Under the auspices of the UN, the EU and its Member States have
consistently reaffirmed that a universal cyber security framework can only be grounded in existing international law, including the Charter of the United Nations in its entirety, international humanitarian law, and international human rights law.
Addressing issues as to how existing international law and international humanitarian law, including the principles of humanity, necessity, proportionality and distinction, apply to the use ICTs by States is necessary to increase accountability and transparency. International humanitarian law is fully applicable in cyberspace and this should not be misunderstood as legitimising the use of force between states in the cyber domain. The EU has typically opposed calls for the need to adapt existing international law as a means to develop a new legal instrument for cyber issues.
Recalling its EU candidate status, the first substantive session of the 2021-2025 UN Group of Governmental exports (UNGGE) saw Montenegro aligning itself with the EU’s statement that the existing corpus of international law, notably the UN Charter, international humanitarian law, and international human rights law, apply in cyberspace in its entirety. In particular, this includes the principle of state sovereignty, sovereign equality, the settlement of disputes by peaceful means, the provision of the use of force non-intervention in the internal affairs of other states, and the respect for human rights and fundamental freedoms as principles of international law that are applicable to states use of ICTs in cyberspace. [
x] Montenegro has also consistently aligned itself with the EU position in a number of key resolutions at the United Nations, including resolutions
A/73/27 and
A/74/29.
As a member state of the UNGA, Uruguay
expressed their views at the OEWG in 2021, considering cybersecurity an essential element in the prevention of international conflicts. Uruguay provides a rather humanitarian approach to international law and its application on cyber issues. The country is a
member of international organisations that promote the development and compliance with standards of transparency and access to information, such as the Open Government Partnership, the Electronic Government Network of Latin America and the Caribbean (GEALC) and Digital Nations.
Uruguay was the first Latin American country, in 2013, to sign the only existing binding, international document concerning the Automatic Processing of Personal Data (known as
Convention 108). Its signature and membership have been
ratified in 2021.
Uruguay’s Digital initiatives at the national level are also in compliance with the Digital Agenda for Latin America and the Caribbean (
eLAC by CEPAL). In particular, Uruguay’s
Cybersecurity goal is in line with
CEPAL’s framework for confidence-building measures such as combating digital crime by formulating public policies and strategies for cybersecurity and critical infrastructure protection.