Proposing 5 cases where personal data is processed without subject’s consent

On February 7, the Government issued Resolution 13 approving the dossier to develop a Decree on Personal Data Protection.

Accordingly, the Government agrees to regulate that personal data is processed without the consent of the data subject in specific cases including: To protect the life and health of the data subject or others in an emergency situation. The personal data controller, the personal data processor, the personal data controller and processor, the third party is responsible for proving this case.

The processing of data by competent state agencies in the event of an emergency on national defense, national security, social order and safety, major disasters, or dangerous epidemics; when there is a risk of threatening security and national defense but not to the extent of declaring a state of emergency; to prevent and combat riots and terrorism, to prevent and combat crimes and violations of the law in accordance with the law.

Along with that are the following cases: The disclosure of personal data in accordance with the law; To fulfill the contractual obligations of the data subject with relevant agencies, organizations and individuals as prescribed by law; Serving the activities of State agencies as prescribed by specialized laws.

Also in the newly promulgated Resolution 13, the Government approved the content of the Government’s report, the report on the collection of opinions of the National Assembly Standing Committee and the draft content. Decree on the protection of personal data. At the same time, assigning the Minister of Public Security, authorized by the Prime Minister, on behalf of the Government to report and consult the National Assembly Standing Committee on the draft Decree on protection of personal data as prescribed in Clause 3. Article 19 of the Law on Promulgation of Legal Documents in 2015 (amended and supplemented in 2020).

According to the Government’s Report, the regulation of the processing of personal data without the consent of the data subject comes from a requirement to ensure compliance with international practices, when many countries have issued regulations on the protection of personal data have such content.

In addition, this is also to meet practical requirements, which should be regulated to ensure national defense, security and social order, fight against illegal activities, and ensure the operation of agencies. state agencies, socio-economic development; ensure human rights, citizens’ rights, ensure the rights of data subjects in case of incidents, without affecting citizens’ rights.

In addition, serving the implementation of the Party and State’s policies on e-Government and public administration, developing the application of population data, electronic identification and authentication, and national digital transformation. “Otherwise, regulations will affect and affect data sovereignty, national security, halt some socio-economic development activities, and create a number of legal gaps.”the Government’s report stated.

According to the Government’s report on the development of the Decree on Personal Data Protection, this Decree will be an important premise for research and development into the Personal Data Protection Law. (Illustration: Internet)

Developing and submitting to the Government a draft Decree on personal data protection is one of the tasks assigned by the Ministry of Public Security to preside over, in Resolution 17 dated March 7, 2019 of the Government on a number of tasks, solutions to develop e-Government in the period of 2019 – 2020, with a vision to 2025.

Referring to the necessity of developing and promulgating this Decree, the Government specified that it meets the requirements of protecting personal data rights; prevent acts of infringing personal data, affecting the rights and interests of individuals and organizations. Along with that, improving the responsibility of agencies, organizations and individuals for the processing of personal data.

The Personal Data Protection Decree is also an important premise for research and development into the Personal Data Protection Law.

According to experts, the situation of users’ personal data being bought, sold and leaked is common online while many violations of the law still lack handling regulations, showing the urgency of the need. regulations on the protection of personal data.

Last year alone, there were tens of millions of Vietnamese user data publicly sold. Talking to VietNamNet, an expert from NCS said that it is necessary to seriously care and closely protect user information.

Security experts recommend that, in order to limit information leakage, the participation of the whole society is needed. In particular, management agencies strengthen inspection, supervision and sanction. Owners of information systems that store user data need to ensure that the information system reaches level 3 or higher according to the 5-level information security guidance of the Ministry of Information and Communications. For individual users, minimize the provision of their information to non-essential services, providing only on secure addresses.

You are reading the article Proposing 5 cases where personal data is processed without subject’s consent
at – Source: – Read the original article here

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button