HO CHI MINH NATIONAL ACADEMY OF POLITICS

BUI THI LONG

IMPLEMENTING THE LAW
ON CYBERSECURITY IN VIETNAM

SUMMARY OF DOCTORAL THESIS
FIELD OF STUDY: THEORY AND HISTORY OF STATE AND LAW

Code: 938 01 06

HANOI - 2022


The work is completed at
Ho Chi Minh National Academy of Politics

Supervisors: 1. Assoc Prof. Dr. TRINH DUC THAO
2. Dr. LE THANH BINH

Reviewer 1:

..................................................
...................................................

Reviewer 2:

...................................................
...................................................

Reviewer 3:

..................................................
..................................................

The thesis shall be defended in front of the Thesis Committee
at Academy Level at Ho Chi Minh National Academy of Politics
At …. hour... day... month ... year 2022

The thesis can be found at National Library
and the Library of Ho Chi Minh National Academy of Politics


1
INTRODUCTION
1. The necessity of the thesis
Cybersecurity is the guarantee of operations that does not harm national
security, social order and safety, legitimate rights and interests of agencies,
organizations and individuals on cyberspace. The law on cybersecurity is a
sum of the legal provisions promulgated by the State and ensured the
implementation to adjust social relations arising in the activities of
protecting national security, ensuring social order, safety, legitimate rights
and interests of agencies, organizations and individuals on cyberspace.
Recently, implementing the law on cybersecurity has achieved
certain results. The law on cybersecurity has been gradually improved. The
subjects' perception of cybersecurity protection tends to change positively.
The compliance and law enforcement of subjects related to the field of
cybersecurity is getting more and more improved. Subjects are becoming
more and more proactive in using and applying law on cybersecurity.
However, the situation of cybersecurity is increasingly complicated

while implementing the law on cybersecurity exists some shortcomings and
limitations. The awareness about implementation of the law on
cybersecurity of some subjects is uneven. The observance and compliance
with the provisions of the law on cybersecurity is not yet serious. The subjects
who apply the law do not have much experience. The implementation of the
responsibilities of state management agencies is not yet synchronized.
Especially, in the face of demands for globalization and international
integration, non-traditional security challenges such as epidemics,
emergencies,... the cooperation between domestic and foreign agencies,
organizations and enterprises in the field of cybersecurity is weak and
unprofessional.
Besides, from a theoretical perspective, among the scientific research
works related to implementation of the law on cybersecurity, none have


2
studied systematically and comprehensively on implementing the law on
cybersecurity in Vietnam.
The above reasons require the study of implementing the law on
cybersecurity in a comprehensive, in-depth and systematic manner both in
terms of theoretical and practical approach, so the post-graduate chooses
the issue "Implementing the law on cybersecurity in Vietnam" as the
doctoral thesis of jurisprudence to study.
2. Research purpose and research task
2.1. Research purpose
On the basis of analyzing and clarifying some theoretical and
practical issues about implementing the law on cybersecurity, the thesis
proposes perspectives and solutions for implementing the law on
cybersecurity in Vietnam today.
2.2. Research task

Firstly, overview of the scientific works related to the thesis,
drawing out the values that thesis can inherited; pointing out the issues that
need to be further studied in the thesis.
Secondly, analyzing theory about implementing the law on
cybersecurity: the concept of implementing the law on cybersecurity;
clarifying the characteristics, roles, forms and conditions for implementing
the law on cybersecurity; studying implementing the law on cybersecurity
of some countries in the world, drawing reference lessons for Vietnam.
Thirdly, analysis and assessment of the legal situation and
implementing the law on cybersecurity, pointing out the achievements and
limitations of the law on cybersecurity; as well as the advantages and
limitations of implementing the law on cybersecurity in Vietnam.
Fourthly, to demonstrate the scientific basis of the views and
proposals of solutions for implementing the law on cybersecurity in
Vietnam today.


