Draft Decision Contribution: Issuance of the List of Important Data and Core Data

Vietnam English Chinese
  1. Home
  2. News
  3. Internal News
  4. Draft Decision Contribution: Issuance of the List of Important Data and Core Data
Draft Decision Contribution: Issuance of the List of Important Data and Core Data

Views: 442

Table of Contents
     
    In January 2025, the Ministry of Public Security presented the Draft Decision of the Prime Minister on issuing the list of important data and core data (the "Draft"). The purpose of establishing this list is to improve the legal framework for the construction, development, protection, management, processing, classification, and use of important and core data; state management of important and core data; as well as the rights, obligations, and responsibilities of agencies, organizations, and individuals involved in these activities. This aims to ensure consistency, synchronization, and effective use of data to serve state management and socio-economic development, support the development of digital government, and reform and streamline administrative procedures while fostering socio-economic progress.

     

     
    At the same time, it ensures feasibility and effectiveness, aligning with the Party and State’s policies on digital transformation and Vietnam’s integration with regional and global counterparts. The Draft institutionalizes and completes the legal framework to promote digital transformation, develop and exploit data and databases for socio-economic growth, digital government development, digital economy, and digital society. The Draft is open for public consultation until mid-March 2025.
    In this article, ALTAS Law Firm Co., Ltd. (hereinafter referred to as "ALTAS"/"We") provides comments focusing on unclear aspects of the Draft as follows:

    Overlapping Content in the Draft with Other Legal Documents

    1.1 After reviewing the Draft’s content on the list of important and core data and comparing it with the Law on Protection of State Secrets 2018 and relevant legal documents such as Decrees and Decisions of the Prime Minister, we found that some provisions in the Draft are similar to those in other legal documents. This could lead to overlaps in identifying, managing, and applying protective measures for related data and information. The overlapping content includes:
    1.1.1 Similarities in National Defense and Security
    • Core Data List: Data on defense and security industry activities; data on military, defense, and security projects; data on critical national security infrastructure; and coordinate location data of key positions for national defense and key economic hubs (Clauses 3, 5, 6, Article 1 of the Draft).
    • State Secrets: Information on directives, strategies, combat planning, national defense planning, defense zones at provincial and municipal levels; assessments and discussions on border security, maritime security, and sovereignty protection strategies (Clause 9, Article 2 of Decision No. 1385/QD-TTg of the Prime Minister on issuing the list of state secrets of the Party).
    • Overlap: Both documents address information and data related to national security and defense, force deployment, and national defense planning.
    1.1.2 Similarities in Financial and State Budget Data
    • Core Data List: Data in the financial and budgetary sector collected and managed by state agencies but not yet published (Clause 20, Article 1 of the Draft).
    • State Secrets: Information on finance, budget, and banking under Point b, Clause 4, Article 7 of the Law on Protection of State Secrets 2018.
    • Overlap: Both documents address information and data in the field of public finance and budgeting.
    1.1.3 Similarities in Internal Affairs and Strategic Plans of the Party
    • Core Data List: Data on organizational structure, leadership personnel, national development policies, and strategic plans of Party agencies (Clauses 9, 23, Article 1, Clause 2, Article of the Draft).
    • State Secrets: Documents and materials on leadership personnel, planning, appointment, and transfer of senior Party officials (Points b, c, Clause 3, Article 3 of Decision No. 1385/QD-TTg); documents on strategies and major orientations of the Party in political, economic, social, national defense, and security fields (Point a, Clause 3, Article 1 of Decision No. 1385/QD-TTg).
    1.1.4 Similarities in Science, Technology, and Digital Data
    • Core Data List: Data on policies and strategies in science and technology; data on scientific, technological, and innovative activities, nuclear energy, radiation safety, and nuclear security; data on strategies, projects, and initiatives for scientific and technological innovation in national defense and security (Clauses 2, 9, Article 1; Clause 5, Article of the Draft).
    • State Secrets: Information on special scientific and technological missions critical to national defense; information on unpublicized nuclear energy innovation projects; strategic scientific research information for national defense and security (Clause 7, Article 1; Clause 10, Article 2; Clause 10, Article 3 of Decision No. 1385/QD-TTg).
    1.2 Lack of Clear Regulations Differentiating Core Data, Important Data, and State Secrets
    This ambiguity may lead to legal overlaps and unclear application of laws. Some data may simultaneously fall under core data, important data, and state secrets, making it challenging to determine appropriate protection mechanisms.
    1.3 Proposed Solutions and Recommendations
    To address this issue, we propose additional mechanisms and regulations to clarify the boundary between the two data groups. A recommended clause could be: "Important and core data do not include information identified as state secrets under the Law on Protection of State Secrets and relevant legal documents. If data qualify as both important/core data and state secrets, they shall be managed and protected under state secret protection regulations and relevant legal documents." Alternatively, a classification mechanism similar to the state secret system could be introduced:
    • Level 1 – National-Level Core and Important Data: Equivalent to "Top Secret" in state secrets.
    • Level 2 – Sector-Level Core and Important Data: Equivalent to "Confidential" in state secrets.
    • Level 3 – Organizational-Level Core and Important Data: Equivalent to "Restricted" in state secrets.

