Law on Cyber Security, Law No. 24/2018/QH14

LAW ON CYBER SECURITY^[1] 

Pursuant to the Constitution of the Socialist Republic of Vietnam;

The National Assembly promulgates the Law on Cyber Security.

Chapter I

GENERAL PROVISIONS

Article 1. Scope of regulation

This Law prescribes activities of protecting national security and ensuring social order and safety in cyberspace; and responsibilities of related agencies, organizations and individuals.

Article 2. Interpretation of terms

In this Law, the terms below are construed as follows:

1. Cyber security means the assurance that activities in cyberspace do not harm national security, social order and safety, and lawful rights and interests of agencies, organizations and individuals.

2. Cyber security protection means the prevention, detection, stopping and handling of acts of infringing upon cyber security.

3. Cyberspace means a network connecting information technology infrastructure facilities, including telecommunications networks, the Internet, computer networks, information systems, information processing and control systems and databases, where people socially interact without any space and time limitations.

4. National cyberspace means a cyberspace established, managed and controlled by the Government.

5. National cyberspace infrastructure facilities means a system of technical and physical facilities serving the creation, transmission and conveyance, collection, processing, storage, and exchange of information in the national cyberspace, including:

a/ Transmission systems, including the national transmission system, internationally connected transmission systems, satellite systems, and transmission systems of enterprises providing services in telecommunications networks or the Internet or providing value-added services in cyberspace;

b/ Core service systems, including the national information channeling and routing system, the national domain name system (DNS), the national certification system (PKI/CA) and systems providing Internet connection and access services of enterprises providing services in telecommunications networks or the Internet or providing value-added services in cyberspace;

c/ Information technology services and applications, including online services, online-connected information technology applications serving management and administration work of important agencies, organizations and economic and financial groups, and national databases.

Online services include e-government, e-commerce, websites, online forums, social networks, and blogs;

d/ Information technology infrastructure facilities of smart cities, the Internet of things, mixed reality systems, cloud computing, big data systems, fast data systems, and artificial intelligence systems.

6. International gateway means the place where network signals are transmitted and received between Vietnam and other countries and territories.

7. Cybercrime means acts of using cyberspace, information technology or electronic devices to commit crimes prescribed in the Penal Code.

8. Cyber-attack means acts of using cyberspace, information technology or electronic devices to jeopardize or interrupt the operation of a telecommunications network, the Internet, a computer network, an information system, an information processing and control system, a database or an electronic device.

9. Cyber terrorism means the use of cyberspace, information technology or electronic devices to commit terrorism or terrorism financing.

10. Cyber espionage means the act of deliberately bypassing warnings, login codes, passwords, or firewalls, using others’ administration right, or employing other methods to illegally acquire and collect information or information resources in  telecommunications networks, the Internet, computer networks, information systems, information processing and control systems, databases or electronic devices of agencies, organizations and individuals.

11. Digital account means information used to certify, authenticate and grant the right to use applications and services in cyberspace.

12. Cyber security threat means the appearance in cyberspace of signs of threat of infringing upon national security or causing serious harms to social order and safety or lawful rights and interests of agencies, organizations and individuals.

13. Cyber security incident means an unexpected event occurring in cyberspace which infringes upon national security, social order and safety or lawful rights and interests of agencies, organizations and individuals. 

14. Dangerous cyber security circumstance means an event occurring in cyberspace which involves acts of seriously infringing upon national security or causing extremely serious harms to social order and safety or lawful rights and interests of agencies, organizations and individuals.