Nguyen Ngoc Anh Dao

DOI: https://doi.org/10.61707/613eg160

2023-12-22

International Journal of Religion

Abstract:Vietnam's rapid digital transformation has led to an exponential growth in online activities, generating vast amounts of personal data. As the country continues to evolve, ensuring the protection of this sensitive information has become a pressing concern. This study examines the current state of online personal data protection in Vietnam, highlighting the challenges and opportunities that arise from the nation's digital transformation. The study conducted a review to evaluate the personal data and privacy protection practices on e-government portals and e-service portals in Vietnam. In this study, based on two dimensions were assessed: (i) privacy policies issued by local governments; and, (ii) specific measures to implement such policies through technical tools. The findings indicate that while Vietnam has made significant strides in developing its digital infrastructure, the protection of personal data remains a significant challenge. The study identifies several key areas of concern, including inadequate legal frameworks, insufficient public awareness, and limited enforcement mechanisms. However, it also highlights opportunities for improvement, such as the potential for data protection regulations to drive innovation and economic growth. The study concludes by outlining a roadmap for the next stage of Vietnam's digital transformation, emphasizing the importance of robust data protection measures. It recommends the development of a comprehensive legal framework, increased public awareness campaigns, and enhanced enforcement mechanisms to ensure the effective protection of personal data. By addressing these challenges and seizing these opportunities, Vietnam can create a robust digital ecosystem that balances economic growth with individual privacy and security.

English Else

Ta Thi Bich Ngoc,Nguyen Kim Tung

DOI: https://doi.org/10.25073/2588-1116/vnupam.4414

2022-09-29

Abstract:Expanding and moving towards online public service coverage is the basic criterion of digital government development in the National Digital Transformation program in Vietnam to 2025, with orientation to 2030. To provide online public services, the state needs to collect personal data of users. This poses a requirement to protect personal data, to avoid exposing personal data online. With a privacy-based approach, the article focuses on evaluating personal data protection policies on the basis of online public services in Vietnam today, thereby proposing ideas for policy development in the future. Keywords: Privacy, Personal data protection, Personal data protection policy, Public services, Online public services, Digital transformation

Chao Wu

DOI: https://doi.org/10.1016/j.techsoc.2024.102457

IF: 6.879

2024-01-01

Technology in Society

Abstract:In recent years, data privacy has attracted increasing public concerns, especially with public scandals from top Internet companies, emerging over inappropriate data collection, lack of transparency in data usage, and manipulation of users' preferences. This has led to responsive efforts from multiple sectors of society to constrain the violation of individuals’ data privacy. Among these efforts, the regulations like GDPR are the most influential, which are believed to be able to change the foundation of the whole data ecosystem. The main concern of current regulation is data transparency, designed to enable individuals to make rational decisions about their data. However, I argue that transparency cannot mitigate a key issue of data privacy, which is the right of receiving benefits from data. This issue is getting severe with the rapid development of the data economy and will become the essential problem of social welfare and fairness in the AI era. I further point out that the key to solving this issue is to migrate the current centralized data utilization paradigm to a new decentralized paradigm. Based on the recent technical advancements, I propose an applicable pathway to implement such a paradigm. And to realize a fair and sustainable data eco-system, joint efforts should be made within this paradigm.

Matthias Artzt,Tran Viet Dung

DOI: https://doi.org/10.2478/vjls-2022-0007

2022-12-01

Vietnamese Journal of Legal Sciences

Abstract:Abstract Artificial intelligence (AI) is the latest in a long wave of disruptive technology, offering significant benefits but also creating risks if deployed in an uncontrolled manner. Recognizing this, many countries around the world, including Vietnam, are making efforts to research and build a legal framework to regulate and manage the development of AI to ensure that this technology supports their socio-economic development. In this context, the legislative experience of the European Union, one of world’s leaders in digital technology, is of high significance. The European GDPR, adopted in 2016, has become the international standard in terms of data protection. The EU AI Act, which is currently in a draft stage and will come into force not before end of 2024, sets out horizontal rules for the development, commodification and use of AI-driven products, services and systems, including the AI system and data protection. This article particularly scrutinizes the interplay between both the AI Act/AI systems and the GDPR and considers the regulatory state of play as at October 2022.