3
3. Research Subject and research scope
3.1. Research subject
The subjects of the thesis are the theoretical and practical issues of
implementing the law on cybersecurity in Vietnam from the perspective of
the field of theory and history of state and law.
3.2. Research scope
- In terms of content: The thesis focuses on in-depth study of
implementation of the law on cybersecurity in Vietnam according to 04
groups of contents adjusted by the law on cybersecurity identified by the
thesis, they are as follows: the provisions of the law on national security
protection on cyberspace on cyberspace; legal provisions on ensuring
social order and safety, legitimate rights and interests of agencies,

organizations and individuals on cyberspace; legal provisions on
responsibilities of relevant agencies, organizations and individuals; legal
provisions on sanctions for handling of violations.
- In terms of space: The scope of research of the thesis is on the
territory of Vietnam.
- In terms of time: The thesis to study the reality of implementing the
law on cybersecurity in Vietnam. Data, citing the main use data in the
period 2015-2021.
4. Theoretical basis and research methodology
4.1. Theoretical basis
The thesis is studied on the basis of the theory of Marxism Leninism, Ho Chi Minh Thought on the state and the law. The Party's
views and the State's laws on national security, cybersecurity and
implementing the law on cybersecurity in the process of building the
Socialist Rule of Law State of Vietnam.
4.2. Research methodology
On the basis of the aforementioned methodology, the thesis uses


4
specific research methods, such as: methods of analysis, synthesis,
statistics, comparison; methods of consulting experts; methods of
analyzing and processing data.
5. New scientific contributions of the thesis
The thesis is the first in-depth research work, relatively comprehensive
research both theoretically and practically from implementing the law on
cybersecurity in Vietnam. Therefore, the thesis has the following new
scientific contributions:
- The thesis systematizes, clarifying the basis theory of the law
cybersecurity implementation: building the concept, pointing out the
characteristics, roles, forms and conditions for implementing the law on

cybersecurity.
- Researching implementation of cybersecurity laws of some countries
in the world, the thesis indicates some useful reference values for Vietnam.
- The thesis analyzes, objectively and comprehensively assesses the
situation of implementing the law on cybersecurity, pointing out the
advantages, limitations and causes in implementing the law on
cybersecurity in Vietnam from 2015 to 2021.
- The thesis proposes group of viewpoints and solutions for
implementing the law on cybersecurity in Vietnam today.
6. Theoretical and practical meaning of the thesis
6.1. Theoretical meaning
The thesis is the first, comprehensive in-depth study of implementing
the law on cybersecurity in Vietnam. The new points and also an important
scientific contribution of the thesis is to apply the theory of law
implementation to study a specific field, cybersecurity. Thereby, enriching
the theory of implementing the law on cybersecurity in Vietnam.
6.2. Practical meaning
The result of the thesis is a reference for State agencies in the process
of improving, supplementing and promulgating legal documents on


5
cybersecurity in Vietnam; as a scientific argument for agencies and
organizations to raise awareness about implementation of the law on
cybersecurity in Vietnam; is a useful document in the research work,
teaching issues related to the content of the thesis.
7. Structure of the thesis
In addition to the Introduction, Conclusions, Reference List,
Appendix, the thesis is structured with 04 chapters, 12 sections.
Chapter 1

OVERVIEW OF RESEARCH SITUATION
RELATING TO THE THESIS
1.1. DOMESTIC STUDIES
The thesis reviewed the domestic research situation into two main
groups: (1) Group of scientific research works on cybersecurity, law on
cybersecurity; (2) Group of research works related to implementing the
law in general and implementing the law on cybersecurity.
1.2. OVERSEAS RESEARCH WORKS
The thesis also reviewed the situation of foreign studies into two
groups such as the situation of domestic research. Foreign research works
relating to the thesis topic mainly only approach cybersecurity from the
perspective of technical, professional in-depth on computer crime,
cybercrime, ... without deeply study about theory of implementing the law
on cybersecurity.
1.3. OVERVIEW OF RESEARCH RESULTS OF RELATED
STUDIES AND ISSUES NEED FURTHER STUDYING
1.3.1. Brief overview of research results of related works
Overall, the number of research works related to thesis topic in terms of
theory and practice is not much. Some works have addressed some
theoretical issues about cybersecurity such as the concept, suggesting the


