Minister Lương Tam Quang speaks at the NA session on Saturday. — VNA/VNS Photo

HÀ NỘI — The Ministry of Public Security on Saturday called for strict penalties to prevent the emergence of a black market for personal data, warning that treating such data like ordinary goods could open the door to widespread cybercrime.

Speaking during a National Assembly (NA) session, Public Security Minister Lương Tam Quang said the unauthorised trade in personal data had become a key factor behind large-scale fraud and asset theft cases uncovered by police.

"Allowing the buying and selling of personal data is essentially allowing the trade of human rights and control over other persons' information," Lương told lawmakers. "Personal data is not an ordinary commodity; it’s a special type of resource.”

The comments came as legislators debated a draft Law on Personal Data Protection, which aims to plug legal gaps, strengthen oversight, and safeguard rights in the digital space amid rising concerns about data leaks and illegal usage.

Several lawmakers noted that even seemingly harmless information, such as phone numbers or email addresses, could be collected and sold without consent, alongside more sensitive data like bank account details or medical records. The consequences, they said, were surging online scams and eroded public trust.

NA Deputy Hoàng Minh Hiếu of Nghệ An Province urged the Government to only define a list of 'sensitive personal data,' rather than both sensitive and basic data, saying this would make the law more practical and easier to apply.

While most deputies agreed on the need to ban illegal data trading, some warned against sweeping restrictions.

NA Deputy Nguyễn Thị Việt Nga of Hải Dương said an outright ban with no reasonable exceptions could hinder enforcement and stifle emerging digital business models.

NA Deputy Phạm Văn Hoà of Đồng Tháp echoed that view, arguing the law should only prohibit unlawful data transactions.

"If it’s my data, and I believe sharing it doesn’t affect national defence or security, and it’s not sensitive, then I should be allowed to sell it," he said.

Quang, however, warned that lax internal controls in industries like banking, telecommunications, insurance, and electricity have enabled employees to extract accurate, real-time customer information and sell it to scammers. He said such practices fueled fraud schemes.

"If we don’t prohibit trading personal data like ordinary goods, and enforce strong penalties, we’ll see the rise of black market activity with serious consequences for public safety," he said.

The draft law has been updated to include provisions banning the use or sharing of personal data for unlawful purposes, including renting or lending data, or allowing one’s own data to be used by others in illegal acts. — VNS