Brazil is the world’s eighth largest economy in terms of GDP, and by far South America’s most populous and powerful state. While the country has suffered economic and political crises since 2014, it has made significant advances in domestic digitization and played a pivotal, albeit ambiguous role in international negotiations on cyberspace. Brazil has the world’s fifth largest internet user base, after China, India, the United States and Indonesia, and is a leading country in South America when it comes to ICTs usage. The share of Brazilians using the internet has increased from less than 3% of the population in 2000 to more than 68% in 2019. As such, Brazil remains a critical partner for the EU’s efforts to build a secure, stable and rights-based cyberspace.

China has the largest amount of users in the world, a significant digital economy growth potential, and its national Internet giants Alibaba, Didi, Tencent and Baidu are increasingly able to rival the biggest Western competitors in terms of market value and influence on the global tech landscape. China’s cyber diplomacy puts special attention towards equal participation, the principles of non-interference in internal affairs, non-use of force and peaceful settlement of disputes, and support for multilateral institutions to shape normative views on the governance of cyberspace. However, China’s propagation of the cyber-sovereignty approach to international cybersecurity policy and an absolutist reading of sovereignty in cyberspace provide a legal cloak for state practices that often run counter to the core European values of a global, open, and free Internet.

An EU candidate country since 2014, Albania has been eagerly embracing its digital revolution with the government ushering in an array of cyber and digital policy initiatives. In recent years, Albania has worked on adapting its legal framework to comply with the EU’s acquis communautaire and further approach the Digital Single Market. The Albanian policy framework ranks 1^st across the Western Balkans region in fostering the inclusivity and competitiveness of digital society [x], while the country currently ranks 80^th in the Global Security Index [x]. An OECD report praised Albania for enhancing intragovernmental cooperation, emphasising the cross-cutting character of ICT in its development strategies, and allocating resources towards the implementation of its digital strategy. Despite the proliferation of such policies, however, the country is currently the 5^th largest source of cybercrime in Europe, suffering at least 1.3 million cyberattacks yearly [x]. As such, modernising cybercrime legislation and upgrading critical infrastructure protection constitute key priorities for Albanian policymakers.

In accordance with the output produced by the 2013, 2015, and 2021 consensual reports of the United Nations Groups of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UNGGE), Brazil believes that international law enjoys general applicability in cyberspace. For Brazil, this also includes international humanitarian law and international human rights law. Nevertheless, Brazilian delegations have expressed concern that unqualified transfers of international humanitarian law and an unlimited right of self-defence could legitimise cyberspace as a military domain, while also challenging the protective value of sovereignty and cementing a Western-biased status quo.

In theory, China accepts that the principles enshrined within the UN Charter, including sovereign equality, prohibition on the use of force, settlement of disputes by peaceful means, non-intervention in the affairs of other states and fulfilment of international obligations in good faith, apply in cyberspace. 
Nevertheless, the Chinese position is generally characterized by a reluctance to crystallise the precise ways in which existing customary and international treaty law might govern the cyber domain; the exact application of specific aspects of international law, such as laws on self-defence, state responsibility, and international humanitarian law, is claimed to remain unclear in the absence of international consensus. 
Chinese delegations have also repeatedly cautioned against the “indiscriminate application of the law of armed conflicts”, arguing that the undue emphasis on jus ad bellum undermines stability in cyberspace by presupposing and thus effectively legitimising cyber conflict, consequently turning cyberspace into a “new battlefield”. 
China regards proposals on regional exchanges of views and development of common understanding on the application of international law with particular scepticism, stating that states must work on reaching “universally-accepted consensus” on the application of international law, rather than engage in “self-explanations at regional levels or among a small group of countries”. The Chinese have also consistently favoured the adoption of new international legal instruments tailored to the attributes of cyberspace (lex specialis).

