Under the auspices of the UN, the EU and its Member States have
consistently reaffirmed that a universal cyber security framework can only be grounded in existing international law, including the Charter of the United Nations in its entirety, international humanitarian law, and international human rights law.
Addressing issues as to how existing international law and international humanitarian law, including the principles of humanity, necessity, proportionality and distinction, apply to the use ICTs by States is necessary to increase accountability and transparency. International humanitarian law is fully applicable in cyberspace and this should not be misunderstood as legitimising the use of force between states in the cyber domain. The EU has typically opposed calls for the need to adapt existing international law as a means to develop a new legal instrument for cyber issues.
As a member state of the UNGA, Uruguay
expressed their views at the OEWG in 2021, considering cybersecurity an essential element in the prevention of international conflicts. Uruguay provides a rather humanitarian approach to international law and its application on cyber issues. The country is a
member of international organisations that promote the development and compliance with standards of transparency and access to information, such as the Open Government Partnership, the Electronic Government Network of Latin America and the Caribbean (GEALC) and Digital Nations.
Uruguay was the first Latin American country, in 2013, to sign the only existing binding, international document concerning the Automatic Processing of Personal Data (known as
Convention 108). Its signature and membership have been
ratified in 2021.
Uruguay’s Digital initiatives at the national level are also in compliance with the Digital Agenda for Latin America and the Caribbean (
eLAC by CEPAL). In particular, Uruguay’s
Cybersecurity goal is in line with
CEPAL’s framework for confidence-building measures such as combating digital crime by formulating public policies and strategies for cybersecurity and critical infrastructure protection.
As a member of the 2015 UNGGE group, India accepts that international law and specifically the UN Charter applies in its entirety in the cyber domain. India has
noted the need to develop common understandings as to how international law should be interpreted, especially on the issues of what constitutes force and/or an armed attack in cyberspace and what the threshold of cyber-attacks should be to invoke Article 51 of the UN Charter.
In statements at the UN General Assembly, India has also specifically
called for further elaboration on peacetime rules of international law, the law concerning the right of self-defence and international humanitarian law.
Apart from these calls for clarification and elaboration, however, India’s stance on specific aspects of international law and their interpretation remains unclear. This seems consistent with India’s recent
reorientation of its foreign policy; since 2019, India’s wider approach has been marked by a shift from traditional non-alignment to issue-based ‘multi-alignment’ that reflects national priorities and interests.