6
role. Certain works to a certain extent also refer to the law on cybersecurity.
However, there are any works that systematically and comprehensively study
implementing the law on cybersecurity to propose viewpoints and solutions
for implementing the law on cybersecurity in Vietnam.
1.3.2. Issues need studying in the thesis
Firstly, in terms of theory:
(1) Concepts and contents of the law on cybersecurity. Thereby

giving concepts, characteristics and roles to implement the law on
cybersecurity.
(2) The basis of reasoning on forms and conditions for implementing
the law on cybersecurity.
Secondly, in terms of practice:
(1) The current state of law on cybersecurity, research and analysis
indicates the achievements, limitations and causes of achievements and
limitations of the law that have impacted the situation of implementing the
law on cybersecurity in Vietnam.
(2) Implementing the law on cybersecurity in Vietnam. Advantages,
limitations and causes of those advantages and limitations.
Thirdly, in terms of solutions:
From the theory and practice about implementing the law on
cybersecurity, the thesis analyses and argue scientifically to propose point
of views and feasible solutions in order to implement the law on
cybersecurity in Vietnam.
1.4. RESEARCH HYPOTHESES AND QUESTIONS
1.4.1. Research Hypothesis
Implementing the law on cybersecurity plays an important role in
protecting national security, social order and safety, legitimate rights and
interests of agencies, organizations and individuals. Vietnam already has a
legal framework on cybersecurity, but in fact, implementing the law on


7
cybersecurity still has many inadequacies, not really guaranteed as desired.
Violations of the law in the field of cybersecurity increased rapidly with
the number and behavior of unpredictable developments. Politically
motivated cyberattacks on critical information systems are on the rise,
causing serious economic, defense and security damage. Cybercriminals

are increasingly dangerous with many sophisticated, highly technical
tricks, using types of malware that apply artificial intelligence to attack
and penetrate. Therefore, it is necessary to improve the responsibilities of
the subjects, improve the legal system on cybersecurity, be aware of the
meaning and importance of the issue of implementing the law on
cybersecurity, improve the level of cybersecurity protection forces in
preventing, detecting, preventing and handling violations of the law on
cybersecurity, ... it is necessary to have a synchronous perspective and
solution for implementing the law on cybersecurity in Vietnam today.
1.4.2. Research questions
Big research question: How to ensure the implementation of
cybersecurity laws in Vietnam?
Specific research questions are as follows:
(1) What is the theoretical basis for implementing the law on
cybersecurity in Vietnam?
(2) What are the advantages and limitations of implementing the law
on cybersecurity in Vietnam today? What causes these advantages and
limitations?
(3) What point of views and solutions should be taken to implement
the law on cybersecurity in Vietnam today?
Chapter 1 subcontract
An overview of the recent research situation shows that there are
many research works related to thesis topic, but there has not been a single


8
study in a systematic and comprehensive way on implementing the law on
cybersecurity. This is the limiting point, the space for the thesis to continue
to study and clarify.
Implementing the law on cybersecurity is the content that the thesis

will focus on reviewing, interpreting and clarifying both theoretically and
practically. The project identifies issues that need to be further studied,
posing research hypotheses and research questions.
Chapter 2
THEORETICAL BASIS OF IMPLEMENTING
THE LAW ON CYBERSECURITY IN VIETNAM
2.1. CONCEPTS AND CONTENTS OF THE LAW ON
CYBERSECURITY
2.1.1. Concept of cybersecurity legislation
2.1.1.1. Cybersecurity Concept
Cybersecurity is a guarantee that operations in cyberspace do not
harm national security, social order and safety, legitimate rights and
interests of agencies, organizations and individuals.
2.1.1.2. Concept of cybersecurity legislation
The law on cybersecurity is the sum of the legal provisions
promulgated by the State and ensured to be implemented in order to adjust
social relations arising from activities to protect national security, ensure
social order and safety, legitimate rights and interests of agencies,
organizations and individuals on cyberspace.
2.1.2. Contents of the law on cybersecurity
Firstly, the legal provisions on national security protection.
Secondly, the legal provisions on ensuring social order and safety,
legitimate rights and interests of agencies, organizations and individuals on
cyberspace.


