New Draft Law on Cyber ​​Security: Proactively prevent fake videos and news created with AI

On the afternoon of November 20, the Department of People's Public Security Communications ( Ministry of Public Security ) organized a discussion on draft laws drafted by the Ministry of Public Security.

Regarding the Law on Cyber ​​Security, Major General Do Trieu Phong - Director of the People's Public Security Communications Department - suggested that the press coordinate and exchange information with the system of press agencies that have connections, increase propaganda on platforms, and warn about cyber security crimes.

He stressed the seriousness of the situation recently, especially for young people - the group of "victims" most often of cybercrime. The necessity and urgency of the law is extremely important.

Lieutenant Colonel Trieu Manh Tung - Deputy Director of the Department of Cyber ​​Security and High-Tech Crime Prevention (Ministry of Public Security) - said that the Cyber ​​Security Law 2025 was built on the basis of merging the Cyber ​​Security Law 2018 and the Network Information Security Law 2015.

Regarding new points compared to the two previous laws, Lieutenant Colonel Tung said that merging the two laws requires adding provisions of the 2015 Law on Information Security to the 2018 Law on Cyber ​​Security to create consistency.

At the same time, some new contents were added to ensure consistency with the practical situation and major policies of the Party and State leaders in developing science and technology and ensuring network security in Vietnam.

He emphasized that adding new regulations on data security is very important. Currently, agencies, ministries and localities are implementing strong digital transformation, building national data centers, internal big data systems and component data systems.

These data will effectively serve public services, utilities for people and the needs of life. However, the data generated is increasingly large, becoming an extremely important resource for the country in innovation, development and digital transformation.

At the same time, the Law on Personal Data Protection has specifically stipulated the responsibilities and obligations to protect personal data, helping to form, develop and protect national data. In the current period, these regulations are very necessary.

Another important content is that the bill has provisions on risk management and preventing the use of artificial intelligence (AI) to create fake information and images.

Service platforms (both domestic and cross-border) must develop solutions to proactively detect and prevent artificial intelligence-based products.

"If they do not comply, it will be considered a violation of Vietnamese law," said Colonel Tung.

Previously, when detecting untrue content or fake news produced by artificial intelligence, authorities would require platforms to block or remove it. "But in the new law, they must proactively build filters to detect such content and remove, block, or delete it," said Mr. Tung.

The 2025 Law on Cyber ​​Security also adds provisions on funding for cybersecurity protection. State agencies, organizations, enterprises, and political organizations must ensure at least 10% of the total funding for developing projects, plans, programs, and investment plans for applying and developing technology to protect cybersecurity.

This is a new regulation, reflecting the Government's direction in building information technology systems, ensuring that systems are adequately protected against common domestic and international attacks.

Mr. Tung pointed out that in reality, many agencies have not paid enough attention to investing in system protection, leading to weak systems at risk of attack, illegal intrusion and illegal data collection.

According to Lieutenant Colonel Trieu Manh Tung, the 2025 Cyber ​​Security Law adds regulations on the responsibilities of leaders. Those in charge of important national information systems must take an exam and have a certificate of competence in information system management.

This is to ensure that those responsible for operating and managing the system have the qualifications and understanding of network security, while at the same time attaching personal responsibility to operational activities, limiting errors and risks.