Compare
Compare
El Salvador is known for its adoption of Bitcoin as a legal tender in 2021. El Salvador’s internet penetration rate stood at 50.5 % of the total population at the start of 2022, with over 4 million social media users. El Salvador is making important progress towards digitalisation in terms of infrastructure capacity and reliability, but there are still challenges to overcome, such as access and affordability to internet connections, especially in rural areas. Regarding data protection, El Salvador still lacks a comprehensive data protection law, although the country has made improvements in the past years.
South Korea has made significant progress over the last decades when it comes to connectivity and is currently one of the leading states in terms of access and use of ICTs. While in 1995 less than one percent of Koreans used the internet, four years later the country passed the developed nation average and nowadays South Korea is a global leader in the field of connectivity and internet access. Government support for internet access has been instrumental in fostering this progress in connectivity through governmental programs, trainings and low interest loans to companies providing broadband access. Consequently, cyber issues were recognised as important to the bilateral relationship at the EU-South Korea Summit in 2015, and five cyber dialogues have taken place between 2015 and 2020.
According to the International Telecommunications Union (ITU), as of 2021, Peru had an internet penetration rate of around 71.1 %. However other indexes place this number in the mid 60’s. Although many improvements were made in the past few years, Peru still possesses low network coverage, especially in rural areas and a relatively low network performance.
The government of Peru has been implementing initiatives to increase connectivity in rural areas, including a national broadband plan and a program to deploy free Wi-Fi hotspots in public spaces, with a year-on-year increase of almost 100 %.
Peru ranked 86 out of 182 countries surveyed in the ITU’s Global Cybersecurity Index in 2020.
The government of Peru has been implementing initiatives to increase connectivity in rural areas, including a national broadband plan and a program to deploy free Wi-Fi hotspots in public spaces, with a year-on-year increase of almost 100 %.
Peru ranked 86 out of 182 countries surveyed in the ITU’s Global Cybersecurity Index in 2020.
El Salvador has supported, along with several other states, a Russian-backed proposal to develop a new binding legal instrument to govern responsible state behaviour in cyberspace. It’s the Salvadoran position that the absence of legislation is the main obstacle towards fighting cybercrime internationally.
As a member of the 2015 Group of Governmental Experts (UNGGE) and as per the Seoul Framework for and Commitment to an Open and Secure Cyberspace, the ROK recognises that international law, and in particular the UN Charter, is applicable in cyberspace and essential for maintaining security and stability as well as promoting an open, secure, peaceful, and accessible ICT environment.
The country also acknowledges that cybersecurity must go hand-in-hand with respect for human rights and fundamental freedoms as set forth in the Universal Declaration of Human Rights and other international instruments. The ROK notably co-sponsored the Human Rights Council Resolutions 20/8 and 26/13 concerning the promotion, protection and enjoyment of human rights on the Internet.
The country supports the idea of increasing interstate engagement and exchanging national views on how international law applies in cyberspace, both at the multilateral level as well as at the bilateral and regional levels. Peru is one of the Latin American countries to have signed and ratified the Council of Europe’s Convention 108+.
The country has also participated in the United Nations Open-ended Working Group (OEWG) on Developments in the Field of Information and Telecommunications in the Context of International Security. As a matter of fact, after the third substantive session of the OEWG, Peru issued a statement supporting the primacy of the UN Charter and the application of international law in the use of ICTs and in cyberspace, as well as the future establishment of legally binding obligations.
On the other hand, Peru along with Chile and the United States of America, has a divergent view on the notion of cyber attack and the applicability of international law. Peru states that in order for a cyber operation to be considered an attack, it results in direct death, injury or physical harm.
The country also acknowledges that cybersecurity must go hand-in-hand with respect for human rights and fundamental freedoms as set forth in the Universal Declaration of Human Rights and other international instruments. The ROK notably co-sponsored the Human Rights Council Resolutions 20/8 and 26/13 concerning the promotion, protection and enjoyment of human rights on the Internet.
