Vietnam Mid-Year Technology, Media, And Telecommunications Law Review.

30 July, 2018

The first half of 2018 has seen a flurry of legislative activity in Vietnam’s technology, media, and telecommunications sectors, with major laws passed and others in the drafting process. Below is a summary of some of the key developments:

CYBERSECURITY

New Law on Cybersecurity passed

Despite many concerns from inside and outside Vietnam, and also despite a request for postponement from 13 Vietnamese ICT associations, the Law on Cybersecurity was passed by the National Assembly of Vietnam on June 12, 2018, with an 86.86 % consensus of the National Assembly’s Deputies who were present. The Cybersecurity Law will come into effect on January 1, 2019.

Many industry experts have expressed concerns that the law will create obstacles and disadvantages for cyberspace activities and the business environment in Vietnam, and have questioned how the law would effectively achieve its purpose of ensuring national security. In particular, the most problematic issues of data localization and retention requirements in the law could be seen as a big step backward, which could potentially have adverse effects on international commitments of Vietnam in multilateral trade agreements such as the EVFTA, the CPTPP, and its WTO Commitments, all of which promote trade liberalization and minimizing technical barriers to trade.

Article 26.3 of the Cybersecurity Law requires that domestic and foreign enterprises which (1) provide services on telecommunication networks or the internet, or other value-added services in cyberspace in Vietnam, and (2) engage in the collection, exploitation, analysis, and processing of personal information, data about users’ relationships, and data generated by users in Vietnam “must store this data in Vietnam for a certain duration” to be stipulated by the Government. Foreign enterprises covered by the clause are further required to “establish either a branch or a representative office in Vietnam.”

This language is broad and vague enough to cover a wide range of businesses and data in this current high-tech era. In addition, it is not clear how this requirement would actually be implemented in practice unless there will be subordinate regulations specifically providing guidance for its implementation. For example, during the time users’ data is required to be retained in Vietnam, would the law permit the transfer or copying of Vietnamese users’ data to overseas servers of overseas banks for processing of banking or e-commerce transactions? Would a small social network of animal lovers sharing information about pets be required to open a branch or representative office in Vietnam, just because it provides social network services in cyberspace and collects personal data of Vietnamese users who join the network?

Another area of concern is that the broad scope and power given to the cybersecurity authorities may create a high risk of abuse if there are no proper procedures in place and/or no further regulations on how and when they can take actions on content and other issues.

This could also put an individual’s privacy at risk, with personal information subject to being scrutinized by the cybersecurity authorities. For example, the law requires enterprises to comply with requests of and to help and facilitate the cybersecurity authorities to implement cybersecurity protection measures which include blocking or restricting the operation of information systems (Article 5.1 and 42.3). Moreover, the cybersecurity authority under the Ministry of Public Security will have the authority to conduct ad hoc inspections of an organization’s information systems when there are cybersecurity incidents or breaches considered critical to national security (Article 13); the law also requires a company to provide information of their users to the cybersecurity authority under the Ministry of Public Security for the investigation and handling of violations of cybersecurity laws (Article 26).

Another noteworthy requirement is the taking down of illegal content such as (1) content against the Socialist Republic of Vietnam, (2) content inciting riots, disrupting security, or disturbing public order, and (3) content humiliating or slandering others, within 24 hours from the time requested by the cybersecurity authority under the Ministry of Public Security or by the competent authority under the Ministry of Information and Communication (Article 26).

According to public statements from the Director General of the Cybersecurity Department of the Ministry of Public Security, there will need to be 25 subordinate regulations (decrees and circulars) drafted and issued in the coming time to implement this law.

BROADCASTING AND TELEVISION SERVICES

Proposed regulation on OTT TV services

Technology innovation has been rapidly sweeping Vietnam, challenging the government to find new solutions to balance innovation, investment and competition. One of the burning issues in recent years has been how to effectively regulate over-the-top (OTT) services, including VoIP, SMS, apps, cloud services, and internet television. Despite providing convenience and low costs with a variety of choices for users, OTT services compete against traditional telecom and media services, threatening the existence and development of these traditional services. Thus, there is pressure from operators of traditional services and the government to create policies to regulate OTT services. In recent years, the government has attempted to regulate OTT VoIP and SMS services, however, this proposed regulation received much criticism from both inside and outside of Vietnam, leading to it being put

on hold.

