Costa Rica has established itself as a leading country in technological adoption, in combination with a complete commitment to sustainability and the protection of the environment. Information and communications technology services accounted for 49% of the country’s exports (twice the average of OECD countries), placing the Central American country at the forefront of the digital economy.

India and the European Union share many values and principles, such as inclusiveness, democracy, and multilateralism. With 1.4 billion people, India is the largest democracy in the world and considers itself as a leader among the Global South. India and the EU share common visions of a rules-based global order and are aligned on their commitment to an open, free, secure, stable, peaceful, and accessible cyberspace, enabling economic growth and innovation. In light of India’s rapid digitization and connectivity, the EU-India Strategic Partnership & Roadmap to 2025 includes commitments to cooperate on new and emerging technologies, norms and regulatory frameworks, and international standards.

An EU candidate country since 2014, Albania has been eagerly embracing its digital revolution with the government ushering in an array of cyber and digital policy initiatives. In recent years, Albania has worked on adapting its legal framework to comply with the EU’s acquis communautaire and further approach the Digital Single Market. The Albanian policy framework ranks 1^st across the Western Balkans region in fostering the inclusivity and competitiveness of digital society [x], while the country currently ranks 80^th in the Global Security Index [x]. An OECD report praised Albania for enhancing intragovernmental cooperation, emphasising the cross-cutting character of ICT in its development strategies, and allocating resources towards the implementation of its digital strategy. Despite the proliferation of such policies, however, the country is currently the 5^th largest source of cybercrime in Europe, suffering at least 1.3 million cyberattacks yearly [x]. As such, modernising cybercrime legislation and upgrading critical infrastructure protection constitute key priorities for Albanian policymakers.

Costa Rica has played a paramount role in the Organisation of American States as is one of seven American countries that sponsored a resolution within the framework of the OAS as part of a Working Group on Cooperation and Confidence-Building Measures in Cyberspace. The resolution is inspired by the work of the United Nations Group of Governmental Experts and aims at enhancing interstate cooperation, transparency, predictability, and stability in cyberspace.

As a member of the 2015 UNGGE group, India accepts that international law and specifically the UN Charter applies in its entirety in the cyber domain. India has noted the need to develop common understandings as to how international law should be interpreted, especially on the issues of what constitutes force and/or an armed attack in cyberspace and what the threshold of cyber-attacks should be to invoke Article 51 of the UN Charter. 
In statements at the UN General Assembly, India has also specifically called for further elaboration on peacetime rules of international law, the law concerning the right of self-defence and international humanitarian law. 
Apart from these calls for clarification and elaboration, however, India’s stance on specific aspects of international law and their interpretation remains unclear. This seems consistent with India’s recent reorientation of its foreign policy; since 2019, India’s wider approach has been marked by a shift from traditional non-alignment to issue-based ‘multi-alignment’ that reflects national priorities and interests.

At the first substantive session of the 2021-2025 UN Group of Governmental exports (UNGGE), Albania aligned itself with the EU’s statement that the existing corpus of international law, notably the UN Charter, international humanitarian law, and international human rights law, apply in cyberspace in its entirety. In particular, this includes the principle of state sovereignty, sovereign equality, the settlement of disputes by peaceful means, the provision of the use of force non-intervention in the internal affairs of other states, and the respect for human rights and fundamental freedoms as principles of international law that are applicable to states use of ICTs in cyberspace. [x] Albania has also consistently aligned itself with the EU position in a number of key resolutions at the United Nations, including resolutions A/73/27 and A/74/29. A 2015 policy paper notes that cybersecurity will only be “efficient” if it is “based on the fundamental human rights and freedoms, pursuant to the Charter of Fundamental Rights of the European Union and the universal values of the EU”. In the same vein, the 2020-2025 National Cybersecurity Strategy includes “improving the legal framework providing norms and regulating cybersecurity in the country, and aligning this framework with European Union directives and regulation” as a stated objective.

