North Korea and the knowledge problem

Epistemology – n. That branch of philosophy concerned with the origin, nature, and limits of human knowledge.

We are entering a strange new legal universe, a new international legal order of some kind, here in the second decade of the third millennium—please make sure that your seat belts are securely fastened and that your tray tables are in the upright and locked position. Two North Korea-related stories give us a glimpse into what that universe will look like, and the problems we are going to face navigating within it. One, obviously, is the Great Sony Hack Episode—and I'll get to that in a minute. The other, which has gotten less attention [though Jon Adler did have a pointer to it here on the VC last week], is the DC Circuit's decision to enter a default judgment against the government of North Korea in Kim v Democratic Republic of North Korea. Though the two episodes are entirely unrelated (except for the identity of the alleged wrongdoer in both cases), they make an interesting linked pair.

First, the Kim case. Reverend Dong Shik Kim is (or was—it is not clear whether he is still alive) a South Korean citizen, and a permanent resident of the U.S. He was living for many years in northeastern China, and was a well-known and vocal opponent of the North Korean regime. From his base in China, he "provided humanitarian and religious services to North Korean defectors and refugees who fled to China seeking asylum." In 2000, he was abducted and taken to North Korea for interrogation and imprisonment.

Several of Kim's relatives sued the government of North Korea in federal court, asserting (a) that the government of North Korea was responsible for Kim's abduction, (b) that Kim was tortured during interrogation and killed while in custody in a North Korean prison. That they can bring this claim at all—suing a foreign government, in federal court, seeking a damage award against it for conduct undertaken by that foreign government wholly outside the borders of the United States—is itself a noteworthy feature of the new legal landscape. Ordinarily, foreign governments are immune from suit—"sovereign immunity"—in US courtrooms; in US law, this is embodied in the Foreign Sovereign Immunities Act (FSIA—28 USC 1604), which strips the federal courts of jurisdiction to entertain claims against foreign States. That general rule is subject, though, to exceptions, one of which is the recently-enacted "terrorism exception" in 28 USC 1605A. That gives the courts jurisdiction in cases

". . . in which money damages are sought against a foreign state for personal injury or death that was caused by an act of torture [or] extrajudicial killing [as defined elsewhere, in the Torture Victims Protection Act] . . . if such act . . . is engaged in by an official, employee, or agent of such foreign state while acting within the scope of his or her office, employment, or agency."

And not only does it give the federal courts jurisdiction to hear such claims, it sets out a new cause of action: if the foreign government in question has been designated a "state sponsor of terrorism," US nationals (or members of the US armed forces, or US government employees) may seek and obtain damages for personal injury or death caused by such "acts of torture" or "extrajudicial killings."

It's a rather extraordinary little piece of the US Code. The immunity of fellow-sovereigns from legal claims arising out of their conduct is a pretty venerable concept—indeed, it may be implicit in the very notion of "sovereignty" itself. The US government often objects to the notion that its actions (as sovereign) can be subject to examination and punishment in a foreign forum—and yet that is what the "terrorism exception" is all about (at least as regards this narrow slice of sovereign conduct that we deem to be particularly heinous).

So Reverend Kim's US relatives bring suit under this provision. The government of North Korea does not respond to the suit, so the Kims ask the district court for the entry of a default judgment against it.

[Note to law students: if you're looking for a paper topic, how about: Can a foreign government assert that the entry of a judgment against it under the FSIA is unconstitutional on the grounds that the court lacks personal jurisdiction over it?]

The statute, anticipating that this might happen (i.e., that governments designated as state sponsors of terrorism will not show up to defend themselves in a US courtroom), includes a special provision regarding the entry of default judgments:

No judgment by default shall be entered . . . unless the claimant establishes his claim or right to relief by evidence satisfactory to the court." 28 U.S.C. § 1608(e).

It's a kind of special privilege accorded to the foreign government, a sign of sovereign-to-sovereign respect; even though the foreign government-defendant hasn't even shown up, the court will not enter a default judgment against it (as it would, in the ordinary case of a defaulting defendant) without undertaking an examination of the evidence that plaintiff has to back up his claim, and satisfying itself that the plaintiffs' evidence is sufficient to back up their allegations and to satisfy their "burden of production." The Kims' problem is that they don't have a great deal of evidence to back up their allegations—a classic Catch-22, of course, because, as the court put it, it is "the defendant State itself [that] prevents any evidence from leaving its borders." They don't "know" exactly what happened to Rev. Kim in North Korea, or even whether he is dead or alive; their evidence consists largely of persons

"who claim to have heard second- or third-hand that the Reverend died as a result of torture soon after he disappeared. But no one-not the Kims, not the witnesses who submitted declarations on their behalf, and not the district court-knows for certain what happened."