Jack Trọng

DOI: https://doi.org/10.47672/ajdikm.2347

2024-08-27

Abstract:Purpose: The aim of the study was to assess the relationship between data privacy regulations and consumer trust in e-commerce platforms in Vietnam. Materials and Methods: This study adopted a desk methodology. A desk study research design is commonly known as secondary data collection. This is basically collecting data from existing resources preferably because of its low cost advantage as compared to a field research. Our current study looked into already published studies and reports as the data was easily accessed through online journals and libraries. Findings: The study found that stringent data privacy regulations positively influence consumer trust in e-commerce platforms. When consumers perceive that their data is adequately protected, they are more likely to trust the platform, resulting in higher confidence levels and increased willingness to engage in online transactions. Moreover, compliance with these regulations can differentiate e-commerce platforms in competitive markets, as consumers tend to prefer platforms that prioritize data privacy and security. This relationship underscores the pivotal role of regulatory frameworks in shaping consumer perceptions and behaviors in the digital marketplace, emphasizing the importance of maintaining robust data protection standards to foster trust and sustainable business relationships. Implications to Theory, Practice and Policy: Trust theory, regulation theory and technology acceptance model may be used to anchor future studies on assessing the relationship between data privacy regulations and consumer trust in e-commerce platforms in Vietnam. E-commerce platforms should prioritize enhancing data transparency and accountability to build consumer trust. Policymakers should work towards harmonizing international data privacy standards to create a cohesive regulatory environment.

Emeka Ekweozor

DOI: https://doi.org/10.2139/ssrn.3639129

2020-01-01

SSRN Electronic Journal

Abstract:Data protection and reliability are top priority issues in this digital age. With the advent of new technologies, the need to protect one’s privacy is becoming of ever greater importance. The advent of information technology has created an environment where personal and organizational data can easily be assessed by anyone if they are not properly protected . Besides, the undeniable fact that people’s lives are now becoming woven around continuous exchange of information, and streams of data, means that data protection is gaining importance and moving to the center of the political and institutional system . Thus, most countries have taken a stance on data protection in order to enforce laws, prevent crime and adopt in diplomatic relationship . Moreover, the fundamental right to protection of personal data is recognized at the universal level in various human rights instruments adopted under the aegis of the UN , mostly as an extension of the right to privacy. It is an inalienable human right also guaranteed by the Nigerian. However, the growing subscription of customers to online services offered by the financial, trading and telecommunications companies in Nigeria, as well as the increasing rate of identity theft and other cyber misdemeanors have necessitated the need for data protection legislation that aligned to international standards.

Titis Pandan Wangi Reformasi,Hasrul Buamona

DOI: https://doi.org/10.55927/jlca.v3i3.10376

2024-08-06

Abstract:In the ever-evolving digital era, an in-depth exploration of the cybersecurity legal framework is a must. This article examines the background and discussion of personal data protection in 2023. It provides a comprehensive overview of the current cybersecurity landscape, identifying key trends and threats faced by individuals, businesses, and governments. The focus then shifts to regulatory and compliance analysis, exploring potential changes and evaluating the adequacy of current regulations. Next, we outline the latest technologies used in data protection, detailing the role of artificial intelligence (AI) to blockchain in strengthening cybersecurity. Ethical aspects are also highlighted, exploring how efforts to improve security can be balanced with individuals’ right to privacy and preventing abuse of power by authorities. Through analysis of key cases in 2023, this article highlights real-world experiences related to personal data breaches. From here, readers can gain a deeper understanding of how cybersecurity law is evolving and addressing the ever-growing threats in this digital era. This article aims to provide a holistic view, educating readers about the current challenges and innovations in personal data protection and contributing to a deeper understanding of the field.

