Pall Mall Process: Code of Practice for States to tackle the proliferation and irresponsible use of commercial cyber intrusion capabilities (April 2025)

On 3 and 4 April 2025, France and the United Kingdom organized the second Pall Mall Process Conference in Paris, bringing together 45 States and international organizations, and a large coalition of representatives of the private sector, civil society and academia. At the conference, a Code of Practice – which has already received the initial backing of 25 States – was adopted to establish a set of voluntary political commitments and practical recommendations to tackle this issue.

In this Code of Practice, unique in its content, form and coalition, the supporting States shared their understanding of the threat, recalled the application of international legal and normative frameworks and made practical recommendations on a number of different political levers. It contributes to the implementation of the United Nations framework on responsible State behaviour in cyberspace and the principles of the Paris Call for Trust and Security in Cyberspace.

Taking an inclusive approach, the Pall Mall Process will continue to widely share and distribute these good practices and will track progress on their implementation.

Pall Mall Process - Code of Practice for States (ENG) - update as of 11.04.2025 - (PDF, 3.7 Mb)