The International Committee of the Red Cross (ICRC) has taken a new step to regulate the activities of civilian hackers in conflict zones. To address the rise in the involvement of civilian hackers in inter-state conflicts, the ICRC has come up with eight directives to ensure that these hackers don’t end up harming non-combatants.

According to a blog post published by the European Journal of International Law, the ICRC has warned that civilian hackers risk causing collateral damage by targeting “civilian objects” such as hospitals, pharmacies, railway networks, and government services. The line between civilian noncombatant and combatant has similarly become increasingly blurry. These directives are an effort to apply traditionally martial legal concepts to civilian actors.

The ICRC has laid out some ground rules for civilian hacker groups, which include directives such as avoiding cyber-attacks against civilian objects, not using malware that can indiscriminately damage military objectives and civilian objects, and not conducting any cyber operations against medical and humanitarian facilities. Some prominent hacktivist groups, such as the Russian-affiliated Kilmick and the Ukrainian IT Army, have reportedly pledged to abide by these directives.

It remains to be seen just how effective these directives will be in practice. Nonetheless, this is a step in the right direction towards ensuring that everyone, even in times of conflict, will be held accountable for their actions.