Chuyun Wang,Feifei Guo,Mengxuan Ji

DOI: https://doi.org/10.1155/2022/1678360

2022-08-30

Journal of Environmental and Public Health

Abstract:In the era of big data, while every citizen enjoys the convenience of the Internet, all kinds of information closely related to their personal and property are in a state of "streaking" for a long time. Personal information is frequently leaked, illegally misappropriated, and used. There are necessary requirements of network security. The risks and challenges faced by personal information in the context of big data increase. In the context of the rapid development of big data, the information is circulated in virtual cyberspace in the form of electronic data, and data sharing has become an important flow form of information circulation. It is an important link to realize the optimal allocation of network resources and realize the value of data. The great progress of the digital economy and artificial intelligence technology has greatly increased the demand for data, the speed of circulation has been further accelerated, and the potential value of data has been fully reflected. At present, the scope of personal information protected by Chinese laws is relatively narrow and is basically limited to the scope of privacy rights, which makes a large amount of information owned by individuals that do not belong to the category of personal privacy rights lack legal protection. Personal information is different from the characteristics of privacy rights. It is decided that the protection of personal information should be different from the protection of traditional personal privacy. To sum up, in view of this, this article attempts to analyze the new challenges faced by personal information protection in the era of big data from the perspective of law, combined with the background of the era of big data, from the legislative model, system design, supervision mechanism, industry self-discipline, and other aspects. Exploration of the legislative framework for the protection of personal information in the era of big data in our country is done in order to find a realistic path that balances the development of big data technology and the protection of personal information.

V. Kravchuk

DOI: https://doi.org/10.24144/2307-3322.2023.78.2.7

2023-08-31

Abstract:The article analyzes the protection of personal data based on foreign experience. Social networking has been identified as one of the most prominent cultural phenomena to emerge in the Web 2.0 era. They keep users connected and facilitate the exchange of information between them. The European Union has adopted a new personal data protection system called the General Data Protection Regulation (GDPR). Its main goals include providing individuals with tools to control their personal data, implementing modern standards for the protection of personal information, developing the digital space of the European Union to safeguard personal data, ensuring strict compliance by all parties, and providing legal support for the international transfer of personal information. United States legislative documents related to aspects of data protection and privacy were analyzed, namely: California Consumer Privacy Act (CCPA); Children’s Online Privacy Protection Act (COPPA); Health Insurance Portability and Accountability Act (HIPAA); State data breach notification laws. It is noted that China has a comprehensive legal framework that regulates the protection of personal data, and includes the following legal acts: Personal Information Protection Law (PIPL) and Data Security Law (DSL). Conclusions were made that the urgency and importance of protecting personal data in social networks is due to rapid technological progress, the growth of cyber security threats and the spread of these platforms. By protecting personal data, people can maintain privacy, prevent abuse, maintain user trust, reduce risk, and comply with legal obligations. The issue of ensuring mobility and interoperability in social networks gives particular importance to the protection of personal data, as it relates to this particular data, and not just to technology, as it may be in the telecommunications sector. This requires additional thought and measures to ensure privacy and data security. Therefore, when developing legal protection mechanisms for online social networks, it is necessary to take into account and solve problems related to the protection of personal data.

Jingting Liu,Ulrike Sengstschmid,Yixuan Ge

DOI: https://doi.org/10.2139/ssrn.4547683

2023-01-01

SSRN Electronic Journal

Abstract:With the growing digital economy, personal data protection during data transfers has become a key concern. The study examines the landscape of cross-border data transfer regulations in the ASEAN region and the various compliance challenges faced by businesses. The analysis and discussion focus on the effectiveness and limitations of region-wide mechanisms like ASEAN model contractual clauses, the interoperability of laws, the specific challenges faced by small- and medium-sized enterprises (SMEs) and business implications of Vietnam's data protection decrees. It also evaluates external influences on ASEAN's data transfer regulations by examining the prevalence of provisions on free data flow and limiting data localisation in free trade agreements that ASEAN countries are party to. We find that Singapore is a major influencer within ASEAN, while Australia is a key external influencer in promoting free data flows and limiting data localization. However, harmonizing data regulations through trade agreements in ASEAN remains limited due to numerous exceptions to relevant clauses. To facilitate smooth data transfers within the region, we outline a policy roadmap for both national governments and ASEAN as a regional organisation: In the near term, reducing ambiguity and raising awareness of personal data regulation compliance should be prioritized. In the longer-term coherent cross-border data transfer mechanisms across the region and perhaps at an even larger scale should be goal.

