Vietnam working hard to protect personal data

Vietnam working hard to protect personal data/ Illustrative image (Source: VNA)

Hanoi – The Government’s Steering Committee for Human Rights has issued a plan on communications activities towards the 75th anniversary of World Human Rights Day (December 10), heard a press conference in Hanoi on May 18.

Major General Nguyen Van Ky, standing deputy chief of the office of the Government's Steering Committee for Human Rights, and deputy head of the External Affairs Department at the Ministry of Public Security, said the plan, issued on May 12, 2023, aims to increase the popularisation of Vietnam’s achievements in ensuring human rights across spheres.

The plan is also designed to promote the image of Vietnam as a nation of stability, democracy and development, and a responsible member of the international community, while countering distorted information of hostile forces, and acts that abuse democracy and human rights issues to sabotage Vietnam, he added.

On this occasion, Dinh Tien Dung, deputy head of the Authority of Foreign Information Service at the Ministry of Information and Communications (MIC), briefed the press on Decree No. 13/2023/ND-CP dated April 17, 2023 on personal data protection.

The issuance of the decree is to institutionalise regulations of the Constitution and Vietnamese laws on protecting personal privacy, human rights and citizens' rights, and ensuring cyber security.

It provides more detailed stipulations for certain provisions of the Law on Cyber Security regarding the prevention and combat of cyber espionage, and the protection of state secrets, work secrets, business secrets, personal secrets, family secrets, and private life on the cyberspace.

The decree is expected to contribute to socio-economic development, creating a legal ground for business activities relating to personal data, and raising public awareness of handling personal data.

Stressing the significance of the decree, Dung said it meets the urgent need of protecting personal data and preventing personal data infringement that affects rights and interests of inpiduals and organisations.

The decree also plays a role in raising the responsibility of agencies, organisations and inpiduals in handling violations relating to personal data, he continued, stressing that it creates an important premise for the building of a law on personal data protection.

Nguyen Duc Tuan, Director of the MIC’s Vietnam Cybersecurity Emergency Response Teams/Coordination Centre (VNCERT/CC), advised people to stay alert against strange links, be cautious when providing their personal information, and not to log in to social media and bank accounts on public computers or unfamiliar devices to prevent the risk of their personal information being stolen.

Vietnam is one of the countries worldwide with the highest Internet development and application rates. The number of Internet users in the Southeast Asian nation has exceeded 70 million, equivalent to 73 per cent of the total population.

Legislators seek to reinforce protection of personal data The addition of provisions on buying and selling private information is expected to be a robust sanction to protect the personal data of consumers in Vietnam.

Protections to be ramped up via new personal data rules The new Decree No.13/2023/ND-CP on protection of personal data will come into effect on July 1, and will apply to both local and offshore entities engaged in personal data processing. While Decree 13 does reflect most of the comments and views from the business community, there are additional requirements applicable to businesses that process such data. In comparison to the last draft, Decree 13 introduces several new and revised concepts.

Nuts and bolts of new personal data decree Last month the government in Vietnam finally issued Decree No.13/2023/ND-CP on personal data protection (PDP). The decree will take effect from July; however, micro, small, and medium-sized enterprises as well as startups (excluding data processing companies) are optionally exempted for two years.

New requirements to shore up personal data protection The forthcoming legal framework on personal data protection means all domestic and foreign organisations processing personal information must handle sensitive individual personal information in a proper manner.