Building a Cyber ​​Security Law in line with international standards

Presenting the Report on the draft Law on Cyber ​​Security, Deputy Minister of Public Security Nguyen Van Long informed that the Draft Law inherits 30 articles of the 2018 Law on Cyber ​​Security (of which 21 articles remain, 9 articles are amended and supplemented), inherits 16 articles of the 2015 Law on Network Information Security (amended and supplemented in 2018) (of which 12 articles remain, 4 articles are amended and supplemented); consolidates the contents of 9 articles of the 2 above-mentioned laws; and adds 3 articles.

The Draft Law has a number of new and amended contents: Adding 1 article regulating data security assurance; adding regulations on encouraging agencies and organizations in the political system and state-owned enterprises to use Vietnamese security industry products and services that ensure quality standards and regulations to improve autonomy in cybersecurity.

At the same time, the bill adds regulations that the head and person responsible for important information systems related to national security must participate in an exam and be granted a certificate in cybersecurity...

Presenting the Report on the review of the Law on Cyber ​​Security project, Chairman of the National Assembly 's Committee on National Defense, Security and Foreign Affairs Le Tan Toi said that the Standing Committee of the Committee basically agreed with Article 3, because the interpretation of the terms is inherited from the Law on Cyber ​​Security and the Law on Network Information Security.

In addition, there are suggestions to transfer concepts such as "malware" and "cyber terrorism" into specific laws; unify the concepts of "network", "cyberspace", "cyber security", "cyber information security", "cryptographic information system" for unified use, consistent with international standards; supplement explanations of terms such as "national cyberspace infrastructure", "high-tech crime"...

Regarding prohibited acts in cybersecurity (Article 9), the Standing Committee of the Committee proposed to review prohibited acts in cybersecurity to fully supplement them in the direction of regulating prohibited acts that are widespread and seriously affect national security, social order and safety, and the legitimate rights and interests of organizations and individuals...

Speaking at the meeting, Politburo member and National Assembly Chairman Tran Thanh Man said that cyber security is a current and "hot" issue and international public opinion is very interested in this bill. Therefore, it is necessary to clarify the concept and scope of the bill to avoid overlap, specifically clarifying: Cyber ​​security, network information security, cybercrime, and important information systems for national security.

Regarding the scope of regulation, the draft needs to clearly identify the affected subjects and regulated behaviors (cyber attacks, illegal data collection, dissemination of false information).

The draft law needs to specify the responsibilities of cross-border platforms to ensure compliance with Vietnamese law; clarify the boundaries: Cyber ​​security is related to national security and cybercrime prevention and control, information security is related to data security and technical systems. This will avoid conflicts when applying the law and help define the responsibilities of management agencies.

The National Assembly Chairman also proposed developing clear criteria to classify and identify important information systems for national security; having regulations for periodic assessment and continuous monitoring mechanisms to protect the system from increasingly sophisticated threats.

The National Assembly Chairman proposed a multi-layered protection model combining firewall and encryption technology; having a management process, periodic inspection, incident response and personnel training; clearly defining the specific responsibilities of management agencies in supporting businesses in protecting information systems and inter-sectoral coordination as well as enhancing the role of the Ministry of Public Security, the Ministry of Science and Technology, and the Ministry of National Defense in coordinating the protection of important information systems and clearly regulating the sharing of threat information between these agencies and businesses.

Regarding the protection of personal data and privacy, the National Assembly Chairman stated that it is necessary to specify the responsibilities of organizations that collect and store personal data, especially social networking platforms and cross-border services. It is necessary to build a strict mechanism to handle violations of privacy rights, illegal collection and use of data; establish a specialized agency to monitor regulations on personal data; ensure users have the right to request deletion of data, withdraw consent, and be notified when data is violated...

Regarding crime prevention and control, the draft law needs to update regulations on cybercrime and strengthen international cooperation; allow the use of advanced technologies such as AI and big data analysis to detect and prevent crimes, but strict regulations are needed to avoid abuse and ensure respect for people's privacy.

According to the National Assembly Chairman, the bill needs to be built on the spirit of international integration and in line with global standards; ensuring that the provisions in the law are consistent with international agreements that Vietnam participates in and cybersecurity standards; and have provisions on data storage and cross-border cooperation mechanisms...

Comrade Tran Thanh Man also suggested the establishment of specialized agencies to ensure implementation supervision; have a mechanism to report incidents and increase consultation for the domestic and foreign business community...

Source: https://hanoimoi.vn/xay-dung-luat-an-ninh-mang-phu-hop-chuan-muc-quoc-te-717061.html