Mapping Cyber Policy in Latin America: The Brazilian Case


Throughout the past decades, cybersecurity has become a topic of strategic importance for all countries. As societies and economies become more digitally interconnected, increasing challenges emerge as to the potential security implications of this over-reliance on digital technologies for development. This does not mean, however, that all societies are connected to the Internet or have full access to the benefits deriving from the promise of digital technologies.

While Latin American countries have been embracing fast-paced digitalization, they have also had to develop policies, strategies, mechanisms, and institutions to address some of the security threats and risks that have emerged throughout the past decades, such as those related to cybercrime, critical infrastructure and the development of a culture on cybersecurity. According to the International Communication Union’s (ITU) Global Cybersecurity Index (GCI), Brazil, Mexico, Uruguay, Chile, and Colombia are more highly ranked Latin American countries in the Americas region (ITU, 2020). However, countries in the region are globally ranked between 18 and 119 – highlighting the varying levels of preparedness and development in cybersecurity within Latin America. 

This document focuses on the case of Brazil. Being one of the largest countries and economies in the region, Brazil has faced a rampant digitalization and development of cybersecurity-related institutions since the early 2000s. It has also played a prominent role internationally in advocating for privacy, human rights and multistakeholder Internet governance in different international fora. Policy-wise the country has developed principles for Internet governance, published its very own Internet Bill of Rights and enhanced its cybersecurity capacities in the context of hosting multiple international events as well as having published its National Cybersecurity Strategy and Data Protection Law in the last few years. However, these advances did not emerge without facing profound political, social, economic and institutional challenges.

In practical terms, this report draws from the framework for cybersecurity policy analysis developed by Gonzalo Bustos Frati and Carolina Aguerre (available here) and focuses on mapping multilevel dynamics that underpin the processes of formation and adoption of cybersecurity, cyber defense, and cybercrime policies in Brazil.

This document is available only in English. 

Cita sugerida: