Policies and laws on the digital economy in several countries and lessons for Viet Nam

Abstract: The digital economy is increasingly becoming a key pillar in the development strategies of many countries, especially in the context of global digital transformation. The rapid advancement of digital technologies presents urgent demands for the improvement of legal frameworks and regulatory policies. This article analyzes the legal and policy approaches to the digital economy adopted by several prominent countries and regions, including the United States, the European Union, China, and Singapore. Based on this comparative analysis, the paper draws lessons and implications for Vietnam in building a sustainable legal ecosystem for the digital economy that ensures the legitimate rights and interests of stakeholders involved.

Keywords: digital economy, policy, law, digital transformation, Vietnam

1. Introduction

In the era of Industry 4.0, the digital economy is not merely a trend but has become an indispensable component of all modern economies and an important factor constituting global economic growth. According to a World Bank report (2021), the digital economy contributes approximately 15.5% of global GDP[1], and this share is increasing rapidly thanks to the development of big data, artificial intelligence, cloud computing, and digital platforms. In many countries, digital platforms, big data, artificial intelligence, and new business models such as fintech, e-commerce, and cross-border digital services are reshaping the entire ecosystem of production – consumption – public governance. This requires countries to continuously update and improve their policy and legal frameworks in order to effectively regulate the rapid and complex transformations of the digital space.

At the international level, models of digital economy governance are being implemented through different approaches, including the open market model (the United States), the data protection and digital rights model (the European Union), the centralized control model (China), and the flexible – innovation-oriented – supportive model (Singapore). Each model reflects a distinct approach, yet all aim to balance three major objectives: promoting innovation, protecting fairness, and ensuring digital sovereignty. The study, comparison, and analysis of these models are therefore essential in order to draw appropriate lessons for the formulation of national policies on the digital economy.

In Viet Nam, digital transformation has been identified as an important pillar in the national development strategy. Policy documents such as the National Digital Transformation Program[2], the Strategy for E-Government Development towards Digital Government for the 2021–2025 period, with orientations to 2030[3], the National Strategy for Digital Economy and Digital Society Development to 2025, with orientations to 2030[4], and the promulgation of the Law on Electronic Transactions 2023, the Law on Data 2024, the Law on Personal Data Protection 2025, etc., demonstrate the strong determination of the Party and the State in this regard. However, Viet Nam’s legal system on the digital economy is currently still in the formative stage, lacking coherence and failing to keep pace with the rapid development of technology. New legal issues such as data rights, consumer protection in the digital environment, cross-border platforms, and technology sandboxes still lack a solid legal basis in Viet Nam. In that context, studying international experience is necessary in order to develop an effective digital economy governance model, ensure a favorable legal environment for innovation, and at the same time protect the lawful rights and interests of citizens, enterprises, and the State.

Although there have been a number of studies on the digital economy and policies and laws on the digital economy in Viet Nam, several questions still remain unanswered, namely: (i) which policy and legal model on the digital economy should Viet Nam learn from in order to ensure compatibility with its characteristics and level of development? (ii) how can a legal system be built that both promotes innovation and ensures justice, safety, and digital citizens’ rights in the digital economy?

This article contributes to addressing the above questions by analyzing economic policies and laws of several typical countries and regions, including the United States, the European Union (EU), China, and Singapore, thereby drawing reference values for improving the digital economy institutional framework in Viet Nam.

The article employs comparative legal research methods and analysis of public policy orientations, combined with an assessment of international materials, policy documents, and legal instruments of selected representative countries. The study also draws on a number of academic data sources (OECD, EU, UNCTAD, etc.), as well as books and scientific articles by various scholars, and reports of several independent research institutions. In conducting this article, the authors used ChatGPT (March 2023 version) - a large language model developed by OpenAI—as an academic support tool, mainly for the following purposes: suggesting an initial structural framework for the article; searching for concepts, theories, and practical examples for reference; and proposing keywords, titles, and academic abstracts. However, the content of the article, including its arguments, analyses, and conclusions, has been developed, verified, and is fully the responsibility of the authors.

