The draft required companies providing services, such as email or social media, to set up offices in Vietnam if they collect or analyse data, let their users conduct anti-state actions or cyber attack, and if they fail to remove content deemed anti-state, fake, or inciting violence.
Facebook and Google are widely used in Vietnam and serve as the main platforms for dissidents, but they do not have local offices or local data storage facilities and have pushed back on the localization requirements. Although there have been economic reforms and openness to social change, Vietnam’s Communist Party retains tight media censorship and does not tolerate dissent.
As per the draft decree, the data required to be stored includes information from job titles to contact details, credit card information, biometric data, medical records, or information on peoples’ ethnicity and political views. However, company officials have expressed concerns that the new law would make it easier for the authorities to seize customer data and expose local employees to arrest.
The security ministry argued that the cybersecurity law would protect the country from threats of cyber attacks that directly cause economic losses and threaten security and social order. People’s information would not be disclosed and companies would only be asked to provide user information for investigations or law enforcement under strict procedures.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now