The country supports the idea of increasing interstate engagement and exchanging national views on how international law applies in cyberspace, both at the multilateral level as well as at the bilateral and regional levels. Peru is one of the Latin American countries to have signed and ratified the Council of Europe’s Convention 108+.
The country has also participated in the United Nations Open-ended Working Group (OEWG) on Developments in the Field of Information and Telecommunications in the Context of International Security. As a matter of fact, after the third substantive session of the OEWG, Peru issued a statement supporting the primacy of the UN Charter and the application of international law in the use of ICTs and in cyberspace, as well as the future establishment of legally binding obligations.
On the other hand, Peru along with Chile and the United States of America, has a divergent view on the notion of cyber attack and the applicability of international law. Peru states that in order for a cyber operation to be considered an attack, it results in direct death, injury or physical harm.
El Salvador has been actively involved in promoting a safe cyberspace. The Latin American country, back in 2015, signed a memorandum of understanding with the UN Office on Drugs and Crime to support the fight against cybercrime, with training in capacity building, prevention and cooperation.
El Salvador has expressed views on the use of information and communications technologies for criminal purposes at the UNGA. As part of their statement, it was noted the lack of regulation obliging network administrators of public, private, or non-profit institutions to establish, maintain, and safeguard the connection logs of their internal clients, which can be exploited for the commission of traditional crime and cybercrime.
As part of the OEWG discussions, El Salvador has identified the norm regarding ICT product supply chains as the most important for states, in addition to proposing that the OEWG highlights the efforts and progress that countries are making in cybersecurity, making the spirit of cooperation in this area clear. The ROK stands in favour of the adoption and elaboration of voluntary, non-binding norms of state behaviour during peacetime. It strongly upholds the 11 non-binding norms agreed upon in the 2015 UNGGE report and believes that further efforts should be undertaken to clarify and concretise them.
In addition, the ROK has put great emphasis on the principle of due diligence, consistently demonstrating its commitment through public statements at regional and international forums. The country believes that no new legally binding instrument is necessary for the moment, retaining a preference for the ‘soft law’ approach and maintaining that less resilient states should first focus on building capacity rather than reforming regulatory frameworks. Peru stresses the need to make a distinction between 'cyber attacks' (which involve 'damage being caused to a militarily relevant target, which may be totally or partially destroyed, even captured or neutralised') and an 'abrupt disruption of communications in cyberspace', i.e. cyber operations that cause inconvenience, even extreme inconvenience, but not direct injury or death, or destruction of property. Accordingly, Peru emphasises the determination of the legality of cyber operations in the context of the use of force by taking into account whether they may result in death or injury to persons or property.
Peru has noted the difficulty of attribution in cyberspace. Coinciding with other American states, Peru has focused on the state's duty to ensure that its territory is not used by non-state actors to launch attacks. In this regard, Peru states that the inertia of a state towards a non-state actor that could unleash a cyber-attack on another state and that it was in a position to control could make its behaviour attributable to the state.
In any case, Peru highlights the validity of various human rights in cyberspace, including 'the right to privacy and intimacy, freedom of information, freedom of expression, free and equal access to information, bridging the digital divide, intellectual property rights, free flow of information, the right to secrecy of communications'.
El Salvador has expressed views on the use of information and communications technologies for criminal purposes at the UNGA. As part of their statement, it was noted the lack of regulation obliging network administrators of public, private, or non-profit institutions to establish, maintain, and safeguard the connection logs of their internal clients, which can be exploited for the commission of traditional crime and cybercrime.
As part of the OEWG discussions, El Salvador has identified the norm regarding ICT product supply chains as the most important for states, in addition to proposing that the OEWG highlights the efforts and progress that countries are making in cybersecurity, making the spirit of cooperation in this area clear. The ROK stands in favour of the adoption and elaboration of voluntary, non-binding norms of state behaviour during peacetime. It strongly upholds the 11 non-binding norms agreed upon in the 2015 UNGGE report and believes that further efforts should be undertaken to clarify and concretise them.
