return icon

Illegal trading of personal data difficult to control

Minh Hoang, a businessman in Hanoi, is tired of spam calls and messages that come both day and night.

The spam calls and texts include ads for real estate projects, life insurance products, offers for credit cards, bank loans, bonds, fake degrees and certificates, online gambling, and recently cryptocurrencies.

Hoang called the mobile service operator's switchboard to report the spam calls and messages, but after that he received even more spam messages and calls.

“The network operator lets their customers deal with spam messages and calls themselves. They said that they use AI technology to control and block spam, but in fact subscribers receive dozens of spam calls and messages each day," said Hoang.

Hoang's case is common. He and many others have to download apps from Google Play or Apple app store to block spam and messages.

Buôn bán dữ liệu cá nhân, có luật mà không ai sợ-1


According to statistics from the Department of Information Security of the Ministry of Information and Communications, the total number of subscribers who made spam calls and who were blocked from July 2020 to March 2021 was 128,970. In March 2021, 17,276 subscribers were blocked for this reason.

The act of buying and selling personal data in Vietnam is in two forms. Businesses that provide services that collect personal data of customers allow third parties to access the data, and the third parties transfer and trade the data. Or, businesses actively collect personal information of customers to have personal data to sell.

Personal data is offered for sale online on many sites such as databox, databoxviet, laydata, laydata, khodata, databox, fff, cokhach, and vltoolkit. The data packages for sale relate to many areas, with details about account balance, financial capacity or position and income.

The price is also surprisingly cheap, ranging from VND600,000-VND800,000/information of 1,000 people, or VND500,000-VND1 million for 1,000 phone numbers. In addition, there is a form of automatic fee collection from VND5,000-VND15,000 per download of personal data files.

After a preliminary check, the Ministry of Public Security discovered more than 60 organizations and individuals involved in illegal trading and use of personal information and data in cyberspace, including companies providing technology solutions, real estate brokers, banking officers, government agencies, and people who have access to e-government systems in education, healthcare, securities, hospitals.

In addition, some service companies sell software to collect personal information, which is hidden in sales websites. When users visit these websites, businesses will collect in-depth personal information.

It is dangerous that criminals conduct unauthorized collection of personal information by using malicious code, and software with spying features to steal personal data.

Some cases have been reported: files containing the data of 163,666,400 Zing ID accounts of VNG Company; more than 5 million emails and tens of thousands of payment card information such as visas, credit cards... allegedly belonging to The Gioi Di Dong and Dien May Xanh... were posted online.

Most recently, on May 13, 2021, a hacker offered to sell the personal information authentication (KYC) data of nearly 10,000 Vietnamese people.

On May 18, 2021, the police broke up a large-scale data collection, appropriation, and trading ring with data illegally collected, appropriated, traded and used of nearly 1,300 GB, containing billions of data about individuals and organizations nationwide.

This shows the lack of responsibility and loose management of some organizations with personal information and data about customers.

New policies needed to protect online personal data


Buôn bán dữ liệu cá nhân, có luật mà không ai sợ-2


In Vietnam, sellers and buyers of personal data are often not afraid of the law as they think that in the online environment such transactions are difficult to detect, especially when they are done in closed groups and on websites with servers based abroad, or via social networks.

The Constitution and the 2015 Civil Code both have provisions on protection, secrecy and inviolability for "private life, personal secrets, family secrets" and "letters, telephones, telegrams and other forms of personal electronic information".

According to the Penal Code, violators can be imprisoned for up to 7 years for "illegally releasing or using information on computer and telecommunications networks". In addition, depending on the severity of the violation, the violator will be fined VND40 million to VND70 million.

The draft Decree on Personal Data Protection compiled by the Ministry of Public Security has yet to be issued. Notably, Article 22 of the draft decree stipulates administrative penalties for violations of regulations on the handling of personal data, ranging from fines of VND50 million to VND80 million.

However, there should be additional penalties for individuals, businesses and organizations that commit violations in the management, security, and use of personal data.

Violators should be banned from working in specialized areas for a certain period of time, or their professional license should be revoked, because the profit from selling data is often higher than the fine.

The National Cyber Security Center (NCSC) recommends that each individual, in order not to be taken advantage of by criminals or become a victim of phishing attacks, should be equipped with knowledge to avoid fraudulent situations.

NCSC also recommends that users should ensure the safety of online accounts such as bank accounts, e-wallets, email, and Facebook, especially accounts with online payments.

