Workshop on Space Law and Emerging Cybersecurity Challenges

Photo courtesy by freepik.com

A Seton Hall Law workshop explores risks to digital infrastructure across Earth and outer space, from satellites to emerging data governance issues. 

---

 
With NASA’s historic Artemis II mission to the moon concluding earlier this month, and amid recent scientific developments in scientific, commercial, and military space activities, researchers converged at Seton Hall University School of Law to share their work on securing computer resources, in both Earth-based networks and those in Earth’s orbit, on the moon and beyond.  

The Gibbons Institute of Law, Science & Technology at the school hosted the Workshop on Cybersecurity on Earth and in Space on April 16, 2026, as an open forum for scholars to present their research in this field and to receive peer feedback. Led by Dr. David W. Opderbeck, professor of law and co-director of the Gibbons Institute and the Institute for Privacy Protection at Seton Hall Law, and Dr. Matthew Hersch, fellow and adjunct professor of law with the Gibbons Institute, the workshop reflected what organizers described as a growing concern:  “while digital space systems are becoming more complex, integral and connected, they are simultaneously becoming more vulnerable. Protecting both Earth-based and space-based assets is critical. The research authors did a phenomenal job of examining the threats, jurisdictional concerns, and legal governance issues that are essential to maintaining security as humans continue to expand their footprint beyond Earth.”    

The day started with an examination of cybersecurity incidents in space by Dr. Josephine Wolff, professor of cybersecurity policy, associate dean for research, and director of the Hitachi Center for Technology and International Affairs at the Fletcher School of Law and Diplomacy at Tufts University. The research paper she presented is a joint work with Wendy Whitman Cobb at the School of Advanced Air and Space Studies and focuses on the disparity between the threat of cyberattacks on satellites, ground stations and supporting networks —and the limited public reporting of such incidents. Her work examines whether the lack of documentation reflects a true absence of incidents or structural, political or organizational barriers to disclosure.  “This research aim,” Wolff explained, “is to refine prevailing narratives about cyber risk in space.”  
  
Tolulope J. Falokun, assistant professor of law at the University of Detroit Mercy School of Law examined, jurisdiction over space-based cyber incidents. Commercial activity in outer space, she contends, directly impacts the question of jurisdiction in space law. “Satellite mega-constellations, orbital data platforms and space-based communication systems now support global digital services, which means that cyber incidents affecting them can create legal harm in multiple states at once.”   Falokun examined Article VIII of the Outer Space Treaty, which holds that the state of registry retains jurisdiction and control over a space object and its personnel while in outer space or on a celestial body. However, she argued that Article VIII is object-centered and insufficient for cyber incidents that may involve remote operators, cloud services, ground stations, and users across multiple countries—harm felt far from the location of the attack. 

Falokun proposed a functional connection approach incorporating conflict-of-laws analysis to improve jurisdictional predictability and cybersecurity governance. This framework prioritizes the “center of gravity” of an incident over the physical location of hardware. Falokun emphasized that this functional approach does not replace mandatory public laws. Key frameworks such as the GDPR and similar privacy frameworks, export controls like the ITAR and the EAR, as well as state-level sanctions remain applicable regardless of registry. 
 
Danil Kerimi, vice-chair of the Independent Advisory Oversight Committee of the World Intellectual Property Organization and Judge of the Seoul Smart Cities Prize, presented research advocating a data-centric approach to space law. He argued that international space law was developed around the space object as the primary ontological and jurisdictional anchor, resulting in a governance architecture that regulates physical assets and state responsibility effectively, but remains substantially underdeveloped with respect to the legal status and governance of data flows generated by those systems. Existing instruments including the Outer Space Treaty and the Moon Agreement were designed with the launched object as the unit of governance, an approach that was understood to imply jurisdiction over everything the object produced or transmitted. The data dimension, however, was not contemplated by the drafters, and no subsequent instrument has filled that gap. 

Rather than amendment of existing treaties, the case was made for new instruments, principles, and institutional arrangements in which data is treated as the primary subject of governance. A tiered reform agenda was proposed: in the near term, authoritative interpretive guidance from COPUOS on the application of existing obligations to data-related harm, accompanied by ITU-R rule extensions covering spoofing and signal manipulation; in the medium term, a Space Data Manual establishing data typology, attribution standards, and state responsibility norms for the categories of data transiting space infrastructure, from classical binary to quantum key distribution to AI-derived inference products; and in the longer term, a dedicated multilateral instrument constituting a data law of outer space, designed from the outset for universal participation and calibrated to the commercial and security realities of the second lunar race now underway. 
 
Concluding the day, Elizabeth I. Winston, professor of law and co-director of the Law and Technology Institute at The Catholic University of America Columbus School of Law, examined legal governance on Mars. Mars, Winston noted, lacks an enforceable intellectual property framework, yet three countries have already landed there while conflicts over use, access and innovation are emerging. “The question is not whether law can reach Mars, but whether Congress will act before private actors fill the void on their own terms,” said Winston, proposing patent law as the foundation of a governance structure for Mars. “As a purely economic framework focused on innovation incentives, patent law transcends political ideologies while serving clear public purposes.” 

Opderbeck and Hersch described the workshop as a success. “The ideas, concepts, and research exchanged created an interactive and collaborative experience in which authors could receive feedback and strengthen their work. Seton Hall Law School and the Gibbons Institute continue to lead in addressing pressing technological, scientific and legal challenges. This workshop advances understanding of space law and cybersecurity at a critical moment in space exploration.”