20/07/2018 11:29 GMT+7 Email Print Like 0

Cyber Security Law protects citizens, national security

The new Law on Cyber Security, which will take effect on January 1, 2019, is set to be an effective tool to fight crimes in cyberspace, protecting citizens and national security. 
The Law on Cyber Security, which was adopted by the 14th National Assembly at its 5th session and announced by the President on June 28, comprises 43 articles arranged in seven chapters.

The law is an important, much needed legal framework for authorized forces to be able to tackle risks and challenges from cyberspace in a timely and effective manner, according to the Ministry of Public Security’s Cyber Security Department (CSD).

The Department reported that Vietnam has faced dozens of serious, large-scale cyber attacks over the past few years, directly threatening national security, social order and safety, and seriously affecting the local economy.

 VinaPhone readies all resources to ensure information security for its customers. Photo: Minh Quyet  / VNA 

In implementation of Government Decree No. 49/2017/ND-CP on management of mobile phone subscribers,
VNPT VinaPhone now takes photos of new subscribers at their service counters. Photo: Minh Quyet  / VNA 

 VNPT VinaPhone has provided 4G services in Hanoi, Ho Chi Minh City and
11 other provinces and cities nationwide. Photo: Minh Quyet  / VNA 

 VinaPhone technicians at a 4G base transceiver station in Hanoi. Photo: Minh Quyet  / VNA 

 In March, the Ministry of Information and Communications  and the Asia Pacific Computer Emergency Response
Team (APCERT) organized the cyber drill "Data breach via malware on IoT". Photo: Minh Quyet  / VNA 

 Ho Chi Minh City hi-tech zone applies information technology to production and business. Photo: VNP files

Vietnam is set to develop internationally qualified information technology human resources and build
information technology into a key sector by 2020.  In the photo: Vinasat-2 satellite of Vietnam
at the Kourou launch pad in Guyana, South America. Photo: Files

The latest statistics from the CSD show that in the first six months of the year, 2,769 websites and online portals with national domains – 35 of which are managed by Party and State agencies – were either hacked, had their interfaces or content altered, or were deprived of administration authority.

The Law on Cyber Security with 43 articles arranged in seven chapters, provides basic content on protecting cyber security for information systems important for national security; preventing and handling violations of cyber security regulations; cyber security protection activities; and responsibilities of agencies, organizations and individuals.
CSD Director Hoang Phuoc Thuan said that the Law on Cyber Security clarifies cyber security and ensures that activities on the internet do not harm national security, social order and safety, as well as the legitimate rights and interests of organizations and individuals.

This is a new issue, demonstrating the National Assembly’s stand on protecting the legitimate rights and interests of organizations and individuals in line with national security, Thuan said.

Regarding concerns related to the granting of sub-licenses to telecommunications and internet-based companies, Thuan said that the issues were carefully considered alongside consultations with the business community during the writing of the law. 
“There are no obstacles and there will be none of the sub-licenses as rumored,” Thuan said.

Luu Binh Nhuong, standing member of the National Assembly’s Committee on Social Affairs, said that concerns about limited freedom of speech once the law is adopted are baseless as the issue is not regulated in the Law on Cyber Security, but the Civil Code. The Law only controls issues related to cyber security and does not prohibit freedom of speech, he said.
“Translating the Law on Cyber Security as prohibiting freedom of speech is a misunderstanding and it should not be referred to in that way,” Nhuong stressed, adding that the law only targets cyber criminals.

Many telecommunications and network service providers also agree that the Law on Cyber Security helps create a fair business environment, benefiting both businesses and service users.

Nguyen Hoa Binh, President of NextTech Group, said the adoption of the Law not only helps prevent cyberattacks but also create a healthy environment for domestic and foreign businesses to compete fairly. Binh stressed foreign businesses which are not based in Vietnam but are turning profits in Vietnam must be subject to the same management as for domestic ones.

Safe cyber activities for citizens

The Law on Cyber Security contains stipulations designed to protect citizens from harmful information. It requires both domestic and foreign providers of services on the internet, telecom networks and cyber space in Vietnam to eliminate sources of harmful information by refusing or suspending the supply of service for those sources.  

At present, data on net users in Vietnam has been used extensively for profit, while there is insufficient legal framework to manage the use. There have even been cases where the data were used for political schemes or violation of law. Therefore, the new law stipulates that domestic and foreign providers of services on the cyberspace which collect, use, analyze and process users’ personal information and other information created by users in Vietnam, must store such information in Vietnam. Foreign enterprises subject to this stipulation must have a branch or a representative office in Vietnam.

Experts agree that the stipulation is in accordance with domestic law, international practice and it neither runs counter to international agreements to which Vietnam is a member nor hinders the operation of enterprises.

Major General Nguyen Minh Duc, Director of the Police Science Institute under the People’s Police Academy, noted that there have been 18 countries which require the storage of data inside their territories, including the US, Russia and China.

 Some 72% of the population use smart phones; 68% of Vietnamese surf the internet on mobile phones;
and the rate of phone ownership in Vietnam is 1.7/person. Photo:  VNP Files 

 Buying snack food online. Photo:  VNP Files

  Using a smart phone to track product origin. Photo:  VNP Files

 Foreigners pose with young people at Happy Color Run 2016 at Ly Thai To flower garden in Hanoi.
Photo:  VNP Files

Regarding the stipulation on representative offices, he cited existing regulations that require foreign trade promotion organizations to open representative offices in Vietnam.

In addition, the law does not require the storage of all Vietnam-related data and platform data, but only some specific types that are related to personal secrets when necessary, and to national security, because such data are property of citizens and the country, which need to be managed and protected.

Furthermore, the stipulation does not apply to all agencies, organizations operating in Vietnam’s cyber space, but only to a number of agencies and organizations providing services that are vulnerable to abuse or that can affect national security.

According to Nguyen Thanh Hong, standing member of the National Assembly’s Committee on National Defense and Security, such stipulations are necessary to protect the legitimate rights and interests of individuals, organizations and companies. Hong pointed out that preventative measures are needed to stop social network service providers from using individuals’ information for illegal purposes, thus violating the legitimate rights and interests of individuals, organizations and businesses.

Many people have expressed concern about the possible leakage of personal information as a result of the Cyber Security Law’s stipulation that relevant agencies must supply users’ information to the Public Security Ministry’s cyber security force when there is a written request.

However, Major General Duc affirmed that information leakage is impossible.

“Ensuring absolute secrecy of citizens’ personal information is both a responsibility and legal obligation,” he said, noting that any leakage of information will be strictly dealt with in accordance with law.

In 2017, Vietnam reported around 15,000 cyberattacks, including 3,000 phishing attacks, 6,500 malware attacks and 4,500 defacements. In the first five months of this year, 4,035 cyberattacks were reported, including over 1,500 in February and March.

Source: Vietnam Computer Emergency Response Teams (VNCERT) - Ministry of Information and Communications