9
Thirdly, the legal provisions on the responsibilities of relevant
agencies, organizations and individuals
Fourthly, the legal provisions

cybersecurity violations.

on

sanctions

dealing

with

2.2. CONCEPTS, CHARACTERISTICS AND ROLES OF
IMPLEMENTING THE LAW ON CYBERSECURITY
2.2.1. Concept of implementing the law on cybersecurity
Implementing the law on cybersecurity in Vietnam is the sum of the
purposeful activities of the subjects in order to realize the law on
cybersecurity of Socialist Republic of Vietnam into practical and legal acts
to ensure national security, social order and safety, legitimate rights and
interests of agencies, organizations and individuals on cyberspace.
2.2.2. Characteristics of implementing the law on cybersecurity
Firstly, implementing the law on cybersecurity demonstrates the
State's will to protect national sovereignty on cyberspace, and requires
high self-awareness of agencies, organizations and individuals.
Secondly, implementing the law on cybersecurity requires subjects
with good information technology, digital technology and moral qualities.
Thirdly, implementing the law on cybersecurity requires close
coordination between the state management agency on cybersecurity and
agencies, organizations and individuals and with cybersecurity agencies in
the world.
2.2.3. The role of implementing the law on cybersecurity
Firstly, implementing the law on cybersecurity is the most basic and

effective method of contributing to the realization of the Communist
Party's viewpoints on cybersecurity.
Secondly, implementing the law on cybersecurity contributes to the
formation of common awareness and actions of the subjects towards a safe
cyberspace.
Thirdly, implementing the law on cybersecurity contributes to


10
ensuring national security, social order and safety, the legitimate rights and
interests of the subjects.
Fourthly, implementing the law on cybersecurity contributes to
strengthen socialist legislation.
2.3. FORMS AND CONDITIONS FOR IMPLEMENTING THE
LAW ON CYBERSECURITY
2.3.1. Form of implementing the law on cybersecurity
2.3.1.1. Comply with the law on cybersecurity
Compliance with the law on cybersecurity is a form of law
implementation in which law subjects refrain from performing acts that the
law on cybersecurity prohibits. For example, the subject is an individual
who is not misinformed causing confusion among the People, causing
damage to socio-economic activities, causing difficulties to the operation
of state agencies.
2.3.1.2. Enforcement of laws on cybersecurity
Enforcement of the law on cybersecurity is a form of law
implementation, in which legal entities fulfill their legal responsibilities
and obligations by taking positive actions. The form of law enforcement
shall be carried out with respect to laws regulating the principles and
responsibilities of implementation of cybersecurity. For example, the
subject is a state management agency responsible for promulgating

documents under the law to enforce the law on cybersecurity.
2.3.1.3. Use of cybersecurity laws
The use of the law on cybersecurity is a form by which the legal
entity uses his rights proactively, self-consciously, that is, according to his
subjective will, the subject performs acts permitted by the law on
cybersecurity. For example, in order to use certain services on the
cyberspace, the individual has the right to provide or not to provide
personal information to that service management unit.
2.3.1.4. Applying the law on cybersecurity


11
Applying the law on cybersecurity is a special form of law
implementation in which the competent authority organizes for the legal
subjects to implement the provisions of the law on cybersecurity or on their
own based on the provisions of law to create decisions that give rise to, to
change, suspend or terminate specific legal relations in the field of
cybersecurity according to the prescribed procedures and orders. For
example, the Ministry of Public Security shall issue a decision to suspend an
individual's use of the internet when he or she acts to use the internet to train
people who oppose the State.
2.3.2. Conditions for implementing the law on cybersecurity
2.3.2.1. Conditions for political guarantees
Political security is the best guarantee and promotion of the Party's
leadership in implementing the law on cybersecurity. Political security
conditions are important, demonstrating Communist Party's interest so
that implementing the law on cybersecurity gets high efficiency.
2.3.2.2. Legal guarantee conditions
Implementing the law on cybersecurity is the process of purposeful
operation of the subjects in order to realize the legal provisions on

cybersecurity into practical and legal acts to protect national security,
social order and safety, legitimate rights and interests of agencies,
organizations and individuals on cyberspace. In order to implement the
law on cybersecurity, legal conditions are determined to be important
guarantees, demonstrating the requirement for a highly complete legal
system.
2.3.2.3. Conditions for economic, socio-cultural and educational
assurance
Economic security is defined as the necessary conditions in terms of
facilities, funding and technical infrastructure for cybersecurity law
implementation activities. In addition, implementing the law on
cybersecurity is greatly affected by socio-cultural factors. The promotion