Gong Nan,,

DOI: https://doi.org/10.21638/spbu14.2023.110

2023-01-01

Abstract:In the development of China’s Internet industry and digital economy, great importance is attached to the protection of personal data and seriously protects the legitimate rights and interests of citizens’ personal data. Generally speaking, with the development of technology and industry, China’s personal data protection has gone from “indirect protection” to “direct protection” and then to “comprehensive protection”. In the early years of China’s Internet industry, the indirect protection of personal data was mainly achieved through the protection of the “rights to privacy” of citizens. Since the Internet industry of the People’s Republic of China has entered a stage of rapid development, the state began to directly protect personal data in accordance with the provisions of the Chapter “Network Information Security” established in the “Cyber Security Law” of 2016, establishes several principles for the collection and use of personal data, protection requirements information security. Until November 1, 2021, the “Personal Data Protection Law of the People’s Republic of China” (PPD) was adopted to comprehensively protect personal data, reflecting the ideology of development focused on bringing the people to the center, meeting the new needs and aspirations of the people in the new era, and also proposing the creation international digital legal order “Chinese version”. The PPD further expands the scope of the object of personal data protection, comprehensively establishes the rights of individuals to process data, strengthens the obligations to protect personal data processors, creates strict rules for the protection of sensitive personal data and regulates the processing of personal data by public authorities, as well as improving the means of legal protection of personal data, all of which are important points in the legislation. The law incorporates advanced foreign experience, while emphasizing Chinese wisdom, the spirit of the times, and practicality in accordance with the reality of China.

Phan The Duy,Do Thi Thu Hien,Van-Hau Pham

DOI: https://doi.org/10.48550/arXiv.2009.00530

2020-09-01

Cryptography and Security

Abstract:The modern society, economy and industry have been changed remarkably by many cutting-edge technologies over the last years, and many more are in development and early implementation that will in turn led even wider spread of adoptions and greater alteration. Blockchain technology along with other rising ones is expected to transform virtually every aspect of global business and individuals' lifestyle in some areas. It has been spreading with multi-sector applications from financial services to healthcare, supply chain, and cybersecurity emerging every passing day. Simultaneously, in the digital world, data protection and privacy are the most enormous issues which customers, companies and policymakers also take seriously into consideration due to the recent increase of security breaches and surveillance in reported incidents. In this case, blockchain has the capability and potential to revolutionize trust, security and privacy of individual data in the online world. Hence, the purpose of this paper is to study the actual cases of Blockchain applied in the reformation of privacy and security field by discussing its impacts as well as the opportunities and challenges.

Hanita Mayasari

DOI: https://doi.org/10.62264/jlej.v1i1.4

2023-11-27

Abstract:The objective of this study is to elucidate the challenges presented by technological advancements, namely digital metaverse technology, with regard to safeguarding personal data in Indonesia. This study also investigates these issues via the lens of human rights. The research methodology employed in this study encompasses a mixed approach, combining socio-legal and normative research methods. The research findings indicate that there is a pressing need for the safeguarding of personal data in Indonesia, particularly in light of the escalating number of incidents and the advancement of the information technology sector. The significance of metaverse technology should not be underestimated, thereby necessitating a thorough legislative reform to address the associated difficulties. The enactment of the PDP Law represents the initial measure taken by the government to establish a framework for the administration of personal data protection. The active participation of all stakeholders, particularly those in the digital economy industry, is vital in the formulation and implementation of rules. Additionally, it is crucial to adhere to the principles of Data Protection By Design and By Default. The PDP Law encompasses various significant provisions that can be utilised by the Indonesian government to enforce personal data protection measures and impose penal consequences upon those who breach the regulations stipulated within this legislation. The PDP Law serves as a legal framework that holds applicability not only inside national boundaries but also extends to international jurisdictions, particularly in the context of the contemporary metaverse.

Wuguang Wei,Abdul Manap Nazura Bt.,Mohamad Rizal Bin Abd Rahman

DOI: https://doi.org/10.56294/saludcyt2024.1208

2024-08-08

Abstract:The development of big data technology has brought great impact and changes to social governance, and poses a great threat to personal privacy security, but it also effectively promotes the intellectualization of lifestyle, personalized service and scientific decision-making. At present, due to the imperfect legal system, the non-standard management of practitioners, and the weak awareness of personal privacy protection, cases of information security infringement occur from time to time. This paper analyzes the existing problems in the field of privacy protection and the reasons for privacy disclosure in the era of big data, and summarizes the important enlightenment of foreign privacy protection experience to the protection of privacy rights of Chinese citizens at this stage by drawing lessons from the successful practical experience of American industry self-regulation model, European Union legislative protection model and British technology control model. This paper puts forward specific measures to establish and improve the protection mechanism of citizens' privacy in the era of big data in China, that is, to strengthen legislative supervision and system formulation, to protect personal privacy through data desensitization, data encryption, data access control and data security audit technology; Improve the awareness and ability of personal privacy protection and other governance methods.

