Ministry of Public Security announces draft Decree on Cyber Security Law
The Draft Decree detailing a number of articles of the Law on Cyber Security regulates data on personal information of service users in Vietnam, including 20 contents such as: full name, date of birth, place of birth, nationality, occupation...
The Ministry of Public Security has completed the draft Decree detailing a number of articles of the Law on Cyber Security (draft Decree) to collect public comments for one month, from November 2 to December 2.
Please send your comments to the Department of Cyber Security and High-Tech Crime Prevention, 40A Hang Bai, Hoan Kiem District, Hanoi, email:[email protected].
Many foreign enterprises have to set up branches or representative offices in Vietnam.
Accordingly, the Law on Cyber Security consists of 7 chapters and 43 articles stipulating basic contents on cyber security protection for important information systems related to national security, preventing and handling acts of cyber security violations, implementing cyber security protection activities and stipulating the responsibilities of agencies, organizations and individuals.
In order to maximally protect the legitimate rights and interests of organizations and individuals, Chapter III of the Law on Cyber Security fully stipulates measures to prevent, combat and handle violations of the law such as anti-state propaganda, inciting riots, preventing cyber terrorism, cyber warfare and other types of crimes...
Detailing a number of articles of the Law on Cyber Security, Article 24 of the draft Decree stipulates data on personal information of service users in Vietnam, including 20 contents such as: Full name, date of birth, place of birth, nationality, occupation, title, place of residence, contact address, email address, phone number, identity card number, personal identification number, citizen identification number, passport number, social insurance card number, credit card number, health status, medical records, biometrics.
In addition, there is data created by service users in Vietnam, including: information chosen to upload, synchronize or import from devices; data about relationships of service users in Vietnam, including: friends, groups that users connect or interact with...
According to the draft Decree, if an enterprise does not comply with this regulation, it will be handled according to the nature and severity of the violation in accordance with the provisions of law.
Notably, the draft Decree proposes that foreign enterprises must store data when opening branches or representative offices in Vietnam. Specifically, the subjects that must store data when opening branches in Vietnam are enterprises that provide one of the following services on telecommunications networks, the Internet, and value-added services on cyberspace: telecommunications services; data storage and sharing services on cyberspace; providing national or international domain names for service users in Vietnam; e-commerce; online payment; payment intermediary; transportation connection services via cyberspace; social networks and social media; online electronic games; email.
According to the draft Decree, the Minister of Public Security has the right to request regulated enterprises to comply with this regulation. Enterprises that do not comply will be handled depending on the nature and level of the violation.
The Draft Decree, if approved, will take effect from January 1, 2019.