1. We, the Foreign Ministers of the Member States of the Association of Southeast Asian Nations (ASEAN), and the High Representative of the Union for Foreign Affairs and Security Policy / Vice-President of the Commission, gathered on 1 August 2019 in Bangkok, Thailand, at the Post Ministerial Conference (PMC) +1 Session with the European Union (EU).

2. We underscore our commitment to promote an open, secure, stable, accessible and peaceful information and communication technology (ICT) environment, consistent with applicable international and domestic laws. We intend to strengthen our cooperation on cyber issues.

3. We recognise the growing role of digital technologies in the lives of our citizens and in our economies, and the need to have effective solutions in addressing the security challenges stemming from the rapid expansion of the digital economy and technological changes.

4. We also recognise that cyberspace provides opportunities for social and economic development, but also poses continuously evolving challenges to our regions that may harm international peace and security. We acknowledge the need to facilitate mitigation of immediate, medium-term and long-term cyber threats, and to strengthen cooperation to prevent and counter malicious cyber activities.

5. We further recognise that the same rights people have offline must also be protected online, as prescribed in relevant UNGA Resolutions and international conventions, as well as domestic laws and regulations.

6. We recall that international law, and in particular the Charter of the United Nations, is applicable and essential to maintaining peace and stability, and promoting an open, secure, stable, accessible and peaceful ICT environment, and recognise the need for further study and dialogue on how international law applies to the use of ICTs by States. We also recall the conclusions of the 2010, 2013 and 2015 Reports of the UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, as endorsed by the UN General Assembly, which calls upon Member States to promote the use of ICTs for peaceful purposes and to prevent conflict arising from their use.

7. We acknowledge that voluntary and non-binding norms, rules and principles of responsible behaviour of States in the use of ICTs can reduce risks to international peace, security and stability.

8. We promote the importance of adopting and implementing regional cyber confidence-building measures that can increase inter-State cooperation, transparency, predictability and stability and strengthen international peace and security. These measures aim to reduce misunderstandings, misperception and miscalculation, as well as the risk of conflict stemming from the use of ICTs, including through capacity- and awareness-building in the protection of critical infrastructures.

9. We take note of the initiatives to address cyber threats in multilateral fora, in particular in the United Nations. We recognise the need to implement practical capacity- and confidence-building measures and to further develop, on the basis of consensus, voluntary and non-binding norms of responsible State behaviour in cyberspace as well as ways to implement them.

10. We encourage further engagement through relevant ASEAN-led mechanisms, such as the ASEAN Regional Forum Inter-Sessional Meeting on Security of and in the Use of Information and Communications Technologies (ARF ISM on ICTs Security) and the ASEAN Telecommunications Ministers Meeting (TELMIN), as well as the ASEAN Ministerial Conference on Cybersecurity (AMCC), including fostering common understanding on the potential risks to international peace and security posed by the malicious use of ICTs and on the security of ICT-enabled critical infrastructure.

11. We recognise the value of strengthened dialogue and cybersecurity cooperation to enhance mutual understanding in addressing common security issues, including cybersecurity, and to facilitate cross-border cooperation to address the criminal or terrorist use of cyberspace, including support for ASEAN Member States through capacity-building, as well as awareness-raising programmes.

12. We encourage the exchange of best practices regarding, inter alia, norms of responsible behaviour in cyberspace between States, and to contribute to the advancement of an open, secure, stable, accessible and peaceful ICT environment and to affirm the importance of rules-based order for cybersecurity as a means of building a secure and resilient cyberspace which will serve as an enabler for economic progress and improved living standards across the region.

13. We recognise the shared responsibility of a wide variety of actors, in their respective roles, to ensure an open, secure, stable, accessible and peaceful ICT environment, and for governments to work with relevant stakeholders.