Uruguay is a represented
member in the Group of Governmental Experts (GGE) on Advancing responsible State behaviour in cyberspace. The South American country has openly stated that the voluntary norms included in the
Report of the Group of Experts (GGE) represent an inescapable guide for the responsible behaviour of States in cyberspace. In session 5 of the second substantive session of the OEWG 2021-2025, Uruguay along with seven other States
pointed out the importance of the protection of critical infrastructure, according to norm 13(f).
The ROK stands in favour of the adoption and elaboration of voluntary, non-binding norms of state behaviour during peacetime. It strongly upholds the 11 non-binding norms agreed upon in the 2015 UNGGE report and believes that further efforts should be undertaken to clarify and concretise them.
In addition, the ROK has put great emphasis on the principle of due diligence,
consistently demonstrating its commitment through public statements at regional and international forums. The country
believes that no new legally binding instrument is necessary for the moment, retaining a preference for the ‘soft law’ approach and maintaining that less resilient states should first focus on building capacity rather than reforming regulatory frameworks.
Costa Rica has a long history of collaborating on cyber issues within the OAS Cyber Security Program, from training to capacity-building for both the public and private sectors. At
a 2019 intervention, Costa Rica recognised the leadership carried out by the aforementioned Working Group in coordinating the response to cyber incidents regionally and establishing a cooperative framework of action to cyber threats.
Costa Rican participation in the UN OEWG is guaranteed until 2025. As part of the second substantive session in 2022, Costa Rica
confirmed - along with several other countries - that international law is fully applicable to the use of ICT by states
[OH1], with a focus on how international humanitarian law and the principles of humanity, necessity, proportionality, and distinction apply in cyberspace.
An interesting approach was taken by Costa Rica during this session, as the Caribbean country
emphasised a multi-stakeholder approach to cybersecurity, involving the private sector, civil society, and researchers’ analysis, information, and capacity on threat.