12
of dissemination, propaganda and education is a necessary condition for all
the subjects who responsible about cybersecurity law implementation to
have the right conceptions, perceptions and actions, ensuring effectively
cybersecurity law implementation.
2.3.2.4. Conditions for organization assurance
Implementing the law on cybersecurity requires a system of strict
organization, synchronization and effective operation.
2.4. IMPLEMENTING LAW ON CYBERSECURITY IN SOME
COUNTRIES IN THE WORLD AND REFERENCE LESSONS FOR
VIETNAM
2.4.1. Implementing cybersecurity laws in some countries in the
world
The experience of the countries showed special interest and very
early to implementing the law on cybersecurity. In order to combat
cyberattacks, the country invests relatively synchronously from

institutional improvement, human resource training to network
infrastructure.
In the United States, the State focuses on the safety of personal
databases and the law enforcement responsibility for cybersecurity under
the Department of Justice, the Department of Homeland Security, and the
Office of National Intelligence.
In some Asian countries, strictly control information on cyberspace.
Violations are dealt with severe penalties.
Implementing cybersecurity laws of some other developed countries.
All purposes to develop cybersecurity internal force is to protect the safety
of cyberspace with strict sanctions.
2.4.2. Reference lessons for Vietnam
All countries have measures to study the possibility of
independence, autonomy in science and technology, promote creativity
and development towards building safe and healthy cyberspace.


13
Most countries place agencies of cybersecurity law implementation
under the direct and comprehensive direction of national supreme bodies
such as Germany, Russia, China. All countries are interested in enacting
the legal system on cybersecurity. The law provides for strict sanctions for
violations of the law on cybersecurity.
Chapter 2 subcontract
Chapter 2 of the study, snuggling up some basic theoretical bases
about the implementation of the law on cybersecurity such as the concept,
characteristics, roles, contents of the law on cybersecurity, forms of
implementing the law on cybersecurity, conditions for implementing the
law on cybersecurity.
At the same time, on the research and experiences about

cybersecurity law implementation of several countries in the world,
Vietnam can proactively and creatively apply to the actual conditions of
Vietnam today.
Chapter 3
THE LAW ON CYBERSECURITY AND IMPLEMENTING
THE LAW ON CYBERSECURITY IN VIETNAM
3.1. THE LEGAL STATUS OF CYBERSECURITY IN
VIETNAM
3.1.1. Overview of the process of formation and development of
the law on cybersecurity in Vietnam
The law on cybersecurity in Vietnam is divided into two phases: the
period before the promulgation of the Law on Cybersecurity in 2018 and
the period of drafting the law on cybersecurity in Vietnam since the
promulgation of the Law on Cybersecurity in 2018 to the present.
3.1.2. Legal assessment of cybersecurity in Vietnam
3.1.2.1. Achievements of cybersecurity legislation in Vietnam


14
In terms of content:
- The formation of the law on cybersecurity marks the relatively
comprehensive and synchronous development of Vietnam's legal system.
The current law on cybersecurity governs relatively covering social
relations mainly arising from activities to protect national security, social
order and safety, legitimate rights and interests of agencies, organizations
and individuals on cyberspace.
- The law on cybersecurity clearly defines the principles of
cybersecurity protection, creating a legal basis for agencies and
organizations with functions and tasks on cybersecurity to quickly build and
organize forces into operation.

- The law on cybersecurity is designed to be built according to the
structure
that
regulates
prohibited/prevented
acts,
detected,
prevented/handled.
In terms of form: the law on cybersecurity is stipulated in many
different legal documents, with high legal effect.
3.1.2.2. Limitations of the law on cybersecurity in Vietnam
- In terms of consistency and synchronousness: many legal
regulations also have overlapping phenomena, not yet promoting the
effectiveness of adjusting social relations in the field of cybersecurity.
- In terms of comprehensiveness: the system of legal documents
specifically regulating cybersecurity has not been updated in time with the
development of society, science and technology as well as the methods and
tricks of crime, especially not covering all forms of cybersecurity
infringement in practice.
- Regarding suitability, specifically: the current legal provisions on
cybersecurity are not enough to deter and prevent violations of cyberspace;
they have not met the practical requirements of implementing the law on
cybersecurity set out in the new situation.
- In terms of qualifications and techniques of legal development:


15
some legal provisions on cybersecurity are not really logical and
overlapped.
3.2. IMPLEMENTING THE LAW ON CYBERSECURITY IN