Costa Rica has a long history of collaborating on cyber issues within the OAS Cyber Security Program, from training to capacity-building for both the public and private sectors. At a 2019 intervention, Costa Rica recognised the leadership carried out by the aforementioned Working Group in coordinating the response to cyber incidents regionally and establishing a cooperative framework of action to cyber threats.
Costa Rican participation in the UN OEWG is guaranteed until 2025. As part of the second substantive session in 2022, Costa Rica confirmed - along with several other countries - that international law is fully applicable to the use of ICT by states [OH1], with a focus on how international humanitarian law and the principles of humanity, necessity, proportionality, and distinction apply in cyberspace.
An interesting approach was taken by Costa Rica during this session, as the Caribbean country emphasised a multi-stakeholder approach to cybersecurity, involving the private sector, civil society, and researchers’ analysis, information, and capacity on threat.

India has assumed a stance of strategic ambiguity on the proliferation of norms for responsible state behaviour in cyberspace, positioning itself as a ‘bridge builder’ between the two camps that have emerged during multilateral cyber norm negotiations. 
Its insistence on an enhanced role for intergovernmental institutions (such as the ITU) and its oscillating allegiance to the two polarised factions largely reflect the country’s long-standing focus on Westphalian sovereignty and the consequent belief in the primacy of the state as an actor in international affairs. This brings India to a certain degree of alignment with sovereignty-focused countries like China and Russia in the context of norm-building debates. 
At the second substantive session of the Open-Ended Working Group (OEWG), India argued that voluntary norms do not necessarily increase the predictability of state behaviour within the ICT environment, but was not openly against the adoption of new voluntary norms; for instance, the country proposed the adoption of a new norm on refraining from weaponisation and offensive uses of ICTs along with countries like Iran, Cuba, and Nigeria.

At the first substantive session of the 2021-2025 UNGGE, Albania aligned itself with the EU’s position that the previous UNGGE and OEWG reports, including corresponding UNGA resolutions adopted by consensus” form the unequivocal basis for “any further discussions on the position, role, and implementation of the voluntary non-binding norms, rules and principles of state behaviour in cyberspace (norms)” [x]. In 2018, Albania voted against the Russian-sponsored resolution A/73/27, which launched the Open-Ended Working Group (OEWG) format.

In 2016, Costa Rican Cybersecurity Incident Response Team (CSIRT) joined CAMP, an international alliance that serves as a platform for the members to enhance their cybersecurity capacity.
Costa Rica is also collaborating with Israel on cyber issues and digital transformation in an effort that has the potential to streamline innovation in the public sector, transforming public services and institutions and positioning Costa Rica as a regional benchmark in cybersecurity.
On a national scale, Costa Rica launched a digital transformation strategy for the public sector in 2018 and is now working to create a strategy for the implementation of Artificial Intelligence. The initiative seeks to promote the use of digital technologies and access to scientific knowledge, innovation, technology, and telecommunications for social and productive transformation.
Having suffered a cyber attack in 2022, Costa Rica is now positioning cybersecurity as a top national priority, and the Ministry of Science, Innovation, Technology and Telecommunications is beginning to implement various actions to detect, respond and correct cyber intrusions, build faster and more robust response protocols, and train individuals in skilled threat detection.

In matters related to cyber resilience, India has proven to be an active proponent of bilateralism. It has initiated cyber dialogues with actors like the US, the UK, Russia, Malaysia, the EU, and ASEAN, all of which include capacity-building elements. Internationally, the country has also been especially vocal on the need to establish cooperative mechanisms for developing and implementing bilateral, regional, and global confidence-building measures (CBMs). 
In the context of multilateral fora, India has many a time reiterated that the issue of supply chain protection enjoys particular significance for them, especially in relation to ‘trust and trusted sources’ when it comes to preferring suppliers of ICT products and systems. It has also noted that capacity building actually goes beyond what is being dealt with under international security and is inherently tied to discussions on international legal instruments on cyberspace, where all states are equal and have the capacity to discuss legitimate matters under the auspices of the UN.

