Vietnamese lawmakers vote on the cybersecurity law in Hanoi on Tuesday. Photo by VnExpress/Hoang Phong

Vietnam’s main legislative body, the National Assembly, has passed a law on cybersecurity that would require digital businesses like Facebook and Google to store the data of Vietnamese users in Vietnam.

423 members of parliament, accounting for 86 percent of those present, voted in favor of the law. 15 MPs voted against it and 28 abstained.

The new cybersecurity law bans internet users from organizing, encouraging or training other people for anti-state purposes.

They are not allowed to distort history, negate the nation’s revolutionary achievements, undermine national solidarity, offend religions and discriminate on the basis of gender and race.

The law also prohibits the spreading of incorrect information which causes confusion among people, damages socio-economic activities, creates difficulties for authorities and those performing their duty, violates the legal rights and benefits of other organizations and individuals.

Businesses will have to provide users’ data to the Ministry of Public Security upon receipt of requests in writing, in cases where any infringement of the cybersecurity law is being investigated.

Foreign businesses will have to open a representative office in Vietnam and the government will decide the duration for which such businesses must store users’ data in Vietnamese territory.

The cybersecurity law, which has been discussed by Vietnamese legislators since October last year, had raised concerns of MPs and experts that the country would end up violating its commitments as a member of the World Trade Organization, and as a signatory to the E.U.-Vietnam Free Trade Agreement and the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP).

There are exceptions

However, these concerns were dismissed before the vote on cybersecurity law on Tuesday by Vo Trong Viet, chairman of the National Security and Defense Committee of Vietnam’s main legislative body National Assembly.

There are exceptions concerning cybersecurity in WTO agreements, specifically the General Agreement on Tariffs and Trade (GATT) and General Agreement on Trade in Services (GATS), as well as in the CPTPP, Viet said.

He said it was necessary that Vietnam applies these exceptions in the cybersecurity law in order to protect the benefits of its people and ensure national security.

There are now over 18 members of the WTO, including Australia, Canada, Germany, France and the U.S. who require firms to store users’ data within the country’s territory, Viet said.

Under the new law, Google and Facebook, which are storing Vietnamese users’ data in their servers in Hong Kong and Singapore, will have to move their virtual servers to Vietnam and open a data center in the country.

This is “completely possible,” Viet said.

Opening data storage centers in Vietnam will increase the costs for these businesses, but this is a necessary to ensure cyber security in the country, he added.

As he’d done repeatedly on Monday, the chairman urged that all proposals in the bill are kept unchanged.

The new cybersecurity law will take effect in 2019.