Several OTT TV services have recently entered Vietnam and quickly generated interest and support from Vietnamese users.

These OTT TV services could be considered as film distribution services, and it should be noted that Vietnam’s WTO Commitment on cross-border distribution services of film (“motion pictures” in the WTO language) is unbound, meaning there is no commitment. Therefore, Vietnam has discretion to regulate cross- border film distribution services as it thinks fit.

There are not yet any regulations on OTT TV services in Vietnam, leading to complaints that there is no equal treatment between foreign service providers and domestic service providers. Domestic TV service providers have many obligations related to licensing, editing, translating, and censoring the content they broadcast, and relating to the ratio between domestic channels and foreign channels, as well as relating to tax, and charges for provision of pay TV services. On the other hand, cross-border service providers are not subject to above-mentioned regulations. Therefore, the MIC is now considering amending Decree 06/2016/ND-CP on radio and TV services to include provisions of OTT TV services and plans to have it approved by the government by the end of 2018. However, no draft has yet been made available for public consultation. Companies in related fields would be well advised to keep an eye on the development of this amendment.

TELECOMMUNICATIONS

Revision of Decree 25 on Telecommunications

The MIC plans to revise Decree 25 on Telecommunications to accommodate changes in the newly amended Competition Law and to regulate retail activities in the telecom sector. The draft decree is not yet available for public comment, but this is another key development to follow.

Reduction in interconnection charges between mobile networks

Although issued on December 29, 2017, Circular 48/2017/TT-BTTTT on interconnection charges for voice calls from local terrestrial fixed telecom networks to national terrestrial mobile networks, and interconnection charges for voice calls between two national terrestrial mobile networks just took effect on May 1, 2018. Under this circular, interconnection charges between mobile networks were reduced by approximately 20%.

Limit on sales promotion for terrestrial mobile phone services

Circular 47/2017/TT-BTTTT was issued on December 29, 2017, and took effect on March 1, 2018. The purpose of this Circular is to ensure healthy competition in mobile telecom market, restrict and reduce spam calls and spam messages, and encourage customers to use postpaid SIM cards. The circular sets out that the maximum total value of sales promotion for prepaid mobile services in a sales promotion program (e.g., the bonus credit offered when “refilling” mobile phone credit on a prepaid plan) must not exceed 20% of the total value of mobile services, a reduction of 30% compared with the previous regulation; while the sales promotion limit for post-paid subscribers remains at 50%. Many prepaid users complained about this new change, because their benefits are considerably affected. They also doubt the effectiveness of the circular in the prevention of spam SIMs in the market, and are not happy about unequal treatment between prepaid and post-paid customers which by implication creates pressure on prepaid users to move to post-paid.

INFORMATION TECHNOLOGY

Proposal on revision of Information Technology Law (updated status)

Following a workshop to assess the first 10 years of implementation of the IT Law in 2017, the MIC planned to revise the IT Law to overcome certain limitations of the existing law and accommodate rapid development of new technology which leads to new business models, such as “cars for contract” or hotel service apps. However, no clear plan has yet been proposed on revising the IT Law.

SOCIAL MEDIA AND THE INTERNET

Amending Decree 72 on internet management and online information

Decree 27/2018/ND-CP, which took effect on April 15, 2018, amends Decree 72/2013/ND-CP on a number of issues, including management of social networks, general websites, and domain names, and reduces a number of administrative procedures to facilitate investment and business activities. Decree 27 adds new provisions relating to conditions for social network management. Service providers are required to: (1) have a user agreement on the provision and use of the social network posted on their homepage and ensure that users agree with this agreement by online means; (2) have a cooperation mechanism to immediately remove violating content no more than three hours after self-discovery or at request of the MIC or competent authorities; (3) have measures to protect secrets and personal information of users; and (4) ensure that users have the right to decide whether to permit or not permit the collection and/or transfer of their personal information.

Some new provisions relating to conditions for general website management require that service providers must (1) establish procedures to manage public information which include a determination of the scope of exploited information, (2) have a mechanism for controlling and checking information before and after posting, (3) have a mechanism for controlling information sources and ensuring the accuracy of posted information compared with its sources, and (4) have a cooperation mechanism to remove violating content no more than three hours after self-discovery or at the request of the MIC or competent authorities.

Decree 27 also provides new conditions relating to human resources of general website and social network service providers. It requires the service providers to have at least one person in charge of content with Vietnamese nationality or if this person is a foreigner, he/she must have a temporary resident card issued by competent authorities valid for at least 6 months from the time of submission for licensing. Service providers must also have a unit in their organization to manage content posted on their general websites or/and social networks.

Regarding facilitation of investment and business activities, Decree 27 removes 11 unnecessary business conditions and 19 administrative procedures relating to licensing for providing services of online games, general websites, and social networks. For example, for licensing of online game service provision, Decree 27 no longer requires the management person to have a university qualification, and removes two notification requirements in amendment and extension of G1 online game licenses. Decree 27 reduces the time for processing for amendment, extension and re- issuance of a license of online game services and licensing of general websites from 15 working days to 10 working days; the time for licensing G1 online game services and social networks from 30 working days to 30 calendar days, etc.

In addition, Decree 27 adds provisions related to a three-month suspension of license for online games, general websites and social networks if the service providers commit certain prohibited acts specified in Decree 72 such as illegal advertising, spreading banned information, trading banned goods, etc., as well as if service providers are unable to meet stipulated conditions for operation after being licensed. Decree 27 also adds provisions related to revocation of licenses if licenses of service providers are suspended twice or service providers commit violations related to national security and defense of the country stipulated in Decree 72 such as propaganda about war or terrorism, inciting violence or crime, obscenity, pornography, or disclosing state secrets.

Regarding domain names, Decree 27 adds provisions relating to rights and obligations of international domain name registrars in Vietnam, and protection of rights and interests of Vietnam in registration and use of new gTLD. In addition, it incorporates business conditions of registration and maintenance of “.vn” domain names which were regulated in Circular 24/2015 in order to be appropriate with provisions of the Investment Law and Enterprise Law.

Accordingly, those provisions in Circular 24 are no longer effective.

Plan to Promote the Development of IPv6

In order to promote the migration from IPv4 to IPv6 in 2018, which is the third year of migration, the MIC issued Decision 227/QD-BTTTT on the Plan to Promote the Development of IPv6 on February 12, 2018. The following are the main focuses of the plan:

Accelerate the migration from IPv4 to IPv6 in 2018 and stabilize IPv6 addresses as from 2019;
Promote the implementation of IPv6 in IT applications of state agencies;
Implement IPv6 in 4G LTE mobile networks;
Continue developing and implementing the policy of IPv6 development;
Expand the application of IPv6 on “.vn” domain names by making sure the registration and maintenance systems of registrars support IPv6;
Continue training, and raising public awareness on the implementation of IPv6;
Continue international cooperation and support on IPv6 to enhance and affirm the position of Vietnam in IPv6 migration.

STANDARDS AND TECHNICAL REGULATIONS

Draft circular on conformity to technical regulations for ICT products

A draft circular amending Circular 30/2011/TT-BTTTT on certification and declaration of conformity to technical regulations for ICT products is being considered, and was posted on the MIC website and called for public consultation from March 16 to May 16, 2018. According to the draft, the MIC proposes to reduce the time for certifying conformity to technical regulations for ICT products from 10 working days to 7 working days. The MIC also proposes to cancel some provisions of Circular 30. Particularly, the provision that capable foreign testing units (for measurements which domestic testing units are incapable of conducting) are in the list of testing units serving for certification and declaration of conformity to technical regulations, and the provision regulating that “domestically produced or imported products which are used by the producers or importers themselves are not subject to regulation conformity declaration” are no longer effective. In addition, the draft Circular amends procedures for certification and declaration of conformity to technical regulations.

According to the Vietnam Chamber of Commerce and Industry (VCCI), procedures for certification and declaration of conformity to technical regulations stipulated in Circular 30 are still very complicated, time-consuming, unnecessary, and creating obstacles to enterprises, and thus need to be further amended. For example, there is no need for requiring the duration of a certificate of conformity to technical regulations to be three years because the risk of quality reduction or quality variation of ICT products after three years is small and this risk could be avoided by post-check of circulated products.

