The Ministry of Public Security yesterday announced a long-waited draft Government decree guiding the implementation of the Law on Cyber Security. The law, which comes into force next year, requires foreign technology firms to open offices and set up user data servers in Vietnam.


{keywords}

A young woman is seen using the Internet.The Ministry of Public Security yesterday announced a long-waited draft Government decree guiding the implementation of the Law on Cyber Security 


The Law on Cyber Security was passed by the National Assembly (NA) on June 12.

With seven chapters and 43 articles, the law is aimed at protecting national security and safeguarding social order and safety regarding the Internet, with both the Ministry of Public Security and the Ministry of Information and Communications serving as key monitoring agencies.

The scope of the law allows for responding to threats on the internet that may infringe on the legitimate rights and interests of organizations and individuals. It is also meant to create a legal foundation for competent agencies to ward off illegal activities on the internet.

The third chapter of the law includes various measures to prevent, fight and manage rule violations, such as agitation and propaganda against the State, incitement of violence, cyber-terrorism, and cyber-war.

Meanwhile, the 24th article of the draft decree requires the storage in Vietnam of a range of user data such as job titles, contact details, credit card information, biometrics and medical records.

The data, whose creators are internet service users in Vietnam, also includes uploaded and synchronized information, or those imported from their devices, and especially relationship details of users, such as their friends, and groups that users connect to or interact with.

According to the draft decree, if service providers do not comply with these regulations, they would be dealt with in accordance with the law.

Notably, the draft decree requires foreign technology firms to open branches or representative offices, and set up user data servers in Vietnam. Those firms which are involved in supplying telecommunication and internet services and other internet-based, value-added services in Vietnam are also asked to store essential data of local users.

The NA Standing Committee explained in June this year that “basic agreements under the World Trade Organization, such as the General Agreement on Tariffs and Trade and the General Agreement on Trade and Services, as well as the Comprehensive and Progressive Agreement for Trans-Pacific Partnership, also provides for exceptions on national security grounds. Therefore, it is necessary for us to resort to exceptions on national security in this law to safeguard people’s interests and national security.”

The committee added that Vietnam has the right to require data to be stored within the country. As many as 18 countries, as members of the WTO, including the United States, Canada, Australia, Germany and France, have issued regulations on compulsory storage of data within their territories.

Currently, Google and Facebook are storing data about Vietnamese organizations and individuals at their data centers in Hong Kong and Singapore.

The draft decree is open for public consultation until December 2. All feedback should be sent to the ministry’s cyber security division at 40A Hang Bai Street, Hoan Kiem District, Hanoi City, or via email to luatanm@gmail.com. Click here to download the draft decree and other related draft documents in Vietnamese from the portal of the Ministry of Public Security.

SGT