SINGAPORE – January 2, 2018 – Vietnam’s Law on Cybersecurity entered into force on January 1, 2019. BSA | The Software Alliance acknowledges and recognizes the importance of a national cybersecurity strategy, and has proposed an international cybersecurity policy framework for this purpose. However, the requirements imposed by the Government of Vietnam in its newly implemented Law on Cybersecurity will not achieve this goal. The Law imposes unnecessary data localization and local office requirements, and overly-broad law enforcement access rules. These measures will chill innovation and investments without meaningfully protecting against cybersecurity threats.

It is imperative for the Government of Vietnam to ensure that, in implementing the Law, a flexible approach is taken that accommodates a wide range of sectors and that also recognizes and incorporates the international data transfer mechanisms in existence today. The Government of Vietnam has the opportunity to implement a regulatory regime that is both predictable and conducive to the adoption of cutting-edge IT products and services, which will ultimately yield the best security outcomes. BSA has already provided comments to the draft decree implementing the Law on Cybersecurity and we look forward to working further with the Government of Vietnam to ensure that the relevant implementing measures achieve these objectives.