Vietnam: Law on Digital Transformation including data protection regulation enters into force

On 1 July 2026, the Law on Digital Transformation enters into force. The law prohibits organisations and individuals participating in digital transformation from unlawful collection, use, sharing, buying, selling, or exploitation of digital data. Article 4(5) requires data protection measures in the design, deployment, operation, and use of digital systems. Article 8(4) applies to require data storage, backup, protection, and recovery in compliance with regulations on the protection of personal data. Article 16(1)(c) requires organisations to protect personal data when operating digital systems and digital platforms. Article 27(1) applies to require compliance with the law on personal data protection. Article 41(3) applies to confirm the protection of personal data in accordance with the law on personal data protection.