At the first substantive session of the 2021-2025 UN Group of Governmental exports (UNGGE), Albania aligned itself with the EU’s statement that the existing corpus of international law, notably the UN Charter, international humanitarian law, and international human rights law, apply in cyberspace in its entirety. In particular, this includes the principle of state sovereignty, sovereign equality, the settlement of disputes by peaceful means, the provision of the use of force non-intervention in the internal affairs of other states, and the respect for human rights and fundamental freedoms as principles of international law that are applicable to states use of ICTs in cyberspace. [x] Albania has also consistently aligned itself with the EU position in a number of key resolutions at the United Nations, including resolutions A/73/27 and A/74/29. A 2015 policy paper notes that cybersecurity will only be “efficient” if it is “based on the fundamental human rights and freedoms, pursuant to the Charter of Fundamental Rights of the European Union and the universal values of the EU”. In the same vein, the 2020-2025 National Cybersecurity Strategy includes “improving the legal framework providing norms and regulating cybersecurity in the country, and aligning this framework with European Union directives and regulation” as a stated objective.

Brazilian diplomats portray Brazil’s role in the often polarised debates on norms of responsible state behaviour as that of a broker or strategic bridge-builder between the different camps rather than a mere ‘swing state’ and highlight that balancing between both camps serves to maintain an independent foreign policy. Brazil sought to focus its chairmanship of UN GGE’s third and fourth iterations on three issues: the role of civilians in cyber conflict, the right to respond, and attribution. Since the 2013 Snowden revelations, the country has been a stark champion of data protection, showcasing exceptional norm entrepreneurship
in relation to cyber-surveillance norms. Brazil has also expressed support for the proposal of adopting a legally binding instrument in the medium to long-term to prevent the militarisation of cyberspace.

China’s International Strategy on Cyberspace Cooperation highlights that the country is committed to the maintenance of peace and stability in cyberspace through international cooperation on norms of responsible state behaviour. In 2018, Chinese support for the Russia-sponsored UNGA Resolution A/RES/73/27 was instrumental in establishing the Open-Ended Working Group (OEWG) as an alternative forum to the UN Group of Governmental Experts (UN GGE), whose fifth iteration in 2017 had failed to reach consensus. 
The country is in favour of formulating new norms of responsible state behaviour in light of recent ICT developments; during the latest OEWG discussions, China put forward specific proposals on formulating new rules on data security, in accordance with its own Global Initiative on Data Security. 
China has repeatedly expressed a preference for non-voluntary, binding legal norms, arguing that the best option is to formulate “new international legal instruments consummate with the characteristics of cyberspace, with a view to maintaining peace in cyberspace, instead of using legal instruments as a tool to pursue accountability and punishment unilaterally.”

At the first substantive session of the 2021-2025 UNGGE, Albania aligned itself with the EU’s position that the previous UNGGE and OEWG reports, including corresponding UNGA resolutions adopted by consensus” form the unequivocal basis for “any further discussions on the position, role, and implementation of the voluntary non-binding norms, rules and principles of state behaviour in cyberspace (norms)” [x]. In 2018, Albania voted against the Russian-sponsored resolution A/73/27, which launched the Open-Ended Working Group (OEWG) format.

Brazil’s 2020 National Cybersecurity Strategy (E-Ciber) outlines ten strategic actions to be undertaken in relation to cyber resilience, which include the extension of international cooperation and the enhancement of protection for critical infrastructure. The Strategy pledges Brazil to encourage international cooperation in cybersecurity, participate in joint cyber resilience events and exercises, and expand cybersecurity cooperation agreements. On the level of discourse, Brazil remains committed to international cyber cooperation in resilience, staying true to its traditional stance in favour of multilateral solutions.

The Chinese International Strategy on Cyberspace Cooperation places a large emphasis on the development of confidence-building measures (CBMs) and engagement with partner countries through predictability-increasing practical measures to prevent unintended conflicts, respond to information operations, and ensure supply chain security in network equipment and industrial control systems. 
Another key pillar of China’s cyber strategy is providing capacity-building assistance to developing countries. The Belt and Road Digital Economy International Cooperation Initiative, launched in 2017, and 'the Digital Silk Road' seek to internationalise Chinese technology made by state-owned or affiliated companies, including Huawei and ZTE, and therefore export Chinese technical standards abroad. Chinese outreach in this domain is most active in Africa, South America, and Central and Southeast Asia through projects such as the China-ASEAN Information Harbour and the China-Arabia Digital Silk Road Ningxia Hub. In addition to infrastructure investment, capacity building also focuses on enhancing information-sharing capacities, cyber defence personnel training, and crisis management.