VIETNAM
3.2.1. Status of compliance with the law on cybersecurity
Practice shows that, over the years, the situation of compliance with
the law on cybersecurity of subjects has increasingly entered the routine.
The sense of compliance with the legal provisions on cybersecurity is
improved. However, along with the initial advantages, cyberspace is still at
risk of being violated with many complex, unpredictable and potential
violations of cybersecurity law. Law subjects have not fully complied with
the law on the "prohibited" provisions of the law on cybersecurity.
Cybercrime and violations of the law on cybersecurity are increasingly
complicated with many new tricks and methods of crime, transnational,
which occurs in many areas, causes great damage. One of them is the
phenomenon of trading spyware on the internet.
3.2.2. The status of law enforcement on cybersecurity
In the process of enforcing responsibilities, subjects such as the
Ministry of Public Security, the Ministry of National Defense, the Ministry
of Information and Communications, the Government Significant
Committee,... have been proactive and coordinated in accordance with
regulations in building institutions, disseminating, propagating,
monitoring, preventing, requesting suspension and suspension of network
information provision; suspension and suspension of activities of
establishing, supplying and using telecommunication networks, internet
networks, production and use of transmitting equipment,
radio
broadcasting in accordance with law; request the removal of illegal
information or false information on cyberspace that infringes on national
security, social order and safety, legitimate rights and interests of agencies,
organizations and individuals. However, the promulgation of documents



16
guiding the enforcement of the law on cybersecurity by relevant ministries
has not met the practical requirements.
3.2.3. Status of use of law on cybersecurity
The practice of using the law on cybersecurity shows that agencies,
organizations and individuals are more proactive in using the law to
exercise their legitimate rights and interests.
However, many subjects are not fully aware of the downside of
putting personal information on the cyberspace, this is a loophole that can
be used by bad actors to commit violations of the law. Since then, human
rights, civil rights and rights of enterprises have been violated, affecting
social order and safety on cyberspace.
3.2.4. The status of applying the law on cybersecurity
The application of the law on cybersecurity by competent agencies,
organizations and individuals in recent years has been more focused on
implementing, bringing positive effects, contributing to bringing the law
to life. Awareness, the capacity to apply the law on cybersecurity is
raised, the quality is initially guaranteed, minimizing errors. Timely and
strictly applying the legal provisions on prevention and handling of
cybersecurity violations really creates a positive effect on cyberspace.
The handling of cybersecurity violations is an urgent and indispensable
requirement to heal cyberspace, ensure social order and safety, national
security and peaceful sovereignty for the national cyberspace territory.
According to the Vietnam Center for The Handling of Fake News
(VAFC) under the Ministry of Information and Communications, in the
first 6 months of 2021, the Center received more than 1.1 thousand reports
of fake news. After verification, the Center published the labeling of 38
fake news, false news. As for the data of the Supreme People's Court, the
reality of adjudicating criminal cases in this field is not much, for every
1,000 defendants brought to trial by the Court only 01 defendant is a

cybercriminal.


17
3.2.5. Evaluate implementing the law on cybersecurity
3.2.5.1. Advantages and causes of advantages in implementing the
law on cybersecurity
- About the advantages in implementing the law on cybersecurity
First, the awareness of the subjects about the importance and
requirements to implementing the law on cybersecurity is increasingly
improved.
Secondly, the work of propagating and disseminating the law on
cybersecurity is increasingly focused and responsible by the subjects. The
awareness of the whole society about cybersecurity law and the
compliance and enforcement of cybersecurity law has been gradually
improved.
Thirdly, the compliance, implementation, use and application of the
law on cybersecurity has many changes, achieving many important results.
Fourthly, the detection and handling of violations is carried out more
quickly and timely, which contributes to ensuring the legislation in
implementing the law on cybersecurity.
- Causes of advantages in implementing the law on cybersecurity
Firstly, implementing the law on cybersecurity is the Party's
consistent policy on protecting national security, ensuring social order and
safety, legitimate rights and interests of agencies, organizations and
individuals on cyberspace.
Secondly, in the implementation process, implementing the law on
cybersecurity received drastic management from the Government.
Thirdly, implementing the law on cybersecurity received the consensus
of domestic organizations and international organizations.

