Vietnam Implements New Telecommunications Law to Strengthen Data Protection and Cybersecurity

Vietnam’s Telecommunications Law: A New Era of Regulation

Telecommunications Law No. 24/2023/QH15

As of 1 January 2025, Vietnam’s Telecommunications Law (No. 24/2023/QH15) officially came into force, heralding significant changes for data centre and cloud computing service providers.

This legislation, hailed as a key regulatory update, has placed heightened obligations on these service providers, transforming the way telecommunications and related services operate in the country.

Luật số 24/2023/QH15 của Quốc hội: Luật Viễn thông

Luật số 24/2023/QH15 của Quốc hội: Luật Viễn thông

Cổng thông tin điện tử Chính phủCổng Thông tin điện tử Chính phủ

What Does the Law Require?

At the heart of the legislation lies Article 41, which mandates service providers to register and notify their operations in accordance with new provisions. This isn’t just a bureaucratic box-ticking exercise.

Instead, it reflects Vietnam’s growing emphasis on ensuring accountability and transparency in the digital ecosystem. Providers must also comply with a trio of vital regulatory domains:

• Network Information Security: Ensuring robust safeguards against potential breaches.
• Cybersecurity: Aligning operations with state-defined cyber safety requirements.
• Personal Data Protection: Upholding stringent measures to protect users' personal information from unauthorised access.

Connectivity and Collaboration: Obligations Beyond Compliance

The law requires providers to guarantee connectivity for telecommunications businesses.

This provision highlights the government’s push for a seamless and integrated network infrastructure, essential for both domestic and international service interoperability. Importantly, service providers are also expected to:

• Refrain from Unauthorised Access: They must ensure that user data remains private, barring any unauthorised entity from gaining access.
• Respond to State Requests: Upon a legitimate state request, providers are tasked with preventing unauthorised access while adhering to legal frameworks.
• Disclose Service Quality: Transparency in service quality metrics is now non-negotiable, providing consumers with clearer insights into the services they use.

Driving Accountability in Vietnam’s Digital Ecosystem

For data centre and cloud computing providers, these regulations mark a shift towards higher accountability.

It’s no longer enough to merely offer services—providers must actively ensure their compliance with regulations that safeguard users’ rights and data integrity. By publicly disclosing service quality, they contribute to an ecosystem of trust, where consumers can make informed choices.

Vietnam’s Telecommunications Law also sends a clear message about its stance on cybersecurity and personal data protection. With the rapid digitisation of businesses and increasing reliance on cloud services, this law aims to create a safer digital environment. The obligation to align with network security regulations confirms that service providers are fortified against potential threats.