ICT Update: Notes from the Strategy Planning Call on the Vietnam Law on Cybersecurity and OTT Regulations

ICT Update | August 28, 2018
Authors: Vu Tu Thanh, Shay Wester, Ella Duangkaew
 
NOTES FROM STRATEGY PLANNING CALL ON VIETNAM LOCS/OTT REGULATIONS
 
 

On August 27, the Council held a strategy planning call on the Vietnamese Law on Cyber Security (LOCS) and Over-the-top (OTT) regulations. The call discussed potential engagement and messaging strategies for advocacy and engagement on the Vietnam LOCS and OTT regulations. The notes from the call are below.

Key Follow UpPlease provide comments on the final draft of the Vietnam Implementation Guidelines Joint Industry Submission (draft cover letter and comments attached) to Ella Duangkaew at eduangkaew@usasean.org and Shay Wester at swester@usasean.org by EOD Wednesday, August 29.

Also attached (following the draft cover letter and submission) are:

  1. The Council's Advocacy Program on the LOCS Implementing Regulations
  2. Call for Sponsorship for the U.S. Innovation Study Visit 
  3. Vietnam Delegation List for the U.S. Innovation Study Visit
  4. Consolidated Comments from the Vietnam Business Forum on LOCS

If you have any questions, please contact Ella Duangkaew (eduangkaew@usasean.org), Shay Wester (swester@usasean.org) or Vu Tu Thanh (tvu@usasean.org).

Notes from the Strategy Planning Call on Vietnam LOCS/OTT Regulations: 

Objectives:

  • Provide updates on the status of Vietnam’s policy environment regarding LOCS and OTT regulations
  • Obtain further inputs from Council members on potential strategy options going forward (approaches, messages, activities)

Takeaways:

  1. Members should utilize existing avenues/efforts to engage with GOV on LOCS. The Council supports all those efforts but will not be taking a confrontational stance on LOCS and will instead leverage its reputation as a trusted and nuanced advisor to partner with MPS and advocate for regulatory change.
  2. We should aim to delay the issuance of the implementing decree(s) and failing that, seek a period of transition of 1 – 2 years to give businesses enough time to adapt.
  3. Please submit specific recommendations and comments by September 15 for OTT regulations.

Engagement Strategies:

  1. Utilize existing avenues/efforts to engage with GOV on LOCS (Joint industry submission, US Chamber/AmCham/VCCI US-Vietnam Business Summit in Hanoi on September 10, Vietnam Business Forum submission).
  2. Organize small, informal thought-leader roundtable series on LOCS and the digital economy in Hanoi and Ho Chi Minh city. Each session will include 6 – 8 prominent thought leaders from a wide range of backgrounds to discuss how to promote the digital economy by leveraging the prime minister’s pro-tech agenda, the leadership change in MIC and MPS cybersecurity force, the IPEV and industry expertise and resources, and mitigating the negative impacts of LOCS. (High-visibility large-scale seminars on this LOCS without endorsement of MPS will likely backfire as the matter is highly politicized).
  3. Work with the US embassy in Hanoi to leverage USG resources with GOV
  4. Utilize Indo-Pacific Economic Vision Digital Connectivity and Cybersecurity Partnership Innitiative as a vehicle to persuade GOV to adopt key universally accepted principles of cybersecurity.
  5. Engage with MPS drafting team (Cybersecurity Agency), share with them best practices: It’s highly sensitive for them so things must be planned carefully. They would feel more comfortable in the company of trusted peer government agencies. Small, informal meetings (see 2. Above) work better for them. Formal meetings (mini-mission to MPS) are still necessary.
  6. Encourage the sharing of best practices and broader education of Vietnam’s security leadership
    1. Cybersecurity is a part of the larger national security and defense framework. Given that it is potentially risky in the existing political climate to engage with the MPS directly, the Council could work closely with the US government to
      1. Enhance US-Vietnam cooperation through a potential cybersecurity partnership. There is existing precedent for doing so, given that there are currently two cybersecurity partnerships in Singapore and in Philippines. The Council has been engaging the US Embassy on digital partnership.
      2. Possibly organize an ASEAN Cybersecurity conference
      3. This angle is likely better received by MPS and could be a good platform for the Council to intervene on LOCS
  7. Utilize upcoming engagement opportunities
    1. On the sideline of WEF ASEAN in Hanoi on Sep 11 – 13
      1. Potential meetings with MPS, MIC, other agencies
    2. On the sideline of UNGA in NY, week of Sep 24
      1. Submit talking points for USTR Lighthighzer and/or DOS Secy Pompeo to share with president Quang
      2. Dinner with President Quang and accopanying GOV officials, including MPS, on Sep 26 (details enclosed)
    3. Innovation seminars in the US for Prime Minister’s Advisory Team and GOV officials: Sep 28 – Oct 2 (details enclosed)
    4. Dinner dialogue with Cybersecurity Ministers in Singapore

Messaging Strategy:

  1. We should aim to delay the issuance of the implementing decree(s) and failing that, seek a period of transition of 1 – 2 years to give businesses enough time to adapt.
  2. Encourage GOV/MPS to narrow down scope of cybersecurity and critical infrastructure
  3. Narrow down type of data that needs to be stored locally
  4. Establish transparent procecedure for government’s requestion of information and action from businesses.
  5. More details in draft joint industry paper enclosed.