Unsafe products and goods under MIC management

Circular 04/2018/TT-BTTTT was issued on May 8, 2018, and took effect on July 1, 2018, replacing Circular 42/2016/TT-BTTTT on the list of potentially unsafe ICT products and goods. Set-top boxes in IPTV networks and lithium batteries for laptops/portable computers, mobile telephones and tablets are still retained on the list of goods subject to declaration of conformity to technical regulations. In addition, according to Guideline No. 1551/BTTTT-KHCN guiding the implementation of Circular 04, the MIC only recognizes testing results for lithium batteries carried out by labs which are designated, recognized and registered with the MIC. Many devices (transmitters and transceivers) will be will be exempt from certification of conformity to technical regulations but still require declaration of conformity to technical regulations.

OTHER DEVELOPMENTS

Proposal on revision of the Law on Tax Administration (updated status)

The Law on Tax Administration (amended) is scheduled to be read for the first time in the second session of the National Assembly in 2018 and approved in the first session of the NA in 2019. According to the Ministry of Finance, it received opinions from 13 ministries, 60 local state agencies and 12 associations/organizations and individuals by March 2018. The draft law focuses on amendment of 10 groups of issues, has a total of 121 articles, amends and supplements 71 articles, re-structures one chapter and supplements three new chapters, i.e., a new chapter on tax in the e- commerce sector, a new chapter on application of e-invoices and a new chapter on prevention and fighting against tax fraud and tax evasion.

Proposal on amendment, supplement and new issuance of regulations on e-money

In response to many suggestions on completion of the legal framework on e-money such as bitcoin, the government requested the Ministry of Justice to chair and coordinate with the State Bank of Vietnam (SBV) to study and propose regulations on e-money management. The Ministry of Justice is assigned to be in charge of reviewing and assessing the current status of virtual property and virtual currency in Vietnam, while SBV is assigned to be in charge of proposing amendment, supplement and promulgation of regulations on taxation of this currency and reporting to the government in August 2018.

Accordingly, SBV developed a formal report on the proposal of amendment, supplement and new issuance of regulations on e-money which was posted on VCCI’s Vibonline website for public consultation on June 20, 2018. The report differentiates between two types of e-money, i.e., e- money such as e-wallets, prepaid bank cards (debit cards) vs. virtual currency such as bitcoin, etc. Regulations on e-money are scattered in different legal documents, including the Law on the State Bank of Vietnam (2010), the Law on Credit Institutions (2010), Decree 101/2012 (amended by Decree 80/2016) on non-cash payment, and Circular 19/2016 (amended by Circular 26/2017) on bank cards, and show limitations on the management of e-money. Some limitations include:

Existing regulations on e-money do not keep up with the current development status of e- money and international practices;
There is a need to clarify the nature of e-money to determine the scope of state management; and
Regulations on the management and supervision of e-money supply and issuance are not in line with one another.

The report, therefore, proposes to (a) amend Decree 101 on non-cash payment with a time schedule depending on the progress of the amendment of the Investment Law, and (b) amend and supplement the business line of provision of payment services not via payment account to the list of conditional businesses in the Investment Law.

With the above regulations in the pipeline or newly passed, it looks to be an exciting second half of the year in the ICT area.

For further information, please contact:

Giang Thi Huong Tran, Tilleke & Gibbins

giang.t@tilleke.com

Vietnam Mid-Year Technology, Media, And Telecommunications Law Review.

Employer Sponsorship And Work Permits In Indonesia.

- Stephen Igor Warokka - SSEK,

Labor And Employment Law Updates From Indonesia And The World.

Gross Split Production Sharing Contracts: Commercial Insights From Indonesia’s MEMR Regulation No. 13 Of 2024.

- Fitriana Mahiddin - SSEK, SSEK

UK – Shifts Workers – A New Right To Reasonable Notice.

Hong Kong – Keepwell Deeds: A Workable Solution To PRC’s Foreign Exchange Control?

The Catch And Kill Of Non-Disclosure Agreements? New UK Guidance.

EU – Tightening The European Union’s Powers To Review Foreign Direct Investments.

Malaysia – General Average And Salvage.

- Philip Teoh - Azmi & Associates, Azmi & Associates

Role Of Technology In Legal Service Delivery.

Process Optimisation In Legal Teams: Improving Workflow Efficiency.

CONVENTUS LAW

OTHERS

Vietnam Mid-Year Technology, Media, And Telecommunications Law Review.

Register for your monthly Asia legal updates from Conventus Law

Footer

CONVENTUS LAW

OTHERS