 million attacks on Israeli websites4 and an estimated 100 million total attacks occurred.5 Cyber- attacks cost Australia "an average of $2 million per incident" and exceed a billion dollars per year.6 Successful attacks also occur against international bodies, such as the International Atomic Energy Agency.7 These cyber attacks seek not only military targets, but also industrial espionage.8

Despite the frequency and increasing severity of cyber attacks,9 many governments and industries around the world, to include the United States, are either seemingly helpless against the cyber onslaught,10 too dysfunctional11 to create a useful offensive or defensive cyber scheme,12 or are "highly immature with limited vision and strategic foresight."13 Some foreign jurisdictions, our allies14 in the fight against cyber-attacks, fail to stem the tide of these attacks and now punish the cyber victims.15

This article explores the improbable, if not politically impossible, application of the letter of marque concept to the cyber arena. Despite the likely political stigma such a proposition would have in today's Congress, letters of marque are nevertheless a constitutional and valid tool to execute cyber operations, and thus worthy of discussion.

Proposed defenses to cyber attacks are becoming increasingly complex and bizarre.16 However, one historically effective and constitutional17 method of conducting both offensive and defensive operations has yet to be applied in a cyber context: the letter of marque.

This is a method of cyber self-help in which,

[i]n the context of privately conducted cyber attacks, letters or licensing could be used to specify the circumstances under which threat neutralization may be performed for the defense of property, the criteria needed to identify the attacking party with sufficiently high confidence, the evidence needed to make the determination that any given cyber attack posed a...