As of 2009, Ukraine has been a member of the Eastern Partnership (EaP) and a strategic partner for the EU. On the basis of the EU-Ukraine Association Agreement (AA) signed in 2014, the country has engaged in legislative and policy reforms aiming at gradual convergence with the EU acquis, including on digital economy. During the past two years, digitalisation has become a “flagship topic” in Ukraine, with a growing focus on e-government, digital citizenship, and state support for the local IT industry. Ukraine suffered large-scale cyberattacks during the 2014 presidential elections [x], distributed denial of service (DDoS) attacks during the Russian invasion of Crimea in 2014 [x], malware attacks on its power grid in 2015 [x], and was also heavily impacted by the devastating global-scale NotPetya attack in 2017. This explains why Ukraine prioritised capacity building efforts to strengthen its cyber resilience.

South Korea has made significant progress over the last decades when it comes to connectivity and is currently one of the leading states in terms of access and use of ICTs. While in 1995 less than one percent of Koreans used the internet, four years later the country passed the developed nation average and nowadays South Korea is a global leader in the field of connectivity and internet access. Government support for internet access has been instrumental in fostering this progress in connectivity through governmental programs, trainings and low interest loans to companies providing broadband access. Consequently, cyber issues were recognised as important to the bilateral relationship at the EU-South Korea Summit in 2015, and five cyber dialogues have taken place between 2015 and 2020.

Japan is a trusted partner and shares the same basic values of human rights, rule of law, and democratic governance. This common set of values also applies to cyberspace as both the EU and Japan have publicly expressed strong support for an open, free and secure internet and the application of international norms to state activities in cyberspace. Japan is also an important trading partner of the EU. The recently adopted Economic Partnership Agreement also reinforces the need for a closer integration of the digital economies. Alignment in broader international economic and political issues is also evident in the field of cyber diplomacy and thus constitutes a strong foundation for close cooperation and partnership.

-

As a member of the 2015 Group of Governmental Experts (UNGGE) and as per the Seoul Framework for and Commitment to an Open and Secure Cyberspace, the ROK recognises that international law, and in particular the UN Charter, is applicable in cyberspace and essential for maintaining security and stability as well as promoting an open, secure, peaceful, and accessible ICT environment. 
The country also acknowledges that cybersecurity must go hand-in-hand with respect for human rights and fundamental freedoms as set forth in the Universal Declaration of Human Rights and other international instruments. The ROK notably co-sponsored the Human Rights Council Resolutions 20/8 and 26/13 concerning the promotion, protection and enjoyment of human rights on the Internet. 
The country supports the idea of increasing interstate engagement and exchanging national views on how international law applies in cyberspace, both at the multilateral level as well as at the bilateral and regional levels.

Japan has highlighted the importance of promoting the rule of law in cyberspace, noting that cyberspace “should not be a lawless zone”. It further endorses the applicability of international law, in particular the UN Charter, in the cyber domain. In relation to the use of countermeasures, it has stated that it is not necessary for countermeasures to be limited to the same means as internationally wrongful acts. 
Japan has cautioned against the launch of “premature” discussions on developing a legally binding new instrument, arguing that the adoption of such an instrument might “roll back” the achievement of past multilateral efforts in confirming the applicability of existing international law in cyberspace. Instead, Japan believes that it is necessary to consolidate, elaborate, and clarify the interpretation of existing treaties and content of customary international law. 
During the drafting phase of the 2021 Open-Ended Working Group (OEWG) Report, Japan had proposed to include language explicitly affirming the applicability of State responsibility for internationally wrongful acts, the inherent right of self-defence recognized under the UN Charter, and International Humanitarian Law.

-

The ROK stands in favour of the adoption and elaboration of voluntary, non-binding norms of state behaviour during peacetime. It strongly upholds the 11 non-binding norms agreed upon in the 2015 UNGGE report and believes that further efforts should be undertaken to clarify and concretise them. 
In addition, the ROK has put great emphasis on the principle of due diligence, consistently demonstrating its commitment through public statements at regional and international forums. The country believes that no new legally binding instrument is necessary for the moment, retaining a preference for the ‘soft law’ approach and maintaining that less resilient states should first focus on building capacity rather than reforming regulatory frameworks.

