Issue of August 2023 – Regulations on penalties for administration violations in security of personal data in the new Draft Decree on penalties for administrative violations in the field of cybersecurity

Dear Valued Clients,

Decree 13/2023/ND-CP which took effect on July 1, 2023, provides more detailed regulations on data protection and cybersecurity obligations for personal data processing activities in order to strengthen the legal framework governing activities in cyberspace.

Accordingly, in order to ensure the implementation of regulations on network security and personal data security, on May 31, 2023, the Ministry of Public Security published the third draft of the Decree on penalties for administrative violations in the field of cybersecurity (the “Draft”) for public opinion. In particular, regarding personal data security, the Draft prescribes the violations according to each group of acts, the penalty frame along with additional remedial measures.

In this Legal Update, we would like to summarize and clarify some notable points about the penalties for administrative violations of personal data security in the Draft.

As usual, we hope you find this Legal Update helpful and look forward to working with you in the upcoming time.

ENT Law LLC

The full version of this Legal Update can be found here.