Since 2014, the EU’s ambition has been to act as an
‘honest broker’ on multilateral discussions surrounding issues of cyber governance and norms of responsible state behaviour, aiming to ensure the support and partnership of proactive players in the context of the global debate. The EU has long promoted the need for voluntary, non-binding norms. It believes that norms crystallised under the UN GGE process should generally not be revisited and that progress should be made on matters relating to their implementation.
Within the OEWG, the EU advanced a
suggestion to develop a global repository of existing practice within the United Nations, which would enable UN member states to showcase how they are implementing the voluntary norms of responsible state behaviour, confidence building and other measures.
Costa Rica has a long history of collaborating on cyber issues within the OAS Cyber Security Program, from training to capacity-building for both the public and private sectors. At
a 2019 intervention, Costa Rica recognised the leadership carried out by the aforementioned Working Group in coordinating the response to cyber incidents regionally and establishing a cooperative framework of action to cyber threats.
Costa Rican participation in the UN OEWG is guaranteed until 2025. As part of the second substantive session in 2022, Costa Rica
confirmed - along with several other countries - that international law is fully applicable to the use of ICT by states
[OH1], with a focus on how international humanitarian law and the principles of humanity, necessity, proportionality, and distinction apply in cyberspace.
An interesting approach was taken by Costa Rica during this session, as the Caribbean country
emphasised a multi-stakeholder approach to cybersecurity, involving the private sector, civil society, and researchers’ analysis, information, and capacity on threat.
Brazilian diplomats portray Brazil’s role in the often polarised debates on norms of responsible state behaviour as that of a
broker or strategic bridge-builder between the different camps rather than a mere ‘swing state’ and highlight that balancing between both camps serves to maintain an independent foreign policy. Brazil
sought to focus its chairmanship of UN GGE’s third and fourth iterations on three issues: the role of civilians in cyber conflict, the right to respond, and attribution. Since the 2013 Snowden revelations, the country has been a stark champion of data protection, showcasing
exceptional norm entrepreneurship
in relation to cyber-surveillance norms. Brazil has also
expressed support for the proposal of adopting a legally binding instrument in the medium to long-term to prevent the militarisation of cyberspace.