Regional experts have called for closer legal alignment and real-time intelligence-sharing to shore up Asean’s cyber resilience, with Southeast Asia’s patchwork of cybercrime laws leaving the region exposed.
David Martinez Vinluan, executive director of the Asean Chiefs of Police Conference’s (Aseanapol) secretariat, warned that cybercriminals could exploit gaps in legislation between Asean member states as there were discrepancies between their law enforcement policies.
Vinluan, of the Philippine National Police, recalled presenting findings on the use of artificial intelligence (AI) in law enforcement during a Interpol-United Nations Interregional Crime and Justice Research Institute meeting in Singapore last year.
“We found out that only three out of the 10 Asean member countries use AI in law enforcement. However, criminals are using AI and IT, regardless of whether there are laws or not,” he said at the Asean Law Forum here yesterday.
Interpol legal counsel Subash Rengasamy said inconsistent data retention and evidentiary rules were still stalling cross-border cooperation among Asean nations.
He said these countries could be more proactive with intelligence operations by using the Interpol’s secure channels, such as its I-24/7 communication platform, to directly exchange crucial and timely intelligence on any criminal activity.
“What (Interpol) usually encourages countries to do is to harmonise their legal frameworks to align with the Budapest Convention and the upcoming UN Cybercrime Convention,” Subash said, to a question on the legal frameworks needed to fight crime that straddles both physical and digital areas.
A recurring theme across Asean summits
Cybersecurity and, increasingly, AI safety have emerged as constants during Malaysia’s Asean chairmanship year.
At last week’s Asean Malaysia AI Summit, the Asean secretariat’s digital economy division said the regional bloc was working with Malaysia to launch an Asean AI Safety Network.
This platform would be responsible for facilitating AI safety research, promoting responsible AI development and adoption in both public and private sectors, as well as encouraging the harmonisation of AI safety within Asean.
The division urged regulators to pilot “regulatory sandboxes” to allow industry players to test AI tools in a controlled setting, as part of boosting the rankings of Asean countries on the AI Readiness Index.
New tech, same gaps
Prior to the Asean AI Summit, cybersecurity stood out as a prominent theme at the Asean 5G and Operational Technology (OT) Summit held last month.
Farlina Said, a cyber and technology policy fellow at the Institute of Strategic and International Studies Malaysia, said technologies like 5G, OT and the internet of things (IoT) faced similar challenges.
This included the need for specific protection practices and a talent pool that was continuously updated on the latest cybersecurity practices, she added.
Farlina nonetheless noted that Asean was drafting several new documents to raise baseline standards, such as the Asean Cybersecurity Cooperation Strategy 2026-2030 and the KL Declaration on Safe and Responsible Use of Social Media Platforms for Asean.
“In terms of laws, we can see that in recent years, there have been developments for regulation that could protect critical infrastructure and for data protection.
“Additionally, Asean (countries) usually (rank) fairly well in the International Telecommunication Union’s Global Cybersecurity Index,” she said.
In 2024, Malaysia, Indonesia, Singapore, Vietnam, and Thailand were all rated Tier 1 in the index, the international union’s highest classification reserved for global “role models”.
