What’s the path to stronger digital trust in Vietnam?

By Nga Dao

The alarming situation

I receive spam emails, texts, and calls almost every day and about almost everything: from warning a security threat or inviting to a promotional event to offering sales or investment opportunities. Spam is annoying, but I’m still lucky they haven’t stolen my money. Last month, a friend of mine lost VND50 million (about US$2,000) in an investment scam; and last week, a relative lost VND10 million (around US$400) by a fake Facebook page selling air tickets. These are only a few among thousands of online fraud reports.  It’s undeniable that spam and scams exist and can be anywhere.

In 2022, the Authority of Information Security recognized around 13,000 online scams and announced the 16 most common types of scams in Vietnam[1]. These numbers went up to 16,000 cases and 24 types in the first 11 months of 2023[2] with ‘cheap-priced package tours’, Deepfake and Deepvoice video calls among the most common tricks.

Scams target not only citizens but also the government. According to the MPS’s statistics, 2,500 fraud cases took place in the digital space from May 2020 to May 2021. Of these, 527 cases involved criminals faking to be government officials and deploying scams for financial fraud [3].

Scams are not just the risks; they cause real significant losses. It was reported[4] that 70 percent of Vietnamese people fall victim to scams and each Vietnamese suffered an average loss of VND17.7 million (US$734) in online scams in 2023. In total, last year Vietnam lost approximately VND391.8 trillion (US$16.23 billion) to scams, equivalent to 3.6% of the nation’s GDP. And, this is not to mention their potential impacts on the victims’ mental health which would not be easy to measure.

Main reasons and challenges

The prevalence and consequences of scams, regarded as adverse outcomes of technology, can be ascribed to the actions of both individuals and institutions. The lack of awareness and vigilance about online fraud and cybersecurity requirements along with the ignorance or absence of privacy policies and guidelines may help explain the situation.

A survey[5] by a local cybersecurity firm found that 80 percent of entities engaged in e-transactions in Vietnam failed to comply with privacy regulations fully, particularly the Government’s Decree 13[6] on personal data protection, and many organizations have no institutional privacy policies.

A review[7] by a local think tank also revealed local governments’ limited awareness and practice of privacy protection in e-government and e-service portals. Many regional portals lack a published privacy policy, and their interfaces merely prompt users to verify the accuracy of provided information without providing tools for expressing privacy preferences. It concluded that none of the 63 provinces and cities in Vietnam have set a good practice in all respects regarding personal data protection.

Meanwhile, experts have pointed out several legal challenges such as inconsistencies between the Penal Code and Cybersecurity Law concerning the definitions of cybercrimes as well as loopholes in regulations on administrative sanctions for online violations, which would require a thorough review and appropriate amendment of the relevant decrees[8].

What can be solutions?

Building digital trust is a key task under Vietnam’s National Digital Transformation Program adopted in 2020[9]. It is also a key requirement to ensure information and cyber security for digital government, digital economy, and digital society according to the newly-issued master plan on ICT infrastructure development (2021-2030 period with a vision to 2050)[10]. The urgent need for and importance of this issue has been highlighted on several occasions, by both the MIC and MPS leadership[11].

Raising people’s awareness and equipping them with knowledge and skills to recognize and mitigate online risks is identified as a key solution to fighting fraud. For this purpose, Vietnamese authorities have launched several awareness campaigns in the past few years[12]. This is essential indeed but not yet sufficient. Clear and consistent regulations and guidelines are important and necessary to enable effective compliance and enforcement. For this reason, the Government may need to conduct a comprehensive review of relevant regulations and make proper adjustments. Considering Vietnam has already issued a decree on personal data protection (PDP) and launched the National PDP Portal (https://baovedlcn.gov.vn/), it is expected that there will be further concrete and timely guidance as well as constant review by authorities to promptly identify and fix potential problems. This process would help draw good lessons and provide valuable inputs for the formulation of the first-ever PDP Law of Vietnam shortly.

 

[1] https://vietnamnet.vn/en/the-most-common-types-of-scams-on-vietnam-s-cyberspace-2100300.html

[2] https://nhandan.vn/bao-dong-do-lua-dao-qua-mang-post791168.html

[3] https://vietnamlawmagazine.vn/greater-attention-to-online-personal-data-protection-needed-to-win-public-trust-in-digital-transformation-recent-review-results-suggest-48945.html

[4] https://thesaigontimes.vn/wp-content/uploads/2024/01/State-of-Scam-Report-2023-Vietnam.pdf

[5] https://vietnamnet.vn/en/80-of-electronic-transaction-providers-do-not-follow-personal-data-regulations-2238460.html

[6] Issued on April 17, 2023, and effective as of July 1st, 2023.

[7] https://vietnamlawmagazine.vn/greater-attention-to-online-personal-data-protection-needed-to-win-public-trust-in-digital-transformation-recent-review-results-suggest-48945.html

[8] https://tapchitoaan.vn/lua-dao-chiem-doat-tai-san-tren-khong-gian-mang-thuc-trang-va-giai-phap9284.html

[9] Decision 749/QD-TTg dated June 3rd, 2020.

[10] Decision 36/QD-TTg dated January 11, 2024.

[11] Such as https://vietnamnews.vn/economy/1068691/cyber-security-becoming-a-big-concern-for-firms-individuals.html;

[12] Such as the National Cyber ​​​​Security Center’s (NCSC) launch of a website (in cooperation with Google) in 2022, to raise public awareness of increasing online frauds; and the MIC’s online fraud campaign in 2023.

Posted in

Related Articles

The Rise of Central Bank Digital Currencies in Asia

By Grey Pilarczyk In recent years, a fascinating new trend has emerged among central banks across the world – digital currencies. Central bank digital currencies, or CBDCs, are a digital form of a country’s fiat currency operating on distributed ledger technology. Unlike the digital currencies commonly in use by consumers across the world, such as […]

Outcomes from early US Presidential Debate: What’s Next?

Outcomes from early US presidential debate: What’s Next? 28 June 2024, By Grey Pilarczyk   CNN just concluded its first Biden-Trump debate of the 2024 election cycle, eliciting very mixed reactions. The debate largely consisted of Biden defending the record of his first term while Trump vowed to dismantle Biden’s policies on matters such as […]

Indonesia’s Jeopardized Digital Freedoms – A Case Study in Spyware

By Grey Pilarczyk Indonesia has long had a mixed human rights record, particularly regarding the online activity of Indonesians. In recent years, political activists and independent media outlets in the country have faced a barrage of digital threats and cyber-attacks. On May 1st, Amnesty International released a stunning report detailing Indonesia’s use of highly invasive […]