    Approach to Developing the Draft Using a Listing Method

    2.1 Global Approaches to Data Management and Protection
    Various countries and regions adopt different approaches that do not necessarily rely on explicitly listing core and important data types. Examples include:
    • European Union (EU): In May 2022, the EU Council approved the "Data Governance Act" (DGA), also known as the "Data Act," which establishes rules on data access and use. Instead of listing specific data types, this regulation adopts a comprehensive approach, setting definitions and general principles for data access and use across all economic sectors, ensuring broad applicability.
    • Japan: The Act on the Protection of Personal Information (APPI) focuses on protecting individuals’ rights concerning personal information. APPI does not list specific data types but establishes fundamental principles for handling personal information appropriately, clarifying organizational and administrative responsibilities in data protection.
    2.2 Challenges of the Listing Method
    The fixed list approach in the Draft presents limitations such as:
    • Lack of Flexibility: A fixed list may not keep pace with rapidly evolving technologies and emerging data types.
    • Increased Administrative Burden: Maintaining and updating the list requires resources and may complicate data management and regulatory updates.
    2.3 Recommendations
    To overcome these limitations, future legislation should apply a principle-based approach rather than specific listings. This would allow for flexible application in different contexts. Additionally, establishing mechanisms for periodic review and updates will ensure regulations remain relevant to technological advancements. Learning from flexible and comprehensive approaches in other countries could help Vietnam develop a more effective legal framework for data management and protection.
    The above comments reflect ALTAS’s feedback on the Draft Decision on the issuance of the list of important and core data. We respectfully request the relevant authorities to consider these suggestions. We hope these insights contribute to refining the legal framework and facilitating effective data governance. Should any clarifications or additional information be required, please feel free to contact us for further guidance.
    Written: Luong Van Chuong - Partner Lawyer at  ALTAS Law & Nguyen Tran Ngoc Thach - Legal Senior Assistant
    Date: 14/03/2025

    Contact for advice

    Register now

    About ALTAS

    HCM Address: 5F, 37 Ky Con St., Ben Thanh, Ho Chi Minh City.

    Hanoi Address: 3F Viet Tower, 1 Thai Ha St., Dong Da, Hanoi. 

    Bac Ninh Adress: 4F Duong Tuan Building, 9 Le Thai To St., Vo Cuong, Bac Ninh

    Email: contact@altas.vn

    Phone: +84 28 627 09600          Hotline: +84916 923 235

    Website: altas.vn

    Supporting policies

    © Copyright ALTAS CORP . All rights reserved
    Zalo
    Hotline