Challenges in protecting personal data

Digital transformation, the development of the digital economy, and the building of a digital society are trends of the times. Personal data is one of the main ingredients for implementing digital transformation, developing the digital economy, and building a digital society. The development of several new technologies also creates the need to protect personal data, such as big data processing, artificial intelligence, cloud computing, blockchain, and virtual universes.

Báo Sài Gòn Giải phóng•18/10/2025

Currently, data breaches and leaks of personal information are widespread in cyberspace. Among the 10 major data breaches in Vietnam recently recorded by Viettel Cyber Security's system, there was one case involving the sale of approximately 300GB of source code and customer data from a technology company; two cases involving the sale and sharing of information from several major universities in Vietnam, with approximately 500MB of leaked databases; two cases involving the sale of source code from several media and retail companies with approximately 3.5 million records; one case involving the leak of system source code and customer data from a company operating in the energy sector; and four other cases involving the leak of personal information, with approximately 15GB of source code and nearly 4 million records. Authorities quickly addressed the vulnerabilities and issued numerous warnings to individuals and organizations, such as not providing phone numbers or bank account details during transactions and purchases.

Data from transactions contains highly detailed information about individuals, organizations, and businesses: full name, date of birth, citizen identification number, address, phone number, bank account number (including balance), relatives, job title, position, etc. These issues highlight the urgent need for personal data protection.

The Law on Personal Data Protection has been passed by the National Assembly and will take effect on January 1, 2026. With the effective date fast approaching, there are urgent demands for protecting personal data. Therefore, to ensure strict control when organizations and entities are permitted to access personal data, clear regulations are needed regarding the purpose of data use; a list of data sources to ensure authenticity and accuracy; and permitted data retention periods. If the party accessing the data violates the rules, mechanisms and methods for revoking consent and policies for deleting or destroying personal data should be in place.

When laws come into effect, there are universal regulations, but for personal data, especially private data, specific regulations are needed. The clearer the regulations, the easier they are to implement. This aims to protect the legitimate rights and interests of agencies, organizations, and individuals when incidents of personal information leaks occur that relate to the law and public issues.

DO TRUNG

Source: https://www.sggp.org.vn/thach-thuc-bao-ve-du-lieu-ca-nhan-post818642.html