Brazil originally refrained from signing the Budapest Convention on Cybercrime and had
expressed scepticism in response to invitations to accede. The argument
advanced was that the treaty is Western-biased and lacking in inclusivity, given that Brazil was not part of the original drafting process. During voting for UNGA
Resolution A/74/401, the Russian-sponsored proposal for a new binding Cybercrime Convention, Brazil abstained; during meetings with the BRICS leaders, however, Brazil had
endorsed Russian pleas for a new cybercrime instrument to replace the Budapest regime. Upon invitation by the Council of Europe, Brazil finally
initiated the process of accession to the Convention in December 2019 and is now an observer country.
The US is a signatory and an early proponent of the Budapest Convention. A big part of American cyber diplomatic activity has, in fact, been focused on promoting the Budapest regime as the global model of cybercrime governance. In 2019, the US firmly opposed the Russian-sponsored resolution calling for an alternative legal instrument to the Convention; following the passing of the resolution, however, the US has agreed to participate in the Ad Hoc Committee established under
UNGA resolution 74/247 despite the fact that the “surprise text” within the
May 2021 resolution was seen as an effort to “circumvent dialogue” and undermine the “balanced, inclusive, consensus-based process” sought by the US.
On a multilateral level, the US is also a party to the UN Convention against Transnational Organised Crime (UNTOC) and the Inter-American Convention on Mutual Legal Assistance of the Organisation of American States (OAS) and is a member of Interpol.
Bilaterally, the US has completed an
agreement with the UK under the CLOUD Act that facilitates cross-border data sharing directly between US companies and the British government; the US is trying to expand this type of bilateral engagement,
currently negotiating a similar agreement with Australia.
Cuba is not a signatory of the Budapest Convention on Cybercrime and has developed its own domestic legal framework in the matter, such as
Decree-Law No. 360/2019 which covers a wide range of crimes related to information and communication technologies. In an ongoing debate surrounding this new legislation, critics say that the law could be used to suppress dissent and
limit freedom of expression online.