Inderjeet Singh Sodhi,Mankirat Kaur,Jaskirat Kaur

DOI: https://doi.org/10.1177/00195561241271579

2024-08-29

Indian Journal of Public Administration

Abstract:In the 21st century, data privacy, data protection and cybersecurity have become challenging issues with increasing cases of data breaches and data disasters. Data privacy has emerged as one of the challenging issues after numerous cases of data breaches and manipulations in many departments, agencies, bodies and organisations in every country. A well-designed data framework may enable not just secure data privacy/protection but also enable users’ control over data through a protective and safe system to share data across organisations, leading to individual empowerment and well-being. In India, privacy still remains a complex area, which has affected data safety and protection. A number of government websites clearly mention that data will not be shared with anyone until and unless for the purpose enshrined so far. In India, there have been various policies, guidelines, strategies and initiatives for cybersecurity, data privacy, data protection and data measures, including the Digital Personal Data Protection Act, 2023; the National Cyber Security Policy, 2013; the Information Technology Act 2000; the Information Technology (Amendment) Act, 2008; the Information Technology Rules, 2011 and so on. This article tries to examine policies/regulations for data privacy, data protection and data safety in South Indian states.

Jonatas S. de Souza,Jair M. Abe,Luiz A. de Lima,Nilson A. de Souza

DOI: https://doi.org/10.48550/arXiv.2009.14313

2020-09-29

Cryptography and Security

Abstract:Rapid technological change and globalization have created new challenges when it comes to the protection and processing of personal data. In 2018, Brazil presented a new law that has the proposal to inform how personal data should be collected and treated, to guarantee the security and integrity of the data holder. The purpose of this paper is to emphasize the principles of the General Law on Personal Data Protection, informing real cases of leakage of personal data and thus obtaining an understanding of the importance of gains that meet the interests of Internet users on the subject and its benefits to the entire Brazilian society.

Sambhabi Patnaik,Kyvalya Garikapati,Lipsa Dash,Ramyani Bhattacharya,Arpita Mohapatra

DOI: https://doi.org/10.4108/eetpht.10.5583

2024-03-29

EAI Endorsed Transactions on Pervasive Health and Technology

Abstract:INTRODUCTION: Health information amassed during the treatment of a medical condition is termed health data. This data encompasses information gathered about a patient and their family, forming a patient history. The internet has progressively transformed communication, commerce, and information acquisition. Among the diverse domains it has influenced, the healthcare sector stands out as one of the most intricate and unique realms of integration. Big data are the results of normal online transactions and interactions that take place online, the detectors that are implanted in devices and actual locations, as well as the generation of digital contents by individuals whenever they submit data over internet. OBJECTIVES: The need of protection of health data and methods of safeguarding patient privacy. The study also helps \understand and appreciate the best practices which will help India in implementing the law more effectively. METHODS: A doctrinal method of research was employed to analyse the laws and regulations. A comparative approach of different countries gives us the understanding of the gaps and issues. The efficacy of the laws was tested as the paper explores the laws of Canada & Indonesia regarding data protection. RESULTS: In this study, we understood the generation, processing, and interchange of these massive amounts of data can now be facilitated by cloud computing technology. As India, recently enacted 'The Digital Data Protection Act 2023' which might be a ray of hope for protection of sensitive health data of individuals from misuse. CONCLUSION: The journey towards optimal data protection is ongoing, requiring continuous adaptation to the dynamic nature of technology and the ever-changing healthcare environment.

