The Law on E-Transactions from 2006 requires an upgrade. Nguyen Hung Quang and Tu Thi Phuong Uyen from NHQuang & Associates look at the detail of a draft amendment in the works to closing current legislative gaps.
The Law on E-Transactions that came into effect in 2006 governs technical and specific issues arising in the electronic environment, and closely follows the United Nations’ model law on electronic commerce.
However, in the context of Industry 4.0 and the strong boom in e-transaction demand, including civil transactions and transactions between the state and citizens, the law has revealed certain limitations.
In order to meet the practical requirements of socioeconomic development and ensure consistency with relevant legal provisions, the draft amended law now developed by the government aims to overcome the mentioned shortcomings and also sets out remarkable orientations for development.
To ensure legal validity, reliability, and security of data messages, the draft law is proposed to amend and supplement several issues.
First is supplementing electronic certificates and electronic contracts as one among representation forms of data messages. At the same time, it will stipulate that data messages can be created and generated during the transaction process or digitised from hard copies.
Secondly, supplementing the basis for determining the legal validity of data messages will include reliability of the manner in which data messages are generated, stored or transmitted; the manner to identify the originator, sender, and receiver of data messages; reliability of the manner for network information security assurance and non-repudiation of data messages; and possibility to access and use contents of data message in complete form as needed.
Next, supplementing regulations on digital transformation will replace physical storage of documents, vouchers, records, dossiers, or information with digitised data messages.
Fourth involves supplementing regulations on conversion of forms between hard copies and data messages, which must ensure the conditions on implementation subjects, information of individuals and organisations experiencing transformation, and signature (stamped) as required.
Finally, regulations will be supplemented on concept, classification, legal validity and use of e-certificates. Accordingly, an e-certificate is a data message issued by an agency, organisation, or individual, in which the information is used as a result of administrative settlement procedures, permits, diplomas, certificates, valuable papers, written approvals, or other confirmations in electronic form. These include non-transferable and transferable e-certificates.
The legal validity of information contained in an electronic certificate will not be rejected simply because it is presented in the form of an e-certificate.
While the current law just addresses the legal validity of data messages to facilitate the transformation from traditional transactions to an electronic environment without clarifying the regulations on secure data messages, the draft law now proposes to detail such regulations, ensuring the integrity and non-repudiation of data messages, assuring legal validity for enforcement, and creating a basis for establishing secure e-transactions in the network environment.
Legal validity of e-signatures
Pursuant to the Law on E-Transactions, an e-signature is legally valid once it satisfies two conditions. The first is that the method of creating the e-signature allows the identification of the signatory and indicates his/her approval of the data message contents.
The second is that such a method is sufficiently reliable and appropriate for the purpose for which the data message is created and sent. This regulation has not specifically stipulated secure signatures, measures, and standards to ensure secure e-signatures.
In addition, the law has not yet addressed the types, legal validity, or use and recognition of foreign e-signatures, thus creating barriers in determining the legal validity of e-signatures to apply in international transactions and making it difficult to deal with disputed ones.
To overcome that, it is expected that several provisions shall be supplemented to the draft law.
The first is identifying types of e-signatures, including exclusive e-signatures with specific conditions; and digital signatures, including public digital signatures and government-dedicated digital signatures.
The second is regulations on the legal validity of e-signatures for each circumstance. For instance, when the law requires a document to have a signature, it will depend on each type of data message prescribed by law. Where the law requires a document to be certified by a relevant organisation, the data message will be deemed satisfactory if it is signed by the digital signature of that agency or organisation.
Thirdly, a foreign e-signature is recognised in Vietnam when: (i) it has the same level of security as an e-signature and an e-signature certificate under Vietnamese laws, international standards or treaties to which Vietnam is a member; (ii) it is formed based on fully authenticated identity information; (iii) the e-certificate issuer is legally established and operating in the country of registration; (iv) it has been verified to meet equivalent standards and technical regulations on e-signatures to those in Vietnam; (v) it is connected to the national electronic authentication organisation’s system; and (vi) the user of such signature is a foreign organisation or individual not being present in Vietnam.
It is found that several regulations are being proposed to promote efficient application of e-signatures in practice and improve safety conditions for e-transactions and digital transformation in the near future. In particular, the recognition and use of foreign e-signatures will contribute to solving problems from 15 years ago and its guiding documents in activities related to tax and customs administrative procedures, as well as in the banking sector.
Trust and info services
Trust services have an important role to play in electronic transaction activities today. A provider of a trust service is an entity entrusted by the parties to perform activities related to certifying the reliability of related documents and operations during the e-transaction process.
However, trust services and related issues have not been regulated in the current law, resulting in the lack of a legal framework governing e-transactions, and affecting the assurance of e-transactions’ legal validity. Therefore, the draft law has added new regulations on trust services to overcome technical weaknesses in the law, making e-transaction activities more professional in line with practical requirements.
Trust services proposed in the draft law include time-stamping services, data message authentication services, and a digital signature service. To provide trust services, a service business licence issued by the state is requested (namely the Ministry of Information and Communications as proposed in the draft law). The proposed term of the trusted service business licence is 10 years.
The Law on Cybersecurity and the Law on Cyberinformation Security both address the information systems serving electronic transactions. The draft law may supplement the regulations related to electronic trading accounts and their reliability and responsibilities of the units managing information systems and supervision responsibilities of state agencies.
These proposed regulations may impact the enterprises managing digital platforms with the monthly number of subscribers in Vietnam of one million or more, or the monthly number of visitors of 10 million or more over six consecutive months. In addition to all that, which directly relates to the business of Vietnamese enterprises and foreign investors, the draft law also sets forth several regulations on electronic transactions of state agencies to promote digital transformation in Vietnam, especially the development of a digital government, economy, and society.
It is expected that the amended Law on E-Transactions will contribute to boosting Vietnam’s integration into the global economy and the development of a digital economy and society. This law will also bring about lots of business and investment opportunities for both Vietnamese enterprises and foreign investors.
At the same time, the law will create a fair competitive environment among enterprises applying electronic methods in transactions with enterprises preserving traditional methods, generating various cooperation opportunities between domestic and foreign enterprises in providing cross-border services, and protecting the legitimate rights and interests of consumers.
The article is published on Vietnam Investment Review (VIR) dated July 27, 2022.