In multilateral fora, Japan has frequently emphasised the need to implement voluntary and non-binding norms of responsible state behaviour in cyberspace. The country believes that any discussion on norm-building should exclusively occur on the basis of the 11 norms affirmed within the 2015 UNGGE Report; possible new norms should be “carefully scrutinised” so as to avoid any change to these 11 norms or duplication with them. 
Japan also strongly opposes the adoption of additional legally binding obligations, maintaining that such an endeavour would take a very long time whereas the evolution of technology is extremely fast-paced. Instead, countries should work on parallel mechanisms for capacity-building, raising awareness, and promoting a common understanding of norms.

-

Driven by a proliferation of cyberthreats originating in the DPRK, Korean diplomats have consistently maintained that bridging the global gap in cybersecurity capabilities constitutes a central task for states; as such, countries should develop cyber defence capabilities to foster resilience in the global cyber ecosystem. 
The South Korean government has introduced several international cooperation mechanisms, especially through the Korean Internet & Security Agency (KISA) and its Global Cybersecurity Centre for Development (GCCD) project. Through the GCCD, South Korea has worked with the World Bank and a series of partner countries in Latin America to organise workshops and exercises. Another important initiative is the Cybersecurity Alliance for Mutual Progress (CAMP) network, a mechanism launched in 2016 that provides a platform for Korea to share its expertise with a large group of partner countries and help them exchange knowledge and best practices.

Resilience constitutes one of the central objectives of Japan’s 2018 Cybersecurity Strategy, whose core components include international cooperation in sharing expertise and coordination of policies, incidence response, and cyber capacity-building (CCB). Japan has traditionally argued that global initiatives are required to reduce cybersecurity vulnerabilities and has advocated for a tailor-made approach that takes into account the national situation of recipient countries and the importance of national ownership. 
Japan recognises the ‘trickle-up’ effect of national initiatives, stating that CCB “not only improves the capabilities of the recipient country, but also directly leads to enhanced security and stability in cyberspace as a whole”; in that sense, it disfavours the understanding of CCB as a “common but differentiated responsibility”, believing that such a view “does not fit the context” of international cyber cooperation. As a result, the country has assumed a balanced approach to CCB. On the one hand, it has successfully utilised multilateral fora such as the G7 and G20 summits to promote its own normative standards. 
At the G7 Ise-Shina Summit in May 2016, for instance, Japan introduced the Ise-Shima Principles, which included the enhancement of cooperation on CCB. On the other hand, Japan considers its own security and that of its nationals as intrinsically tied to the cyber capabilities of developing countries, since attacks on the IT infrastructure of regional partners can adversely affect Japanese trade. Japan has thus acted primarily through ASEAN to promote regional capacity-building efforts.

-

The ROK is generally a strong advocate of strengthening global cooperation against cybercrime. While it is not formally a signatory to the Budapest Convention, the country voted against the Russian-sponsored UNGA resolution calling for a new binding cybercrime treaty. 
To promote cooperation among law enforcement agencies, the ROK’s Supreme Prosecutor’s Office (SPO) convenes regular meetings with the FBI, while also engaging with the Federal Criminal Police Office (BKA) in Germany and the European Cybercrime Centre (EC3) in the Netherlands. 
On the basis of an increased awareness that Internet Service Providers (ISPs) are becoming “important partners to secure electronic evidences”, the SPO works along with Microsoft to operate the Government Security Program (GSP).

According to Japan’s 2018 Cybersecurity Strategy, the country is committed to “further [promoting] international partnership through international investigative cooperation and information sharing with international organisations, law enforcement agencies and security information agencies in foreign countries.” 
Japan is a party to the Budapest Convention on Cybercrime and mutual assistance treaties (MLAT), voting against the Russian-sponsored UNGA resolution calling for a new binding cybercrime treaty. Japan has pursued dialogues related to cybercrime cooperation in the context of ASEAN, as well as on a bilateral basis with countries like the UK, USA, and Australia.