General Obligations of A Foreign Company Conducting Business in Vietnam’s Cyberspace

Only a limited subset of foreign companies providing services over in Vietnam’s cyberspace are subject to data localisation requirements in Vietnam under the recent Decree 53/2022. However, any foreign company providing services in Vietnam’s cyberspace will need to comply other obligations under the Law on Cybersecurity 2018 and its implementing regulations. These obligations include, among other things, the following:

· To give warnings of the possibility of a loss of cybersecurity during use of the services in cyberspace provided by such enterprise and to provide guidelines on preventive measures;

· To formulate plans and solutions to quickly respond to cybersecurity incidents;

· To immediately deal with any security weaknesses or vulnerabilities, malicious codes, cyberattacks, cyber intrusions/infringements or other security risks;

· When a cybersecurity incident occurs, to immediately implement appropriate emergency plans and response measures, and at the same time provide a report thereon to the Cybersecurity Task Force of Vietnam;

· To apply technical solutions and other necessary measures to ensure security during the process of collecting information;

· To prevent the risk of revelation, damage to or loss of data;

Read MoreInfo
Comment
Written by Nguyen Quang Vu On In

Decree 53/2022 implementing the Law on Cybersecurity in Vietnam

In August 2022, the Government issued Decree 53/2022 to implement various provisions of the Law on Cyber Security 2018 (LCS 2018). We summarise below certain key points of Decree 53/2022:

  • Data localization: Decree 53/2022 provides more detailed guidance on data localization in Vietnam. Please see our separate blog on this issue here.

  • Using cryptography (“mật mã”) to protect network information: If necessary for the national security, safety and order of society or protecting legitimate rights and benefit of others, the authority could request related individuals/organizations to encrypt information not considered as State secret before storing, transmitting on the Internet;

Read MoreInfo
Comment
Written by Nguyen Quang Vu On In ,

Decree 53/2022 - Further guidance on data localisation in Vietnam

Introduction

In August 2022, the Government issued Decree 53/2022 providing, among other things, further guidance on data localization requirements in Vietnam. Article 26.3 of the Law on Cyber Security 2018 (LCS 2018) provides for a general data localization requirement. However, due to the lack of implementing regulations, such provision is not enforced in practice for several years. The new guidance under Decree 53/2022 will likely make the law enforceable in practice from 1 October 2022. In this post, we discuss some salient points of the data localization requirements under Decree 53/2022. This post is written by Trinh Phuong Thao and edited by Nguyen Quang Vu.

Read MoreInfo
Comment
Written by Nguyen Quang Vu On In ,

Legal Framework On E-Learning Businesses In Vietnam

The recent years have witnessed a rapid growth of the e-learning market in Vietnam, especially since the Covid-19 outbreak. Despite that, a clear legal framework for e-learning business under Vietnamese laws is still unavailable. This post will discuss some legal issues concerning the provision of e-learning services.

Mode of delivery

In general, e-learning business could be provided to students via two main modes:

  • Non-interactive mode, where students will pay to have access to learning materials prepared by the service providers (e.g., pre-recorded lectures, books, etc.), and there is no live interaction between students and teachers. The students are expected to self-study the materials provided by the service provider; and

  • Interactive mode, where in addition to access to study materials, students will pay to attend online classes held by teachers, and there is live interaction between students and teachers.

    During the Covid-19 pandemic, e-learning via interactive mode has grown substantially and become a favorite choice for students and their parents. However, the legal framework regulating e-learning via interactive remains undeveloped as the laws only regulate education services via traditional methods.

Read MoreInfo
Comment
Written by Nguyen Quang Vu On In ,