Vietnam's Personal Data Protection Law Set to Come into Force in 2023
Vietnam is set to join the global trend towards more stringent data protection regulations with its forthcoming law on personal data protection. The law, which is heavily influenced by the EU's General Data Protection Regulation (GDPR), will include new cookie consent requirements that businesses operating in Vietnam will need to adhere to.
Vietnam is set to join the global trend towards more stringent data protection regulations with its forthcoming law on personal data protection. The law, which is heavily influenced by the EU's General Data Protection Regulation (GDPR), will include new cookie consent requirements that businesses operating in Vietnam will need to adhere to.
While the specifics of these requirements are not yet defined, Vietnam's government has provided some guidance on what they could look like. According to Resolution 13/NQ-CP, passed by the Vietnamese government, businesses may process personal data without prior consent in specific situations, which include:
- Emergencies involving the protection of life and health,
- Legal requirements for disclosure of personal data,
- Processing of data by state agencies for public interests such as national defense and security,
- Execution of a contract, and,
- Serving activities of state agencies specified by sector-specific laws.
Vietnam's proposed cookie requirements bear a strong resemblance to those set out in the GDPR, which allows for six lawful bases for data processing, including consent and legitimate interests. However, it remains to be seen whether Vietnam's new data protection legislation will adopt a similar approach.
The new law on personal data protection is expected to be passed in 2023, providing companies with a grace period to adapt to the new requirements. Once the law is in place, companies that target Vietnamese residents will need to ensure that their data processing practices are compliant. Penalties for non-compliance have not yet been announced, but if Vietnam follows the GDPR's example, businesses could face significant fines for failing to comply with the new regulations.

Automating CCPA Risk Assessments and Cybersecurity Audits: Complying with Draft Regulations
The issued draft regulations on CCPA risk assessments and cybersecurity audits by the California Privacy Protection Agency (CPPA) give you an idea of how to comply with imminent obligations
- Data Protection
- USA

India Digital Personal Data Protection Act 2023 - All You Need to Know
Discover the India Digital Personal Data Protection Act (DPDPA) 2023 – India's first comprehensive data protection law. Learn how it affects businesses, data principals, and more. Stay informed about the latest data privacy regulations.
- Data Protection

International Privacy Authorities Issue Joint Statement on Data Scraping
Learn about the joint statement issued by global privacy authorities on August 24, 2023, addressing the risks of data scraping to privacy. Discover its implications for businesses and mitigation strategies
- Data Protection