The district court—not unreasonably—declared that this was not enough; how can we enter a judgment against a foreign State for torturing and killing Rev. Kim when nobody can establish whether he was ever actually tortured or killed? The appeals court—also, not unreasonably—reversed.

'[P]laintiffs like the Kims will find it difficult to prove what happened behind the walls of a North Korean labor camp because the government has made all but certain that that evidence does not exist.

But the Kims did have evidence, first, that the North Korean government itself abducted Rev. Kim—"compelling, admissible evidence" in the form of a South Korean criminal proceeding, in which a North Korean government agent was found guilty of the abduction. They also had evidence (in the form of expert testimony and individual declarations) that the North Korean government "routinely tortures and kills the people it abducts." This, the court declared, was sufficient—at least for purposes of evaluating whether plaintiffs have satisfied their burden of production—to show that "the defendant probably tortured and killed the victim." That South Korean criminal case turned out to be critical to the court's reasoning:

Our conclusion would no doubt differ if we lacked confirmed evidence that the DPRK was involved in Reverend Kim's disappearance. In that case, finding that the regime tortured and killed him would arguably require too many logical leaps. But that is not this case. Here, the Kims' evidence that the regime abducted the Reverend, that it invariably tortures and kills prisoners like him, and that it uses terror and intimidation to prevent witnesses from testifying allows us to reach the logical conclusion that the regime tortured and killed the Reverend. In other words, the Kims' evidence is "satisfactory to the court."

Epistemologically, at least, this strikes me as a pretty close question. Knowing that North Korea abducted Rev. Kim, and that it "routinely tortures and kills the people it abducts," certainly makes it more likely that Kim himself was tortured and killed. But in ordinary conversation, I'm not sure I would be comfortable saying that we "know," from these facts, what happened in this specific instance, to Rev. Kim. But it is, after all, only a default judgment—and the "knowledge" standard is lower than it otherwise might be in a different context:

If the DPRK is unhappy with that outcome and has evidence that it has not tortured and killed Reverend Kim, it, like any defendant in default, may ask the district court to vacate that judgment under Federal Rule of Civil Procedure 60(b).

The same question—what happened,, and how do we know what happened?—is, it seems to me, a fundamental part of the Sony Hack discussion as well. Was it, as claimed, an action directed by the North Korean government, or not? That matters, and it matters a great deal. If a group of, say, rogue Sony employees was behind the hack, that is still a serious matter (for Sony) but it presents a very different question of public policy. There's a strong public interest, to be sure, in protecting private corporate property from damage; but a break-in at Sony headquarters by a band of rogue employees involves a very different interest than a break-in at Sony headquarters by a band of North Korean agents. This, of course, is what many people refer to as the "attribution problem"—how can we know who did what on the Net? How certain can we be that specific messages, or destructive code, originated in a specific place? What kinds of evidence increases, or decreases, our uncertainty about that? These questions, too, are going to be a prominent feature of the new landscape. The US government thus far has said: we are convinced, on the basis of the data we have, that the North Korean government is responsible. Here's the FBI statement:

As a result of our investigation, and in close collaboration with other U.S. government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:

Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.

The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.

Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea. We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there. . . .

[T]he destructive nature of this attack, coupled with its coercive nature, sets it apart. North Korea's actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior. The FBI takes seriously any attempt-whether through cyber-enabled means, threats of violence, or otherwise-to undermine the economic and social prosperity of our citizens.

That's not good enough—just knowing that the FBI is convinced does not convince me, and until they've released enough of the data so that people who know more about this sort of thing than I do outside of and independent of the government can look it over and give us all a sense of just how strong it is, I don't think I will be convinced.

But does it even matter whether or not "we" are convinced? Well, the US government has—again, "apparently"—taken retaliatory action against North Korea, in the form of temporarily disabling the IP Address blocks assigned to the North Koreans. That's a rather serious matter—whether or not it is technically an "act of war" under international law (which turns out to be a knotty and difficult question), it's a serious interference with another State's internal infrastructure, and I would think that before my government undertook such a step it would let us all know the basis upon which it is acting—not just declaring that it has a basis for acting, but explaining what it is.

But wait—maybe this all just "espionage" and "counter-espionage"? The sort of thing that "goes on all the time," necessarily out of public view? And how can we tell, these days?