According to cybersecurity experts, the protection of user data is a matter that requires coordination from many sides, and preventing data leakage requires efforts from the affected users themselves. Citizens must know how to react when personal information is stolen which will help users prevent cybercriminals from exploiting information in the future.

As soon as suspicious access to the account is detected, users should immediately contact the service provider to waive responsibility when something goes wrong. In this case, when personal data unexpectedly becomes publicly available, users can avoid long-term consequences after personal information is stolen by monitoring their financial activities because this is still an area of interest for cybercriminals.

Protecting personal data as well as strictly dealing with violations of organizations and individuals infringing on privacy rights or illegally buying and selling personal information pose urgent legal issues. It is a must to improve the legal system immediately as Vietnam's regulations on personal data trading are not keeping up with developments in the world. The social and technological landscape is changing rapidly.

Organizations and businesses that manage personal data must constantly upgrade their technology and security systems as well as comply with the State's regulations related to personal data protection.

Lawyer Le Minh Toan (Le Minh Law Company)

Personal data of 10,000 Vietnamese offered for sale online

Personal data of 10,000 Vietnamese offered for sale online

Personal information such as identity cards, selfie images and others of 9,667 people are being posted and offered for sale on the Internet for $9,000.

Vietnam suggests US$3,475 penalty for personal data breach

Vietnam suggests US$3,475 penalty for personal data breach

The move by Vietnam's Ministry of Public Security is essential as it is the personal information protection that shows respect for the right of each person.


Government plans to rearrange state-owned enterprises till 2025

Deputy Prime Minister Le Minh Khai has signed a decision approving a plan of rearrangement of state-owned enterprises for the period of 2022-2025 in the form of one-member limited company, equitization, re-arrangement and divestment.

Transport Ministry urges new ship channel for large vessels in Mekong Delta

The Ministry of Transport has urged Tra Vinh Province to implement compensation payment for site clearance and resettlement support to build a new ship channel for large vessels in the Hau River.

Toan retains WBA Asia belt against Amparo in Bangkok

Le Huu Toan successfully defended his World Boxing Association (WBA) Asia minimum-weight (48kg) belt during The Challenger event on November 30 in Bangkok, Thailand.

Billions of dollars from foreigners invested in Vietnam’s enterprises

Foreign capital keeps flowing into Vietnam through many different channels, helping investors regain their confidence in the stock market and the economy.

Urban areas, parks to be built on Red River alluvium grounds

Hanoi authorities plan to build new urban areas and eco-friendly housing, and develop open space with parks, urban squares and flood parks on thousands of hectares on the alluvium grounds of the Red River area.

Target of 1 million social housing units difficult to reach

The goal of developing 1 million social housing units may not be feasible.

Ministry to control rice import management

The Ministry of Industry and Trade (MOIT) fears the high level of rice imports and the failure to control imports will affect domestic production.

Gambling soars during World Cup

Football betting is taking place in the open air at venues where people gather to watch World Cup matches, or quietly online.

Michelin Guide to announce first Vietnamese restaurant selections

Hanoi and Ho Chi Minh City have been selected by Michelin as the latest destinations joining the international selection, as compiled by the Michelin Guide.

Ministry to crack down on Internet ads violations

The Ministry of Information and Communications held a conference in Hanoi on November 30 to roll out Internet advertising management measures.

Seven-day Tet holiday fixed for State employees

Officials, civil servants, public employees and workers of State administrative and socio-political organisations will enjoy a seven-day Lunar New Year (Tet) and four-day National Day holidays next year.

Vietnam has opportunity for energy transition towards green growth

Vietnam boasts substantial potential for wind power, particularly offshore wind power, providing an opportunity for the country to fulfill its energy transition target towards green growth.

PM requests combined efforts to combat IUU fishing

Prime Minister Pham Minh Chinh called for concerted efforts to fight illegal, unreported and unregulated (IUU) fishing while chairing a teleconference with 28 coastal provinces and cities on December 1.

Disciplinary measures against a number of leading officials, Party organisations

The Party Central Committee’s Inspection Commission held its 23rd session in Hanoi on November 29-30, during which it proposed disciplinary actions be taken against some leading officials and party organisations.

Big bosses lose billions of dollars

Several businessmen have built a fortune over the last decade, but their ambition of obtaining growth at lightening speed has caused their assets to drop dramatically.