In recent years, Albania has significantly expanded its capacity-building activities, modernising both the relevant institutional apparatus and the diplomatic outreach accompanying it. Since 2017, ALCIRT, Albania’s national CSIRT, has been given an expanded mandate and merged with the National Authority for Electronic Certification and Cyber Security (AKCESK). AKCESK is responsible for preparing strategic documents relating to cybersecurity, drafting legislation, collaborating with relevant stakeholders (international organisations, civil society organisations, the private sector) and providing training. [x] Through AKCESK, Albania has signed Memoranda of Understanding (MOU) with several regional national CERTs (Kosovo, North Macedonia, Romania) and is currently negotiating similar MoUs with Serbia, Montenegro, Cyprus, and Slovenia. [x] AKCESK also frequently collaborates with the Council of Europe in relation to incident response and awareness training. [x] As a member of NATO, Albania signed the MoU with the NATO Cyber Incident Response Centre (NCIRC) on enhancing cyber defence in 2013 [x] and has participated in numerous NATO-led training initiatives, including the flagship Cyber Coalition exercise. Meanwhile, increased emphasis has been placed on the protection of critical infrastructure, with a 2015 government paper stating that future actions will be focused on “the protection and resilience capacity of critical infrastructure” and on “encouraging operators that own them to implement a full security architecture (including risk management and emergencies)”. [x] In 2020, Albania adopted its first-ever cybersecurity regulation for the electricity sector, which establishes incident reporting and assessment criteria for electricity operators. [x] This was reportedly only the first of many planned initiatives intended to reduce the country’s cyber vulnerabilities and increase trust in digital services.

Costa Rica is one of the few Latin American countries to have signed the Budapest Convention on Cybercrime, along with the First and Second Protocol (this one was signed in 2022 but yet to be ratified), and is at the forefront of cybercrime legislation in the region.
National legislation on cybercrime is fully compliant with the Convention and is contained in the Law on Intervention of Telecommunications and the Law of Computer Crimes and Related Crimes. It includes penalties for committing cybercrimes in the country. Additionally, legislative regulations were introduced to govern the use of social networks and other electronic means.
Their Cybersecurity Policy from 2017 was updated in 2021 with the creation of the CSIRT, the implementation of cybersecurity protocols across public institutions and the establishment of partnerships with strategic actors, mainly in the private sector.

Under the auspices of the OEWG, India has highlighted the need for “real-time cooperation between government agencies” in combatting cybercrime, cyberterrorism, and cyber threats more widely. To date, however, India has not signed any international cybercrime agreement. It voted in favour of a Russia-sponsored UNGA Resolution calling for the establishment of a separate cybercrime treaty. 
Despite having brought its legal framework largely in alignment with the Budapest Convention, India remains a non-party because the document was drafted without the country’s participation, thus rending the treaty discriminatory. Another big objection has been raised on the basis of section 32.b, which gives intelligence agencies trans-border access to data for the purposes of criminal investigations with lawful and voluntary consent - a concern shared by Russia. 
It has also been argued that the Mutual Legal Assistance (MLA) regime under Budapest is not effective, as it does not commit states to a firm promise of cooperation; from the perspective of the Indians, it would be preferable to replace this regime with a UN-driven process.

Albania is a party to the Budapest Convention on Cybercrime, with the Albanian Parliament ratifying the Convention in 2002 [x]. Since then, however, national strategic documents have been acknowledging the incomplete harmonisation of national legislation with Budapest provisions. The most recent five-year National Cybersecurity Strategy states that “legislation in the cybersecurity field should be harmonised with EU legislation, thus creating a complete and codified mechanism to adequately address and resolve issues. Besides, where possible, international internet security mechanisms should be accessed, signed, ratified, and implemented”. The Strategy also places special emphasis on children’s online protection, elevating it into a key priority [x]. Aiming to implement the policy goals listed within the National Cybersecurity Strategy, the Strategy for Investigation of Cybercrime (2021-2025) lays out a number of objectives for law enforcement [x]: (1) extending the cybercrime investigation structure throughout the country and building technological and legal capacity; (2) presenting a prompt and efficient response to cybercrime, raising public awareness, taking legislative initiatives, and building professional capacity; (3) presenting a rapid and professional response to the prevention, prosecution, and investigation of cybercrime against children; and (4) increasing national and international cooperation in the field of cybercrime investigation with strategic partners. Albanian police forces have also collaborated with Europol in coordinated action against cyber fraud and through the launch of the Sell Safe awareness campaign. [x]