In addition, the ROK has put great emphasis on the principle of due diligence, consistently demonstrating its commitment through public statements at regional and international forums. The country believes that no new legally binding instrument is necessary for the moment, retaining a preference for the ‘soft law’ approach and maintaining that less resilient states should first focus on building capacity rather than reforming regulatory frameworks. Peru stresses the need to make a distinction between 'cyber attacks' (which involve 'damage being caused to a militarily relevant target, which may be totally or partially destroyed, even captured or neutralised') and an 'abrupt disruption of communications in cyberspace', i.e. cyber operations that cause inconvenience, even extreme inconvenience, but not direct injury or death, or destruction of property. Accordingly, Peru emphasises the determination of the legality of cyber operations in the context of the use of force by taking into account whether they may result in death or injury to persons or property.
Peru has noted the difficulty of attribution in cyberspace. Coinciding with other American states, Peru has focused on the state's duty to ensure that its territory is not used by non-state actors to launch attacks. In this regard, Peru states that the inertia of a state towards a non-state actor that could unleash a cyber-attack on another state and that it was in a position to control could make its behaviour attributable to the state.
In any case, Peru highlights the validity of various human rights in cyberspace, including 'the right to privacy and intimacy, freedom of information, freedom of expression, free and equal access to information, bridging the digital divide, intellectual property rights, free flow of information, the right to secrecy of communications'.
El Salvador has taken steps towards addressing cybercrime by establishing a Cybersecurity Policy which aims to ensure the resilience and security of strategic assets. It lays out criteria to develop cybersecurity capacities aimed at protecting critical infrastructure, strengthening response mechanisms, and developing technical and administration skills so that the public and private institutions in El Salvador as well as citizens are aware of cybersecurity and risks related to the use of information technologies.
Driven by a proliferation of cyberthreats originating in the DPRK, Korean diplomats have consistently maintained that bridging the global gap in cybersecurity capabilities constitutes a central task for states; as such, countries should develop cyber defence capabilities to foster resilience in the global cyber ecosystem.
The South Korean government has introduced several international cooperation mechanisms, especially through the Korean Internet & Security Agency (KISA) and its Global Cybersecurity Centre for Development (GCCD) project. Through the GCCD, South Korea has worked with the World Bank and a series of partner countries in Latin America to organise workshops and exercises. Another important initiative is the Cybersecurity Alliance for Mutual Progress (CAMP) network, a mechanism launched in 2016 that provides a platform for Korea to share its expertise with a large group of partner countries and help them exchange knowledge and best practices. The Personal Data Protection Law N° 29733 (PDPL) was enacted in June 2011. In March 2013, the Supreme Decree N° 003-2013-JUS-Regulation of the PDLP (Regulation) was published in order to develop, clarify and expand on the requirements of the PDPL and set forth specific rules, terms and provisions regarding data protection.
Together, the PDLP and its Regulation are the primary data protection laws in Peru.
As of 2021, Peru approved the Bill that creates the National Authority for Transparency, Access to Public Information and Protection of Personal Data.
Peru possesses a Digital Trust Framework, as a means to establish certain obligations for public or private entities acting as digital service providers. These include reporting when a digital security incident involving personal data occurs, as well as implementing technical, organisational, and legal security measures to guarantee the confidentiality of information transmitted through its communications services.
Over the last decades, the Peruvian state has made efforts to promote digital transformation, both within its institutions and in the services it offers to citizens and has outlined a Digital Agenda in 2021 for Digital Transformation.
The South Korean government has introduced several international cooperation mechanisms, especially through the Korean Internet & Security Agency (KISA) and its Global Cybersecurity Centre for Development (GCCD) project. Through the GCCD, South Korea has worked with the World Bank and a series of partner countries in Latin America to organise workshops and exercises. Another important initiative is the Cybersecurity Alliance for Mutual Progress (CAMP) network, a mechanism launched in 2016 that provides a platform for Korea to share its expertise with a large group of partner countries and help them exchange knowledge and best practices. The Personal Data Protection Law N° 29733 (PDPL) was enacted in June 2011. In March 2013, the Supreme Decree N° 003-2013-JUS-Regulation of the PDLP (Regulation) was published in order to develop, clarify and expand on the requirements of the PDPL and set forth specific rules, terms and provisions regarding data protection.
