Users need to develop "resistance" to protecting their personal data.

Dr. Pham Chien Thang believes that improving skills in protecting personal data online is essential. (Photo: Provided by the interviewee)

Vietnam is considered one of the countries that is quick to adapt to new trends. However, the reality is that the leakage of personal information on social media is becoming increasingly common.

The World and Vietnam newspaper had an interview with Dr. Pham Chien Thang, Head of the Journalism and Communication Department, Faculty of Science - Thai Nguyen University, regarding this issue.

What is your assessment of the current situation regarding the leakage of personal information in the digital environment?

The leakage of personal information in today's digital environment is a serious problem that needs attention from many sides. Below are some issues regarding the current state of personal information leakage in cyberspace.

Large companies like Facebook, Google, and Amazon collect user data on a massive scale to support targeted advertising, service optimization, and trend analysis. This means that users' personal information is no longer as protected as it once was.

Furthermore, many businesses and organizations have not paid sufficient attention to protecting users' personal information. This creates opportunities for hackers to exploit vulnerabilities.

Furthermore, legal regulations related to personal data security often lag behind technological advancements, reducing the effectiveness of legal prosecution and prevention of violations.

With the current advancements in science and technology, modern algorithms can analyze and "predict" personal information based on seemingly harmless data. This also raises concerns about the privacy of personal information.

A key issue is that the effects of leaked personal information can have serious social and psychological impacts, ranging from being scammed to increased stress and anxiety.

On July 1st, Decree No. 13/2023/ND-CP on the Protection of Personal Data officially came into effect. How do you assess this Decree in terms of creating a legal framework?

I consider the promulgation and implementation of this Decree to be very important. Having a legal framework for the protection of personal data not only creates a safer, more transparent, and more trustworthy digital environment, but also helps shape and regulate the development of technology and society.

Having a legal system that clearly defines the rights and obligations of all stakeholders, from organizations to individuals, creates transparency and gives users a clear understanding of how their information is being used.

With a legal framework in place, the business and digital environments become more trustworthy. Users will feel safer providing their personal information. In cases where personal information is leaked or misused, the legal framework provides a basis for taking legal action, from penalizing violating organizations to protecting users.

The legal system helps define the responsibilities of parties and the consequences they face if they violate regulations on personal data protection. This not only has a deterrent effect but also helps create a more responsible and transparent digital environment.

Finally, having a legal framework also encourages businesses and organizations to continuously research and update security technologies to ensure compliance with regulations.

Information leaks and data breaches are quite common, and online scams are on the rise. Are there ways to improve users' ability to protect their personal information?

The increasing risk of information leaks and online fraud has highlighted the urgent need to improve users' self-protection skills. To achieve this, the first step is to raise user awareness regarding practices such as: using strong passwords that combine letters, numbers, and special characters; and using multi-factor authentication to enhance security.

Organizations and businesses can strengthen their security systems by implementing encryption and multi-factor authentication technologies, thereby requiring users to take appropriate actions to protect their personal accounts.

The leakage of information and the increase in online fraud have created an urgent need to improve users' self-protection skills. (Illustrative image: Internet)

Should personal data protection be integrated into the curriculum for students?

In my view, integrating personal data protection into the curriculum for students is a crucial and necessary element. Educating students about personal data protection from an early age will help them clearly understand the importance of this issue and prevent potential risks.

Nowadays, students are exposed to technology from a very young age. This means that the risks related to protecting personal information are also high from an early age. In an increasingly digitized environment, knowing how to protect personal information is not only a specialized skill in information technology, but also an essential life skill.

Furthermore, many schools and educational institutions encourage the use of technology in the learning process. Therefore, mastering the principles of protecting personal information is also an important part of supporting learning.

Having a basic understanding of personal data protection will be a valuable foundation for students in developing their skills and knowledge later on, not only in the field of information technology but also in daily life.

How can we raise users' awareness of protecting their own information, in your opinion?

Raising users' awareness of self-protection of information is a long process that requires cooperation from many parties, from technology organizations and regulatory agencies to the users themselves. Below are some measures that can be applied:

Organize communication and awareness campaigns about the importance of protecting personal information to help raise user awareness. Alternatively, organize online training courses and tutorials on how to protect personal information. These courses can be designed to suit different user groups, from students to the elderly.

Organizations can build systems for users to report data security incidents, while also providing feedback to help users understand how to handle similar situations in the future. Organizations and businesses should cooperate with government agencies in raising awareness and enforcing regulations on personal data protection.

Additionally, mass media channels and social networks can be used to disseminate information and create specific awareness campaigns, such as Information Security Month or other important events.

More activities are needed to introduce and encourage users to adopt technologies that help protect personal information, such as multi-factor authentication, encryption technology, or the use of password management services. Users should be encouraged to participate in events, workshops, and webinars on information security to improve their knowledge and skills.

Thank you, sir!