Call for inputs: The use of technology in the operations and activities of mercenaries, mercenary-related actors and private military and security companies

Background

In accordance with Human Rights Council resolution 60/5, the United Nations Working Group on the Use of Mercenaries is tasked with examining the evolution of the activities of mercenaries, mercenary-related actors and private military and security companies worldwide, as well as their impact on human rights. Its mandate focuses on understanding how these actors affect the enjoyment of human rights, in particular the right of peoples to self-determination, and identifying measures to ensure that private military and security services operate within robust legal and human rights frameworks.

In its report presented at the General Assembly on the 15 July 2021 (A/76/151), the Working Group examined the provision of military and security products and services in cyberspace by mercenaries, mercenary-related actors and private military and security companies (PMSCs), and assessed their human rights impacts. That report identified the emergence of “so-called cybermercenaries” as a new category of actor and underscored the absence of clear regulation in cyberspace, including in respect of attribution, accountability, and remedy for human rights violations.

Since 2021, the technology ecosystem surrounding mercenary, related actors, and PMSCs activity has evolved dramatically. Military, security, and intelligence services now rely not only on traditional cyber-capabilities, but also on an expanded technology stack that includes artificial intelligence and machine learning (AI/ML), predictive analytics, synthetic media and deepfakes, biometric and behavioural surveillance, commercial satellite and geospatial intelligence, drones and robotics, autonomous systems, cloud hosting, data brokerage, and novel financing mechanisms such as crypto-assets, to name a few.

Private military and security actors increasingly operate across opaque supply chains as contractors, integrators, resellers, subcontractors, and freelance developers in the outsourcing of military and security functions. This has blurred the line between private military and civilian technological domains and has expanded opportunities for profit-driven technological warfare, and deepened global asymmetries in digital power. In addition, this outsourcing domestically and internationally occurs with limited regulation, oversight, and monitoring, creating new vectors for undermining constitutional orders, impeding the right of people’s to self-determination, and resulting in human rights violations.

The convergence of AI, digital surveillance technologies and private military and security capabilities heightens risks of the right of peoples privacy, freedom of expression, life, and security. Meanwhile, mercenaries and mercenary related actors are increasingly using and training State and non-state armed actors on the use of emerging dual use technology, such as uncrewed aerial devices (drones). This is contributing to considerable changes on the battlefield, in counter-insurgency operations, in urban warfare, in fighting crime and in surveillance and covert-intelligence operations.

It is in this vein that in 2024 that the renewal of the Working Group’s mandate through resolution 60/5 noted that its mandate includes examining the use, recruitment, assembly, protection, transit, arming, financing, and equipping of mercenaries, related actors, and PMSCs both offline and online.

Objectives

The forthcoming report aims to:

1. Examine new and emerging forms of mercenary, mercenary related, and private military and/or security company engagement in technology development and technology deployment, including in cyberspace, AI systems, data analytics, surveillance, and autonomous weapons.
2. Analyse the human rights impacts of technology-enabled mercenary, mercenary related, and private military and/or security company activities, in both conflict and non-conflict contexts, with a focus on the right to self-determination, privacy, freedom of expression, and equality.
3. Identify the legal, regulatory, jurisdictional, and evidentiary challenges in ensuring accountability for technology-enabled human rights violations and abuses committed by mercenaries, mercenary related actors, and private military and/or security companies.
4. Assess the roles of technology supply-chain actors — including manufacturers, cloud and AI providers, data brokers, resellers, integrators, financiers and insurers — in enabling or facilitating mercenary, mercenary related, and private military and/or security company operations and activities.
5. Explore barriers to attribution, investigation, justice and remedy, including cross-jurisdictional complexity, secrecy, classification, and limited access to technical evidence.
6. Gather examples of good practices, regulatory initiatives, and governance innovations that strengthen transparency, accountability and human rights protection in the provision and use of technology-related services by PMSCs.

Key questions and types of input/comments sought

Key Questions

The Working Group invites inputs addressing one or more of the following areas. Submissions may include evidence, case studies, data, or examples of good practices.

A. Technology Stack, AI and Autonomy

• What forms of artificial intelligence, machine learning, predictive analytics, or autonomous systems are being used, developed, or sold by mercenary, mercenary-related actors, or private military and/or security companies?
• To what extent do such systems retain meaningful human control in decision-making, particularly regarding prediction, targeting, surveillance, or engagement?
• How are synthetic media, deepfakes, or information operations deployed by mercenary, mercenary-related actors, or private military and/or security companies, and what are their demonstrated or potential human rights impacts?

B. Space and Geospatial Services

• How are commercial satellite, imaging, and geospatial services (ISR, RF/spectrum geolocation, SIGINT, AIS/ADS-B) used by mercenaries, mercenary related actors, and private military and/or security companies?
• What governance frameworks regulate their licensing, access, or data-sharing, particularly in armed conflict or occupation contexts vis-a-vis by mercenary, mercenary-related actors, or private military and/or security companies?

C. Supply Chains, Procurement, and Export Controls

• How are mercenary, mercenary-related actors, or private military and/or security companies connected to multi-tiered technology supply chains (prime contractors, resellers, integrators, freelancers)?
• Which export control or dual-use regimes apply to software, surveillance tools, intrusion systems, or unmanned platforms? What loopholes or enforcement gaps exist?
• What good practices exist for contract transparency, human rights due diligence, and beneficial ownership disclosure?

D. Cloud, Data and Platforms

• How do cloud service providers, content delivery networks, and platform APIs enable or host mercenary, mercenary related actors, or private military and/or security companies operations and activities?
• What are the implications of data brokerage and ad-tech ecosystems in facilitating surveillance or discriminatory profiling?
• How can States and companies ensure log preservation, lawful access, and independent oversight to support accountability?

E. Financing and Monetisation

• What are the trends in mercenary, mercenary related actors, and private military and/or security companies use of crypto-assets, mixers, stablecoins or non-traditional financing mechanisms for technology-enabled security services?
• Are there examples of insurance, venture capital, or resource-for-security arrangements that indirectly support or legitimize mercenary, mercenary related actors and private military and/or security companies operations and activities?

F. Evidence, Attribution and Accountability

• What technical and legal barriers exist in attributing cyber or AI-enabled attacks or harms to particular actors, such as mercenary, mercenary related actors, or private military and/or security companies, or clients?
• What barriers do victims face in accessing forensic data, export licence information, or platform records necessary to seek remedy?
• What lessons can be drawn from cases where sanctions, civil litigation, or universal jurisdiction have provided accountability in mercenary, mercenary related actors, or private military and/or security companies activities and operations?

G. Intersectional, Sectoral and Human Rights Impact

• What are the human rights impact of technology-enabled mercenary activities and private military and/or security companies operations? Please provide information on the human rights impact on women, children, human rights defenders, journalists, migrants, minorities and other persons in vulnerable situations.
• How do such operations affect humanitarian action, elections, civic space, or border governance?

H. Good Practices and Governance Innovations

• What examples exist in national licensing, registration, or certification schemes that regulate private military and/or security companies or technology providers?
• How can model contract clauses, mandatory human rights and AI due diligence, or independent audit mechanisms improve transparency and accountability in the hiring of private military and security companies and contractors?
• What roles can States, international organizations, civil society, and the private sector play in promoting responsible behaviour by PMSCs in the technology and security domains?

How inputs will be used?

All submissions will be posted on the mandate’s website. Should you wish to maintain confidentiality of your submission, kindly clearly indicate it at the moment of submission.