Together, the PDLP and its Regulation are the primary data protection laws in Peru.
As of 2021, Peru approved the Bill that creates the National Authority for Transparency, Access to Public Information and Protection of Personal Data.
Peru possesses a Digital Trust Framework, as a means to establish certain obligations for public or private entities acting as digital service providers. These include reporting when a digital security incident involving personal data occurs, as well as implementing technical, organisational, and legal security measures to guarantee the confidentiality of information transmitted through its communications services.
Over the last decades, the Peruvian state has made efforts to promote digital transformation, both within its institutions and in the services it offers to citizens and has outlined a Digital Agenda in 2021 for Digital Transformation.
El Salvador has its own legal framework regarding cybercrime, dating back to 2016, but updated during Bukele’s government, called Special Law against Cybercrime and Related Offenses. The bill establishes a series of crimes related to computer systems and electronic communication, such as unauthorised access to computer systems, the production and dissemination of malicious software, and computer fraud.
The ROK is generally a strong advocate of strengthening global cooperation against cybercrime. While it is not formally a signatory to the Budapest Convention, the country voted against the Russian-sponsored UNGA resolution calling for a new binding cybercrime treaty.
To promote cooperation among law enforcement agencies, the ROK’s Supreme Prosecutor’s Office (SPO) convenes regular meetings with the FBI, while also engaging with the Federal Criminal Police Office (BKA) in Germany and the European Cybercrime Centre (EC3) in the Netherlands.
On the basis of an increased awareness that Internet Service Providers (ISPs) are becoming “important partners to secure electronic evidences”, the SPO works along with Microsoft to operate the Government Security Program (GSP). Peru’s signature and ratification of the Budapest Convention on Cybercrime, which is the only binding international instrument dealing with cybercrime, was a great step towards advancing a cyber agenda.
In 2019, Peru passed a Cyber Defence Act, with the objectives of defending and protecting sovereignty, national interests, critical national assets and key resources to maintain national capabilities against threats or attacks in and through cyberspace, when these affect national security.Peru has also passed a Cybersecurity Framework for the private sector, with the objective of identifying and protecting information assets, detecting security events, and providing for response and recovery from cybersecurity incidents.
In this context, there are more and more reports of cybercrime in the country. According to data from the Public Prosecutor's Office, in 2021 they received 18,596 reports of cybercrime cases, which represents a percentage increase of 92.9% compared to 2020, with phishing and ransomware being the most common attacks.
To promote cooperation among law enforcement agencies, the ROK’s Supreme Prosecutor’s Office (SPO) convenes regular meetings with the FBI, while also engaging with the Federal Criminal Police Office (BKA) in Germany and the European Cybercrime Centre (EC3) in the Netherlands.
On the basis of an increased awareness that Internet Service Providers (ISPs) are becoming “important partners to secure electronic evidences”, the SPO works along with Microsoft to operate the Government Security Program (GSP). Peru’s signature and ratification of the Budapest Convention on Cybercrime, which is the only binding international instrument dealing with cybercrime, was a great step towards advancing a cyber agenda.
In 2019, Peru passed a Cyber Defence Act, with the objectives of defending and protecting sovereignty, national interests, critical national assets and key resources to maintain national capabilities against threats or attacks in and through cyberspace, when these affect national security.Peru has also passed a Cybersecurity Framework for the private sector, with the objective of identifying and protecting information assets, detecting security events, and providing for response and recovery from cybersecurity incidents.
In this context, there are more and more reports of cybercrime in the country. According to data from the Public Prosecutor's Office, in 2021 they received 18,596 reports of cybercrime cases, which represents a percentage increase of 92.9% compared to 2020, with phishing and ransomware being the most common attacks.
