APFL & Partners Joins Discussion on Personal Data Protection
Personal Data Protection (“PDP”) is fast-becoming one of the most important legal issues both here in Vietnam and around the world.
How companies harvest, process, and share our data – and get our consent to do so – is one of the most pressing issues facing public and private sectors. Business leaders and governments alike have been wrestling with this issue for some time. This is even more challenging when technologies move at lightning speed leaving legislators and policymakers struggling to keep pace.
The matter is complicated even further when data needs to cross jurisdictions. Personal data is “portable” – it moves across borders and between countries. Therefore, domestic legal frameworks need to take this into account to protect the data of their citizens from misuse and misappropriation. Likewise, companies need to monitor and remain compliant with this fast-moving legislative environment while also keeping up to date with developing technologies.
Legal background to personal data protection
The European Union (“EU”) is one of the biggest regulators to set international standards on PDP. Its General Data Protection Regulations (“GDPR”), introduced in 2016, aimed to give EU citizens (“data subjects”) more control of their data while also creating simplified regulations for companies. Importantly, GDPR governs how data is handled not just within the European Economic Area (“EEA”) but also of European data subjects anywhere in the world.
Following in the footsteps of GDPR, Vietnam has now issued its own regulations. The long-awaited Decree No. 13/2023/ND-CP (“the PDP Decree”) was promulgated in April and will enter into force on 1 July 2023.
In recent weeks, APFL & Partners has kept readers updated with the finer details of the PDP Decree – see here and here – and what it means for businesses and individuals. In short, companies need to begin preparing now to ensure that their operations are compliant when the decree enters into force.
The personal data protection decree in practice
To raise awareness of the PDP Decree, APFL & Partners Managing Partner Nicolas Audier spoke at an event organized by the French Embassy in Vietnam and the University of Law of Ho Chi Minh City.
Together with the academics, lawyers, and business representatives in attendance, Nicolas discussed the practical implementation of the PDP Decree and how it relates to GDPR.
The event also highlighted the critical issue of data storage in Vietnam and the need for secure data servers. Other subjects raised include the roles of the “Data Officer” in companies and of the Ministry of Public Security (“MPS”) in oversight.
For more information about the PDP Decree, and how to prepare for its upcoming implementation, just contact our team on: contact@apflpartners.com