At the first substantive session of the 2021-2025 UN Group of Governmental exports (UNGGE), Albania aligned itself with the EU’s statement that the existing corpus of international law, notably the UN Charter, international humanitarian law, and international human rights law, apply in cyberspace in its entirety. In particular, this includes the principle of state sovereignty, sovereign equality, the settlement of disputes by peaceful means, the provision of the use of force non-intervention in the internal affairs of other states, and the respect for human rights and fundamental freedoms as principles of international law that are applicable to states use of ICTs in cyberspace. [
x] Albania has also consistently aligned itself with the EU position in a number of key resolutions at the United Nations, including resolutions
A/73/27 and
A/74/29. A 2015
policy paper notes that cybersecurity will only be “efficient” if it is “based on the fundamental human rights and freedoms, pursuant to the Charter of Fundamental Rights of the European Union and the universal values of the EU”. In the same vein, the
2020-2025 National Cybersecurity Strategy includes “improving the legal framework providing norms and regulating cybersecurity in the country, and aligning this framework with European Union directives and regulation” as a stated objective.
As a member state of the UNGA, Uruguay
expressed their views at the OEWG in 2021, considering cybersecurity an essential element in the prevention of international conflicts. Uruguay provides a rather humanitarian approach to international law and its application on cyber issues. The country is a
member of international organisations that promote the development and compliance with standards of transparency and access to information, such as the Open Government Partnership, the Electronic Government Network of Latin America and the Caribbean (GEALC) and Digital Nations.
Uruguay was the first Latin American country, in 2013, to sign the only existing binding, international document concerning the Automatic Processing of Personal Data (known as
Convention 108). Its signature and membership have been
ratified in 2021.
Uruguay’s Digital initiatives at the national level are also in compliance with the Digital Agenda for Latin America and the Caribbean (
eLAC by CEPAL). In particular, Uruguay’s
Cybersecurity goal is in line with
CEPAL’s framework for confidence-building measures such as combating digital crime by formulating public policies and strategies for cybersecurity and critical infrastructure protection.
The UK
views international law as “a critical tool for ensuring stability and security in cyberspace”. In accordance with the 2013, 2015 and 2021 UNGGE reports as well the 2021 OEWG report, the UK
has affirmed that international law, including the UN Charter in its entirety, applies in cyberspace; a position paper notably
states that “we do not consider it is for States to pick and choose which international law instruments are applicable”. This includes the prohibition of the use of force (Article 2(4)), the peaceful settlement of disputes (Article 33) and the inherent right of states to act in self-defence in response to an armed attack (Article 51). The law of state responsibility applies to cyber operations in peacetime, including the doctrine of countermeasures in response to internationally wrongful acts. Meanwhile, the country has
professed a strong commitment to the respect of human rights law in cyberspace, co-sponsoring the
2012,
2014,
2016,
2018 and
2021 UN Human Rights Council resolutions on the protection, promotion and enjoyment of human rights on the Internet. Likewise, the UK
believes in the application of international humanitarian law (IHL) to cyber operations in armed conflict. In response to concerns expressed by other states that this might lead to an undue ‘militarisation’ of cyberspace, the UK has
responded that the application of IHL does not encourage armed conflict but only serves to limit humanitarian consequences in the event of such conflict. In addition, the country has
stated and that there are ways for cyber capabilities to be developed in a manner “consistent with international law” and called on states to be transparent about the existence of their own capabilities. Those statements do not entirely dismiss the idea of cyberspace as a new military domain, with the British position at the OEWG
being that “the use of ICTs in military contexts may be preferable to use of kinetic weapons and can be de-escalatory”. The UK is against the establishment of new, binding international instruments to regulate state behaviour in cyberspace,
arguing that “pursuing […] the development of new treaties is only likely to entrench existing divides in this area and will progress us no further on the question of how International Law applies”.