Notice

UK-Australia app cyber security: joint statement

Published 23 October 2025

© Crown copyright 2025

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/uk-australia-app-cyber-security-joint-statement/uk-australia-app-cyber-security-joint-statement

Statement on our shared approach to apps and app stores security

  1. Apps are increasingly an essential part of our citizens’ lives - from banking to fitness and entertainment to smart home appliances. Improving the security of apps is vital to protect users from malicious and insecure apps.

  2. We recognise the continued strength and breadth of the economic and strategic relationship between the United Kingdom and Australia. Both our nations are committed to increasing our collaboration given our shared understanding of baseline security expectations of app store operators and app developers to protect users from cyber attacks.

  3. In 2022 the UK government published a voluntary Code of Practice for app stores operators and app developers. The UK Code of Practice, which sets out eight internationally recognised baseline security and privacy requirements, was developed in collaboration with industry and cyber security and privacy experts.

  4. Under the 2023-2030 Australian Cyber Security Strategy, the Australian government committed to co-designing a voluntary cyber security Code of Practice for app stores and app developers. The Australian Code has been developed to closely align with the principles set out in the UK Code of Practice, while noting the differences in our respective privacy and data protection approaches.

  5. The Codes set out key steps to embed baseline security requirements into international app development practices and provide guidance on actions that app stores and developers can take to protect consumers and businesses from cyber attacks.

  6. The United Kingdom and Australia have already demonstrated the benefits that comes with shared policy approaches and principles regarding consumer safety and security, such as for smart devices.

  7. The Australian Code of Practice for app stores and app developers is another example of our collaborative approach to providing industry with shared baseline security expectations.

  8. This will support the development of more secure and resilient technology while reducing uncertainty and undue burdens to protect users from malicious and insecure apps. Both Australia and the UK have the autonomy and flexibility to update our respective Codes as the technology environment evolves and remain tailored to local industries and markets.

  9. Over the coming months we will explore further opportunities to engage with other international partners to promote our shared understanding of baseline security requirements for app store operators and app developers.

Back to top