Ho Chi Minh City, June 2 – The German Business Association (GBA) successfully hosted its Monthly Business Meeting at the Renaissance Riverside Hotel Saigon, gathering over 50 members and guests to explore a defining shift in Vietnam’s digital future, the introduction of its first comprehensive Law on Data.
Chaired by GBA Board Member Dr. Oliver Massmann, the session unpacked the key legal frameworks, Decree 13/2023/ND-CP and the upcoming Personal Data Protection Law, and their far-reaching implications for international businesses operating in Vietnam. These laws mark a crucial step toward strengthening consumer data rights, but also bring new responsibilities for companies navigating compliance in an increasingly regulated digital environment.
The GBA extends its sincere gratitude to the speakers and panelists for their expert insights:
- Dr. Oliver Massmann, General Director of Duane Morris LLP Vietnam opened the discussion with a strong call for public-private dialogue, emphasizing the need for legal clarity and balanced compliance mechanisms to protect digital consumers without risking innovation. The new Data Law marks a significant change in Vietnam’s digital governance. While essential for protecting consumer rights in the digital age, it also places considerable pressure on businesses.
- Mr. Hoang Ha, Founder & CEO of Data Protectify, emphasized major challenges such as cross-border data transfers, revenue-based sanctions, and the need for businesses to adapt global compliance frameworks to local laws, while also recommending conducting risk assessments and implementing layered governance models.
- Ms. Arianne Jimenez, APAC Head of Data Policy & Privacy of Meta, highlighted three main concerns: the classification of important data leading to complex compliance requirements, the broad scope of government access to company data, and incident notification obligations without specific risk thresholds. She also pointed out that the Personal Data Protection Law currently relies too heavily on explicit consent, lacks cross-border transfer mechanisms, and offers no reasonable limitations on data subject rights, marking major differences from the GDPR. Her insights aim to help businesses raise awareness and better prepare for compliance with the new laws.
- Mr. Vu Tai Luong, Project Director – Data Governance at FPT Telecom, added that transparency from the Vietnamese government in handling data access is crucial for building trust, noting that while international agreements may offer some level of protection, several large corporations have already raised concerns about data localization requirements.
- Mr. André de Jong, Managing Director of Bosch Vietnam, shared how multinational corporations are adapting data strategies and recommended that the government consolidate and streamline into a single law instead of having multiple overlapping laws and decrees.
This meeting reinforced a key message: data compliance is not just a legal necessity, it’s a business imperative. With Vietnam positioning itself as a key digital player in Southeast Asia, responsible data governance will be essential to building a trusted and innovation-friendly environment for both local and international investors.
Photos from the event are available here
Stay tuned for future GBA events as we continue to support our members with timely insights on Vietnam’s evolving regulatory landscape.