3.2.5.2. Limitations and causes of limitations in implementing laws
on cybersecurity
- On limitations in implementing the law on cybersecurity
Firstly, many agencies, organizations and enterprises have not strictly


18
complied and actively implemented the law on cybersecurity.
Secondly, the effectiveness of propagating and disseminating the law
on cybersecurity is not high.
Thirdly, the violation of the law on cybersecurity by some
organizations and individuals in recent years shows that these subjects
have not consciously complied with, enforced and used cybersecurity law.
Fourthly, the management, detection, prevention, prevention,
prevention, investigation and handling of cybersecurity violations due to
the complex nature, so many times they do not meet the requirements in
the new situation.
- Causes of limitations in implementing the law on cybersecurity
* Objective causes
Firstly, the system of legal documents on cybersecurity is not
complete.
Secondly, the infrastructure of facilities and techniques for the
implementation of the law on cybersecurity has not been guaranteed.
Thirdly, the funding for the implementation process, implementing
the law on cybersecurity in Vietnam is not commensurate with the benefits
of ensuring cybersecurity.
* Subjective causes
Firstly, the sense of compliance with the law on cybersecurity of
subjects in society is not really uniform.
Secondly, the construction of resources is not commensurate with the

important nature of cybersecurity protection activities.
Chapter 3 subcontract
Chapter 3 of the thesis on the study of the legal situation on
cybersecurity in Vietnam since 1997 has had the most pronounced
development since the period of 2018. The project analyzes and evaluates
implementing the law on cybersecurity in 04 forms of law implementation.
The thesis pointed out the advantages, limitations and causes of those


19
advantages and limitations. The analysis of the assessment of the legal
situation and the situation of implementing the law on cybersecurity is the
basis for proposing a group of viewpoints and solutions for implementing
the law on cybersecurity.
Chapter 4
VIEWPOINTS AND SOLUTIONS FOR IMPLEMENTING
CYBERSECURITY LAWS IN VIETNAM
4.1. VIEWPOINTS ON IMPLEMENTING THE LAW ON
CYBERSECURITY IN VIETNAM
4.1.1. Thoroughly awareness Communist Party’s viewpoints on
implementing the law on cybersecurity
Firstly, thoroughly grasp the priority view of the protection of
cybersecurity in defense, security, socio-economic development, science,
technology and diplomacy.
Secondly, continue to organize the effective implementation of legal
documents on cybersecurity; periodically summarize, summarize and
evaluate the implementation work to have directions and solutions focused
in ensuring cybersecurity.
4.1.2. Implementing the law on cybersecurity in Vietnam
must aim to maintain and protect national sovereignty in

cyberspace
Firstly, ensuring cyber security and national information
infrastructure: Important information systems on national security need to
be protected by the use of specialized security systems.
Secondly, construction must go hand in hand with protection to
ensure database safety and develop information technology applications.
Thirdly, thoroughly grasp and promote the spirit of great solidarity of
the whole people in protecting national sovereignty in cyberspace.


20
4.1.3. Implementing the law on cybersecurity must be associated
with the protection of human rights and civil rights
Thoroughly awareness Communist Party's views on the protection of
human rights, civil rights, implementing the law on cybersecurity must
always uphold the interests of individual users. Exercising the right to
access official information; the right to participate in the formulation and
implementation of policies and laws on ensuring the right to privacy
secrets and personal privacy rights; the right to consult and support on
skills to participate in the network environment; the right to denounce
when violated,...
4.1.4. Implementing the law on cybersecurity in accordance with
Vietnam's specific conditions, while meeting the needs of international
development and integration
Politically, implementing the law on cybersecurity must contribute to
maintaining stability in the political environment and affirm the Party's
position on the protection of cybersecurity. Effectively implement the law
on cybersecurity in practice, contributing to the elimination and
elimination of defamatory information, activities of fishing, instigation,
bribery, deception, enticement, training and training of people against the

State on cyberspace.
In terms of economy, the socialist-oriented market economy in
Vietnam has many forms of ownership, many economic components,
forms of business organization and forms of distribution. People and
enterprises are free to trade in any industry on cyberspace that is not
prohibited by law, equal before the law and protected by law.
In terms of society, implementing the law on cybersecurity must
overcome unhealthy social phenomena on cyberspace. The subjects
formed the habit of accessing healthy mainstream news sites, knowing
how to "boycott" the "black" websites. Strengthen the application of strong
and direct measures to the "pockets" of those who violate the law on
cybersecurity to overcome the situation of "greasy law" on social