In recent years, Albania has significantly expanded its capacity-building activities, modernising both the relevant institutional apparatus and the diplomatic outreach accompanying it. Since 2017, ALCIRT, Albania’s national CSIRT, has been given an expanded mandate and merged with the National Authority for Electronic Certification and Cyber Security (AKCESK). AKCESK is responsible for preparing strategic documents relating to cybersecurity, drafting legislation, collaborating with relevant stakeholders (international organisations, civil society organisations, the private sector) and providing training. [x] Through AKCESK, Albania has signed Memoranda of Understanding (MOU) with several regional national CERTs (Kosovo, North Macedonia, Romania) and is currently negotiating similar MoUs with Serbia, Montenegro, Cyprus, and Slovenia. [x] AKCESK also frequently collaborates with the Council of Europe in relation to incident response and awareness training. [x] As a member of NATO, Albania signed the MoU with the NATO Cyber Incident Response Centre (NCIRC) on enhancing cyber defence in 2013 [x] and has participated in numerous NATO-led training initiatives, including the flagship Cyber Coalition exercise. Meanwhile, increased emphasis has been placed on the protection of critical infrastructure, with a 2015 government paper stating that future actions will be focused on “the protection and resilience capacity of critical infrastructure” and on “encouraging operators that own them to implement a full security architecture (including risk management and emergencies)”. [x] In 2020, Albania adopted its first-ever cybersecurity regulation for the electricity sector, which establishes incident reporting and assessment criteria for electricity operators. [x] This was reportedly only the first of many planned initiatives intended to reduce the country’s cyber vulnerabilities and increase trust in digital services.

Brazil originally refrained from signing the Budapest Convention on Cybercrime and had expressed scepticism in response to invitations to accede. The argument advanced was that the treaty is Western-biased and lacking in inclusivity, given that Brazil was not part of the original drafting process. During voting for UNGA Resolution A/74/401, the Russian-sponsored proposal for a new binding Cybercrime Convention, Brazil abstained; during meetings with the BRICS leaders, however, Brazil had endorsed Russian pleas for a new cybercrime instrument to replace the Budapest regime. Upon invitation by the Council of Europe, Brazil finally initiated the process of accession to the Convention in December 2019 and is now an observer country.

The Chinese Strategy on Cyberspace Cooperation notes that the country “supports the UN Security Council to play an important part in international cooperation against cyber terrorism” and “supports and contributes to UN effort on fighting cyber crimes”. China is not a party to or observer of the Budapest Convention; instead, it has consistently backed Russian bids in the UN to establish a new cybercrime treaty, with these efforts culminating in Resolution A/74/247 that created an Ad Hoc Committee for that purpose. 
China has also signed the World Intellectual Property Organization Copyright Treaty (WIPO Copyright Treaty) in 1985 as well as the UN Convention Against Transnational Organised Crime and is a member of Interpol. 
In addition, China has pursued regional avenues of cooperative engagement; within the context of the Shanghai Cooperation Organisation, for instance, the country agreed to participate in efforts to fight against terrorism, separatism, extremism, and international cybercrime. 
It also supports joint cybersecurity exercises under the auspices of the Organisation.

Albania is a party to the Budapest Convention on Cybercrime, with the Albanian Parliament ratifying the Convention in 2002 [x]. Since then, however, national strategic documents have been acknowledging the incomplete harmonisation of national legislation with Budapest provisions. The most recent five-year National Cybersecurity Strategy states that “legislation in the cybersecurity field should be harmonised with EU legislation, thus creating a complete and codified mechanism to adequately address and resolve issues. Besides, where possible, international internet security mechanisms should be accessed, signed, ratified, and implemented”. The Strategy also places special emphasis on children’s online protection, elevating it into a key priority [x]. Aiming to implement the policy goals listed within the National Cybersecurity Strategy, the Strategy for Investigation of Cybercrime (2021-2025) lays out a number of objectives for law enforcement [x]: (1) extending the cybercrime investigation structure throughout the country and building technological and legal capacity; (2) presenting a prompt and efficient response to cybercrime, raising public awareness, taking legislative initiatives, and building professional capacity; (3) presenting a rapid and professional response to the prevention, prosecution, and investigation of cybercrime against children; and (4) increasing national and international cooperation in the field of cybercrime investigation with strategic partners. Albanian police forces have also collaborated with Europol in coordinated action against cyber fraud and through the launch of the Sell Safe awareness campaign. [x]