Abraham Ethan Martupa Sahat Marune,Brandon Hartanto

DOI: https://doi.org/10.46336/ijbesd.v2i4.170

2021-11-07

Abstract:The development of technology, communication, and the internet has positive and negative influences on all sectors of life in society. One of the negative impacts and problems is the alleged criminal act of buying and selling data and the absence of a special law (lex specialist) regarding the regulation of Indonesian personal data. The purpose of this research is to analyze in-depth the efforts to strengthen the protection of personal data, cyber security, and increase public awareness of the perspective of Progressive Law in Indonesia. This study uses a normative juridical method using secondary data, a statutory approach, a conceptual approach, and a case approach. This scientific paper concludes that the Synergy of Ministries and related institutions (Legislative, Executive, and Judiciary) is the key to protecting personal data and cyber resilience. Then, strengthening efforts should be made, namely immediately passing the Draft Law on Personal Data Protection (RUU PDP), forming an independent institution. However, if at this time a dispute occurs, it can be resolved by Article 30 of the ITE Law and the PMH Lawsuit (Tort), supported by a progressive legal approach and futuristic interpretation by the judge examining the quo case. The synergy of government agencies, the private sector, and other stakeholders is needed to increase public awareness by increasing education/dissemination of efforts to prevent misuse of personal data.

Varda Mone,Sadikov Maksudboy Abdulajonovich,Ammar Younas,Sailaja Petikam

DOI: https://doi.org/10.1017/jli.2024.22

2024-10-06

International Journal of Legal Information

Abstract:The world is witnessing an increase in cross-border data transfers and breaches orchestrated by State and non-State actors. Cross-border data transfers may lead to friction among States to localize or globalize data and to provide regulatory frameworks. "Data warfare" or information-war operations are often not covered under conventional rules; however, they are categorized as acts of espionage and subject to domestic regulations. As such, the operations are used to achieve a variety of objectives, including stealing sensitive information, spreading propaganda, and causing economic damage. Notable instances of the theft of sensitive information include the recent Bangladesh government website breach, exposing 50 million records, and the Unique Identification Authority of India (UIDAI) website hack. Regulating the "data war" under the existing principles of international law may be unsuccessful in creating robust international legal frameworks to address the associated challenges. These developments further accentuate the global divide between data-rich regions in the Global North, with strong data protection mechanisms (such as the GDPR and the California Privacy Rights Act), and regions in the Global South, where there is a lack of comprehensive data protection laws and regulatory regimes. This disparity underscores the urgent need for global cooperation for substantial international regulatory mechanisms. This article examines the complexities surrounding data warfare; it highlights the imperative need for establishing a robust global legal framework for data protection, delving into the concept of data war. It also acknowledges the growing influence of advanced technologies like data computing and mining and their ongoing threats to the fundamental rights of individuals associated with exposed personal data. The authors address the deficiencies in international legal provisions and advocate for a global regulatory approach to data protection as a critical means of safeguarding personal freedoms and countering the escalating threats in the digital age.

Dr. Newal Chaudhary

DOI: https://doi.org/10.46985/kslr.v12i1.2225

2024-07-26

Kathmandu School of Law Review

Abstract:Nepal is undergoing rapid digitization of services across sectors like education, commerce, finance and healthcare. However, this digital transformation has enabled mass collection of citizens' personal data by both government and private companies without sufficient consent, transparency or protection around data use. Vast troves of Nepali citizens' information ranging from names and biometrics to browsing history, purchases and location data are being harvested through digital platforms and systems. This article analyzes the policy gaps around safeguarding citizens' data privacy rights in Nepal. It highlights real-world cases of harms arising from lack of governance around citizens' data, including electoral manipulation, data breaches, unregulated cross-border data transfers and privacy violations during the pandemic under the guise of public health response. For instance, the Cambridge Analytica scandal revealed how private firms can covertly harvest citizens' Facebook data to psychologically profile voters and target them with customized disinformation to influence their behavior. The article argues that forward-looking and rights-based data protection legislation on par with global benchmarks has become an urgent democratic imperative if Nepal is to secure its citizens' privacy, autonomy and choice in the digital age. Comprehensive governance setting clear consent requirements, purpose limitations and penalties around collection and use of citizens' data can no longer be delayed, as Nepal lags behind many of its regional peers in enacting such safeguards. The article makes the case for recognizing data protection as a 21st century freedom struggle to reclaim citizens' rights in virtual spaces in the age of surveillance capitalism.1 Enacting strong data privacy law is positioned as essential for equitable digital development in Nepal.