21
networks.
Implementing the law on cybersecurity is not only limited to the
borders of a country but also regional and international. Therefore,
implementing the law on cybersecurity needs to thoroughly learn from
international experience in parallel with the summary of cybersecurity law
practice in Vietnam.
4.2. SOLUTIONS FOR IMPLEMENTING THE LAW ON
CYBERSECURITY IN VIETNAM
4.2.1. Solutions to complete the law on cybersecurity
Continue to review, formulate and complete the law on
cybersecurity
in
the
direction
of

ensuring
consistency,
synchronousness, comprehensiveness, conformity, specificity and legal
construction techniques.
Subjects competent to promulgate legal documents on cybersecurity
must be knowledgeable about information technology and digital
technology.
4.2.2. Solutions to raise awareness and responsibility of subjects
in implementing the law on cybersecurity
The law on cybersecurity in Vietnam is implemented by many
subjects, mainly state management agencies, enterprises and individuals.
There must be abundant solutions to raise awareness and responsibility for
these subjects.
4.2.3. Solutions to strengthen resources for implementing the law
on cybersecurity
Building and consolidating human resources on cybersecurity to
ensure quality, sufficient quantity, structural conformity; ensuring
technological infrastructure, equipment and funding for implementing the
law on cybersecurity.
4.2.4. Solutions to strengthen international cooperation in
implementing laws on cybersecurity


22
Actively exchange and learn the experiences of countries in the field
of implementing the law on cybersecurity, on the protection of national
sovereignty on cyberspace. Continue to expand and promote international
cooperation with foreign security agencies in the process of detecting,
investigating and handling violations of law to ensure law cybersecurity
implementation.

Chapter 4 subcontract
In order to ensure implementing the law on cybersecurity in the
current period, chapter 4 of the thesis focuses on the arguments of
principled views, which are: thoroughly aware of Communist Party’s
viewpoints on implementing the law on cybersecurity; implementing the
law on cybersecurity in Vietnam must aim to maintain and protect national
sovereignty on cyberspace; The law on cybersecurity in Vietnam must be
associated with ensuring human rights and civil rights; implementing the law
on cybersecurity in Vietnam must be in accordance with Vietnam's specific
conditions, while meeting the needs of international development and
integration.
From the above viewpoints, the thesis proposes group of solutions
for implementing the law on cybersecurity. The solutions are as follows:
firstly, improving the law on cybersecurity; secondly, raising awareness
and responsibility of the subjects in implementing the law on
cybersecurity; thirdly, increasing resources for implementing the law on
cybersecurity; fourthly, strengthening international cooperation in
implementing the law on cybersecurity. Corresponding to each solution,
the main tasks and activities need to be implemented in a synchronous and
systematic way to achieve the set goals and requirements. These are
specific solutions, feasible, urgent and long-term, so it is necessary to be
applied flexibly and creatively in implementing the law on cybersecurity.


23
CONCLUSION
Cybersecurity is a term that has appeared in recent decades. The law
on cybersecurity is considered the law "guarding the door" for the security
of the national cyberspace, ensuring social order and safety, legitimate
rights and interests of agencies, organizations and individuals.

Implementing the law on cybersecurity in Vietnam is the sum of the
purposeful activities of the subjects in order to realize the law on
cybersecurity of the Socialist Republic of Vietnam into practical and legal
acts to ensure national security, social order and safety, legitimate rights
and interests of agencies, organizations and individuals on cyberspace on
cyberspace. Implementing the law on cybersecurity acts as guardian of
national security on cyberspace.
On the basis of research on implementing the law on cybersecurity,
the thesis draws some conclusions as follows:
Firstly, the research and analysis thesis give the legal concept of
cybersecurity and the concept of implementing the law on cybersecurity.
At the same time, it shows the characteristics, roles and conditions to
ensure cybersecurity law implementation; stated the content of legal
adjustment on cybersecurity and analysis of forms of implementing the
law on cybersecurity. The thesis has also studied implementing the law on
cybersecurity of some countries in the world, from those experiences,
Vietnam can refer to in the actual conditions of implementing the law on
cybersecurity of Vietnam today.
Secondly, the thesis has assessed in a relatively comprehensive way
the achievements and limitations of the law on cybersecurity; The thesis
focuses on analyzing and evaluating the current situation of implementing
the law on cybersecurity, pointing out the advantages and limitations and
basic causes in Vietnam.
Thirdly, the thesis proposes viewpoints, which are as follow: deeply
grasping Vietnam Communist Party’s viewpoints towards implementing