Ministry of public security proposes access to user data for cybersecurity investigations

The Ministry of Public Security has proposed that telecommunications, internet, and online service providers be required to provide user information to cybersecurity forces for investigations and legal proceedings.

This proposal is part of the draft amendment to the Cybersecurity Law, currently under public consultation by the Ministry of Public Security. The draft consolidates the 2015 Law on Network Information Security and the 2018 Law on Cybersecurity to improve the legal framework and organizational structure for cybersecurity.

Article 13 of the draft outlines the responsibilities of domestic and international telecommunications, internet, and value-added service providers in Vietnam. These providers must verify user information during digital account registration, ensure account security, and provide user information to the Ministry of Public Security's cybersecurity forces upon written, email, telephone, or other forms of request.

Network providers must also block and remove illegal information, services, and applications within 24 hours of receiving a request. They are also required to maintain system logs for investigation and legal action.

According to the Ministry of Public Security, cyberspace poses increasing threats to national security, social order, and the legitimate rights of organizations and individuals. Cyberattacks, cyber espionage, and the leakage of state secrets are becoming more complex, significantly impacting national security.

Hackers are employing sophisticated methods, constantly upgrading and refining malware for cyberattacks targeting Vietnamese agencies, organizations, and businesses. These attacks primarily target the information networks of central agencies and key corporations. The objectives include gathering intelligence, state secrets, and information on Vietnam's foreign policy, security, and defense strategies. They also aim to prepare for intelligence operations and potential sabotage.

Experts monitor incidents at a cybersecurity center. Photo: Trong Dat

Experts monitor incidents at a cybersecurity center. Photo: Trong Dat

The Department of Cybersecurity and High-Tech Crime Prevention (A05) annually detects over 2,600 websites and portals with the ".vn" domain name that have been attacked, defaced, or infected with malware. Dozens of state secret leaks have occurred, involving hundreds of documents and hundreds of terabytes of data from ministries, sectors, and localities being compromised.

The Ministry of Public Security also reported over 7,500 sources spreading malicious information, reaching over 83 million views and interactions. These sources primarily focus on attacking and undermining policies, and inciting public gatherings during major events and holidays. Some insurance and real estate groups have been exploited by reactionary organizations for distortion and disruption.

In this context, the Ministry of Public Security emphasizes the need for improved regulations and policies to enhance state management of cybersecurity, combat cybercrime and high-tech crime, and protect personal data.

The Cybersecurity Law amendment also implements Resolution 18/2017 of the Central Committee on organizational restructuring. This resolution transferred the responsibility for network information security from the Ministry of Information and Communications to the Ministry of Public Security. Consolidating and amending the two laws is necessary to ensure unified management and continuity in enforcement.

The government plans to submit the revised Cybersecurity Law to the National Assembly for review and approval at its 10th session later this year.

Son Ha

By VnExpress: https://vnexpress.net/bo-cong-an-de-xuat-doanh-nghiep-vien-thong-cung-cap-thong-tin-nguoi-dung-vi-pham-4917796.html