Legislators asked for more data management details in Law on Electronic Transactions

November 11, 2022 - 12:00
The introduction of e-certificates will catalyse the widespread use of electronic transactions in all sectors across the board.
National Assembly on Friday morning discuss the draft law on E-Transactions. VNA/VNS Photo An Đăng

HÀ NỘI — National Assembly deputies on Friday morning asked for more specific regulations to be added to the draft law on E-Transactions (amended) to ensure the safety of personal information in electronic transactions.

The draft comprises eight chapters and 58 articles. It expands the scope of the law to include e-signatures, e-certificates, and the conversion between paper-based documentation and data messages. It also legally recognises electronic transactions and adds new cybersecurity and data security regulations to the law.

The introduction of e-certificates will catalyse the widespread use of electronic transactions in all sectors across the board.

Speaking at the Friday discussion, deputy Nguyễn Thị Mai Hoa from the southern Đồng Tháp Province said that the expansion of the regulation must include resources, information technology infrastructure and human resources.

"Is it possible to arrange sufficient funds? Can a roadmap for building and upgrading current systems meet the requirements of conducting electronic transactions in the future? How about the issues of State secrets, security, national defence, and business secrets, as they may be at risk of being exposed, leaked or appropriated when conducting electronic transactions?" Hoa asked.

Deputy Trần Thị Hồng Thanh from Ninh Bình Province said that the expanded scope of the regulation of the law would affect activities in social life, including electronic transactions of agencies, organisations and individuals in public affairs, business, commerce, administration and other fields.

"However, to ensure the feasibility of the law, it is necessary to have a roadmap to transform electronic transactions in several industries and fields with complicated and diverse administrative procedures, such as those related to land use and management, bidding, construction and planning," she said.

Concerned about the consistency and synchronisation of the draft Law with related laws, deputy Đồng Ngọc Ba from Bình Định Province said that he highly appreciated the drafting compliers' meticulous review of 26 related laws, clarifying several issues compatible with this draft law.

"It is still necessary to review it more carefully because the draft law only provides technical regulations for using electronic means in creating and performing transactions. Most of the socio-economic context of such transactions lies in specialised laws and specific laws," he said.

Ba said that the draft law introduced a 'trust service' - a new service with the nature of conditional business.

The trust service provider is responsible for ensuring the integrity of signatories and services' electronic identification through strong mechanisms for authentication, electronic signatures and digital certificates.

Under the draft, trust service is provided in specific industries like timestamp issuance service, data authentication service, and public digital signature service.

In the draft law, it is also proposed to amend the appendix issued together with the Investment Law to include trust services in Appendix 4 of the Investment Law as a conditional business.

Deputy Trần Chí Cường from Đà Nẵng City said that the law compiling unit should further study controlling the data of organisations and businesses.

Regulations on prohibited acts, such as revealing and leaking personal information in electronic transactions, were also needed, Cường said.

Cường emphasised that in electronic transactions, data is the most important factor, including stipulating the rights and obligations of data creators and data users, as well as rights and obligations relating to the use of data.

However, the draft law does not specify those contents.

"Those content should be studied, considered and included to ensure the legal basis for the settlement of disputes related to the use, exploitation, analysis and trading of services related to data that is generated in electronic transactions," Cường said.

The issue of protecting personal information in cyberspace needs to be taken care of, Cường said, adding that there had been several legal documents regulating the protection of personal information, such as the Law on Cyberinformation Security or the Law on Cybersecurity.

However, the regulations need to be more specific and practical to meet with current moves of electronic transactions.

He said that the acts that lead to the leakage of personal information without permission or agreement with organisations and individuals engaged in electronic transactions must be prohibited. VNS