Draft law on Cyber Security debated

November 06, 2017 - 09:00

Some proposals in the draft Law on Cyber Security by the Ministry of Public Security are not consistent with international commitments Việt Nam has made, according to the Việt Nam Chamber of Commerce and Industry (VCCI).

Young people access a search engine on the internet. The draft Law on Cyber Security requires foreign suppliers of telecom and internet services to establish a representative agency in Việt Nam. — Photo tuoitre.vn
Viet Nam News

HÀ NỘI — Some proposals in the draft Law on Cyber Security by the Ministry of Public Security are not consistent with international commitments Việt Nam has made, according to the Việt Nam Chamber of Commerce and Industry (VCCI).

The VCCI sent its comments about the draft law to National Assembly’s Committee on National Defence and Security, saying some proposed regulations are unreasonable.

For example, Item 3, Article 34 proposes that suppliers of telecoms services and internet services must establish mechanisms to verify personal information of users when they create an account to ensure confidential authentication of the information. The suppliers would also have to provide the information to cyber security agencies.

According to the VCCI, it is not possible for the suppliers to verify and ensure the authentication of the information that users provide, especially when suppliers have yet to use the national database on citizen identification.

Item 2, Article 47 proposes that websites or web portals hosting illegal cyber information may be subject to temporary suspension or withdrawal of operating licences if they contain information inciting mass gatherings that disturb security and order or that encourage anti-government activities.

The website/web portal operators would be asked to prevent the sharing of such illegal information and to remove the illegal information within 24 hours. The VCCI said that the requirement could add cost and staff burdens to the operators.

Notably, the draft law requires foreign suppliers of telecom services and internet services to obtain operation licences, establish a representative agency in Việt Nam, and locate the server that manages Vietnamese users’ data in the territory of Việt Nam.

The VCCI said that the proposal went against commitments that Việt Nam made when joining the World Trade Organisation and the Europe-Việt Nam Free Trade Agreement.

VCCI Vice Chairman Hoàng Quang Phòng said that the proposal on sever location was against a commitment relating to Location of Computing Facilities (Article 14.13) in the Electronic Commerce Chapter of the Trans-Pacific Partnership (TPP) that Việt Nam signed in February, 2016.

Tuổi trẻ (Youth) newspaper on Friday reported that experts were concerned the proposals, if approved, could hinder the development of internet firms in Việt Nam and Vietnamese users could lose opportunities to access quality services.

They also said foreign service suppliers like Google, Facebook, Viber, Uber could refuse to establish a representative agency or relocate their servers to Việt Nam.

Lawyer Vũ Quang Đức from HCM City Bar Association said that Việt Nam should not use administrative measures to manage services provided by foreign companies. Instead, technical measures could be more effective, he said.

Bùi Việt Hiền Nhi, deputy head of FPT Telecom’s Communication Board said the requirement for a representative agency was reasonable because it helped State agencies oversee and minimise risks of trade fraud and cyber attacks.

Nhi said that few foreign companies were willing to move their servers to Việt Nam.

“It’s necessary to tighten control but any regulation needs to be considered carefully and logically to match the typical features of each industry,” she said.

Vũ Tú Thành, Deputy Regional Managing Director & Representative, US-ASEAN Business Council in Việt Nam, said that there was a contradiction between the requirement for users’ information and the requirement for servers to be located in Việt Nam, where IT infrastructure is poor.

“Where servers are located is not as important as how to ensure cyber security for the data that the servers store,” he said. — VNS

E-paper