VietNamNet Bridge - The data relocation and regulation that requires foreign firms to set up data centers in Vietnam remains the most controversial issue of the draft cybersecurity law.


{keywords}

Some experts say data localization may not be good for network security



The latest draft law doesn’t clearly state that businesses must have their servers in Vietnam, but says the data originating from Vietnam must be managed in Vietnam. Thus, the requirement on server location still exists, causing businesses to worry that it may interfere with data flow.

According to Joshua P. Meltzer from Brookings Institute, research by the agency found that the cost of data localization in Vietnam will be huge, and may affect 1 percent of Vietnam’s GDP.

More than 10 drafts have been opened for public opinion since October 2017, while the law is expected to be submitted to the National Assembly for ratification in May 2018. However, opinions still vary about the feasibility and possible impact of the law.

He said there are two issues policymakers need to consider when compiling the cybersecurity law. First, the requirement on data center and server locations must not hinder information flow.

Second, the rights of specialized force to take inspection tours must be designed in a way to be sure that this won’t intervene with businesses’ operation. 

Data localization may not be good for network security. If servers are located in different positions instead of one, this will avoid the risk of data being hacked.

More than 10 drafts have been opened for public opinion since October 2017, while the law is expected to be submitted to the National Assembly for ratification in May 2018. However, opinions still vary about the feasibility and possible impact of the law.

Lawyer Nguyen Tien Lap from NHQuang & Associates Law Office referred to the enacted Law on Information Security to find similarities mentioned in both the law and the draft Cyber Security Law. 

The Draft Law on Cyber Security says Vietnam prioritizes supporting the network security related to socio-economic development, security, national defense and foreign affairs. 

“This is a new approach which shows that the state will allocate high budget to protect the interests of the state,” he said. 

Commenting about the impact of the cybersecurity law on the development of businesses, Nguyen Quang Dong, head of IPS (Institute for Policy Studies and Media Development), said the law would mainly cover three groups of businesses. 

The businesses providing network security products and services and anti-virus services will bear direct impact from the law. The second group includes fintechs, which are developing rapidly in Vietnam and key to the startup community. The third includes startups in general.

Dong said the firms will have to pay for additional kinds of fees for certificates, licenses and inspections. And they will also have to pay a conformity fee to make periodic reports.


RELATED NEWS

Cyber security threat to persist in 2018

Guaranteeing cyber safety and security


Thanh Mai