Supplementing the responsibilities of businesses providing services in cyberspace

This afternoon, October 31, discussing at Group 11 (including the National Assembly Delegation of Can Tho City and Dien Bien Province), National Assembly deputies highly agreed on the promulgation of the Law on Cyber ​​Security as proposed by the Government in the context of extremely complicated developments of cybercrime.

Unifying the Law on Cyber ​​Security and the Law on Network Information Security is an urgent requirement.

According to delegates, in the context of the 4th industrial revolution taking place strongly, cyberspace is increasingly becoming an inseparable part of social life. Cyberspace is not only a tool to support economic development but also a series of illegal acts (fraud, kidnapping...) directly affecting national security and social order.

Therefore, National Assembly Delegate Lo Thi Luyen (Dien Bien) said that merging the 2018 Law on Cyber ​​Security and the 2015 Law on Network Information Security (amended and supplemented in 2018) is an urgent requirement and suitable to current practice.

According to the delegate, the Government's Draft Law Report also clearly stated that the provisions of the two current laws are inconsistent, specifically there are different provisions on the classification of network information systems, measures to prevent and handle violations... leading to a lack of uniformity in the management and implementation of measures to ensure network security, causing difficulties in management in practice.

Therefore, the merger of the two laws, according to the delegate, "will create a unified, synchronous and transparent legal framework of the legal system, creating favorable conditions for organizations and individuals in complying with the law and improving the effectiveness of state management activities in ensuring network security.

At the same time, address legal gaps, abolish duplicate regulations, and ensure flexibility in management and administration in the direction of applying achievements in science and technology development, especially in the context that Vietnam is implementing national digital transformation and developing the digital economy as emphasized in Resolution No. 57 dated December 22, 2024 of the Politburo."

Delegate Lo Thi Luyen also pointed out the fact that currently, on social networks, there is a lot of fake news posted on platforms such as Facebook, TikTok..., typically news using artificial intelligence (AI) to create, edit, and spread fake clips, images, sounds, and texts; impersonating voices, identities, and images of others to defame, infringe upon the rights and legitimate interests of agencies, organizations, and individuals or cause harm to national security and social order and safety, but these platforms have not yet censored and removed it in a timely manner.

Therefore, delegates proposed to add the responsibility of enterprises providing services on cyberspace in proactively detecting, preventing and removing content that violates the law on cyber security.

More open regulations on prohibited behavior

Article 17 of the draft Law stipulates the prevention and handling of information on cyberspace that violates national security, social order and safety. In particular, Point b, Clause 6 stipulates that information on cyberspace has content that violates the legitimate rights and interests of organizations: "Calling for, mobilizing, inciting boycotts of products, services, goods, brands, trademarks of organizations and enterprises, causing material damage and reputational damage to enterprises and organizations".

Delegate Lo Thi Luyen said that the above regulation could be interpreted to prohibit consumer protests against poor quality products or businesses with wrongdoings (such as causing environmental pollution).

“Consumers’ right to boycott is an important form of social expression and oversight. A blanket ban would eliminate this right, protecting even the weakest businesses and weakening the position of consumers.”

Emphasizing this, delegate Lo Thi Luyen proposed to amend the law to only prohibit acts of unfair competition or sabotage, specifically: “b) Spreading fabricated or untrue information to call for, mobilize, and incite boycotts of products, services, goods, brands, and trademarks of organizations and enterprises, causing material damage and damage to the reputation of enterprises and organizations”.

Regarding the above content, National Assembly Delegate Trang A Tua (Dien Bien) said that with the current situation of counterfeit, fake and poor quality goods, we also need to use cyberspace to condemn violations and protect the rights of consumers.

Adding to the opinion of delegate Lo Thi Luyen, the delegate proposed to add the phrase “untrue” to point b, clause 6, Article 17. Specifically, to prevent and combat acts of “calling for, mobilizing, inciting, boycotting products, services, goods, brands, trademarks of organizations, businesses... that are untrue, causing material damage and damage to the reputation of businesses”.

Regarding prohibited acts, delegate Trang A Tua also suggested that the regulations should be more open, based on the framework principles rather than listing illegal acts.

For example, the framework principle is: "prohibiting the use of cyberspace to commit illegal acts" will cover all areas, from criminal to civil and administrative.

According to the delegate, if there is only one regulation that says "taking advantage of cyberspace to commit illegal acts", then any act of taking advantage of cyberspace to violate the law is strictly prohibited.

Continue to review arising practical issues

Regarding the explanation of terms, Clause 9, Article 3 of the draft Law stipulates that "An important information system on national security is an information system that, when it is broken, infiltrated, hijacked, distorted, interrupted, suspended, paralyzed, attacked or sabotaged, will seriously violate national security."

National Assembly Deputy Le Thi Thanh Lam (Can Tho) said that the criteria for identifying and classifying important national information systems have been prescribed by the State. Therefore, the determination of criteria, classification and building of a list of important information systems on national security should be considered to have similar references between the two classification systems; to avoid conflicts between the State's regulations, causing overlap in State management.

Delegates also proposed to include explanations of terms to specifically explain concepts such as: cyberspace usage activities, network information security, digital devices... appearing in some provisions of the draft Law to have a unified and more convenient understanding during the implementation process.

Delegate Le Thi Thanh Lam also proposed reviewing the provisions in many other current specialized legal documents such as the Data Law, Personal Data Protection Law, Telecommunications Law, Information Technology Law, Electronic Transaction Law, Digital Technology Industry Law, Science, Technology and Innovation Law, etc. to ensure consistency in the legal system, consistency in state management agencies and specialized forces on network security and network information security.

Along with that, it is necessary to continue reviewing international treaties of which Vietnam is a member and arising practical issues to stipulate in the draft Law to ensure consistency, feasibility and compatibility with international treaties.

Citing the provisions in Clause 2, Article 3, Clause 3, Article 2 and Clauses 2, Clause 3 and Article 15, National Assembly Delegate Nguyen Xuan Dat (Can Tho) proposed to adjust in the following direction:

The Ministry of Public Security shall preside over and coordinate with the Ministry of National Defense and relevant agencies and organizations to have the following responsibilities for important information systems on national security, except for important information systems on national security under the management of the Ministry of National Defense and key information systems managed by the Government Cipher Committee in accordance with the provisions of law.

The Ministry of National Defense shall preside over the appraisal, assessment, and surprise inspection of network security, monitor network security safety, and coordinate response and remediation activities for important information systems on national security under the management of the Ministry of National Defense.