Principles of protecting personal information in cyberspace in Vietnam

Principles of protecting personal information in cyberspace in Vietnam (Internet image)

1. What is Personal Information?

- Personal information means information associated with the identification of a specific person.

- Owner of personal information means a person identified based on such information.

- Processing of personal information means the performance of one or some operations of collecting, editing, utilizing, storing, providing, sharing or spreading personal information in cyberspace for commercial purpose.

(Clause 15, 16, 17, Article 3 of the Law on Cyberinformation Security 2015)

2. Principles of protecting personal information in cyberspace in Vietnam

Article 16 of the Law on Cyberinformation Security 2015 stipulates the principles of protecting personal information in cyberspace as follows:

- Individuals shall themselves protect their personal information and comply with the law on provision of personal information when using services in cyberspace.

- Agencies, organizations and individuals that process personal information shall ensure cyberinformation security for the information they process.

- Organizations and individuals that process personal information shall develop and publicize their own measures to process and protect personal information.

- The protection of personal information must comply with this Law and other relevant laws.

- The processing of personal information for the purpose of ensuring national defense and security and social order and safety or for non-commercial purposes must comply with other relevant laws.

3. Collection and use of personal information in Vietnam

- Organizations and individuals that process personal information shall:

+ Collect personal information only after obtaining the consent of its owners regarding the scope and purpose of collection and use of such information;

+ Use the collected personal information for purposes other than the initial one only after obtaining the consent of its owners;

+ Refrain from providing, sharing or spreading to a third party personal information they have collected, accessed or controlled, unless they obtain the consent of the owners of such personal information or at the request of competent state agencies.

- State agencies shall secure and store personal information they have collected.

- Owners of personal information may request personal information-processing organi

(Article 17 of the Law on Cyberinformation Security 2015)

4.  Updating, alteration and cancellation of personal information in Vietnam

Pursuant to Article 18 of the Law on Cyberinformation Security 2015, t

Owners of personal information may request personal information-processing organizations and individuals to update, alter or cancel their personal information collected or stored by the latter or to stop providing such personal information to a third party.

- Upon receiving the request of an owner of personal information for update, alteration or cancellation of personal information or for stoppage of the provision of personal information to a third party, a personal information-processing organization or individual shall:

+ Comply with the request and notify such owner or grant him/her/it the right to access information for the latter to update, alter or delete his/her/its personal information;

+ Take appropriate measures to protect personal information; and notify such owner if it/he/she fails to comply with the request for technical or other reasons.

- Personal information-processing organizations and individuals shall delete the stored personal information when they have accomplished their use purposes or the storage time has expired and notify such to the owners of such personal information, unless otherwise prescribed by law.

Van Trong

>> CLICK HERE TO READ THIS ARTICLE IN VIETNAMESE