Following the introduction, Section 2 of the article presents and analyzes the concepts of the digital economy and law on the digital economy; Section 3 analyzes policy and legal experiences on the digital economy of several representative countries and regions; and Section 4 examines lessons of reference value and proposes recommendations for Viet Nam.

2. Concepts of the digital economy and law on the digital economy

2.1. Concept of the digital economy

The digital economy is a relatively new concept that remains under discussion in academic and public policy circles. According to the ITU, the digital economy is characterized by “online transactions and interactions – a virtual, paperless and cashless world”[5]. Another view holds that the digital economy is “the portion of economic output that is derived solely or primarily from digital technologies, with business models based on digital goods or services”[6].

From a general perspective, the digital economy encompasses such fields as: e-commerce; digital finance (fintech); information technology services and digital platforms; and data and digital assets. From a more specific perspective, Bukht and Heeks divide the digital economy into three layers: (i) the digital core (digital sector), which includes traditional ICT industries such as software, hardware, and network services; (ii) the digital economy, which comprises economic activities that use digital technologies as their operational foundation, such as e-commerce, fintech, artificial intelligence, and cloud services; and (iii) the digitalised economy, in which all sectors, including education, healthcare, transport, and public administration, incorporate digitalized components[7].

From the above classifications, it can be seen that the digital economy is not merely a new economic sector, but also a process of “restructuring the entire economy through digitalization”. This places a requirement on countries to establish a legal and policy system on the digital economy that is systemic, cross-sectoral, and adaptive.

2.2. Concept of law on the digital economy

Law on the digital economy may be understood as the body of legal norms governing economic relations arising in the digitalized environment, including both relations among private actors (enterprises, consumers) and relations between private actors and the State (management, regulation, and protection of rights).

Although there is as yet no unified official definition, scholars generally consider that law on the digital economy comprises regulations on: data governance and personal data protection; e-commerce and electronic contracts; anti-monopoly and control of digital platforms; digital taxation and financial obligations; and cybersecurity and information security.

From a more detailed perspective, law on the digital economy may be divided into the following groups of norms[8]:

- Law on electronic transactions and contracts: comprising provisions governing acts of exchange, sale and purchase, conclusion, and performance of obligations through electronic means;

- Law on data and personal information protection: comprising provisions on rights to data, obligations to protect information, and control over the sharing and storage of data;

- Competition law and anti-monopoly law in the digital space: comprising provisions regulating abuses of dominant positions by digital platforms and controlling economic concentration in the digital technology sector;

- Tax law in the digital economy: comprising provisions determining tax obligations of cross-border business entities without physical presence in the host country;

- Law regulating innovation: comprising provisions on sandboxes, fintech, artificial intelligence, blockchain, and other emerging technologies

Compared with the traditional legal system, law on the digital economy has the following notable characteristics:

First, high flexibility and adaptability

The digital economy evolves very rapidly; therefore, the law must incorporate flexible regulatory mechanisms (soft law), such as codes of conduct, technical guidelines, and industry standards - alongside hard law. For example, the EU has promulgated the Digital Services Act, which includes a range of soft-law–type provisions guiding enterprises in fulfilling intermediary obligations in digital economic activities[9].

Second, an interdisciplinary and cross-border nature

The digital economy blurs traditional boundaries among finance, telecommunications, commerce, and public governance, thereby requiring coordination among multiple state authorities. At the same time, the cross-national operations of digital platforms compel national laws to adapt to global standards and norms[10].

Third, balancing innovation and risk control

Law on the digital economy must simultaneously ensure two objectives: promoting innovation and creativity, and protecting consumers, privacy rights, and fair competition. This constitutes a central challenge in the formulation of digital economy policies and laws in all countries.

Fourth, redefining rights and obligations in the digital space

Traditional legal concepts such as “sovereignty”, “contract”, “consumer”, “property”, and “legal liability” need to be adjusted to fit the realities of the digital economy. For example, scholars have debated whether personal data can be regarded as an asset with economic value (Purtova, 2018)[11].

3. Policies and laws on the digital economy of certain representative countries and regions

3.1. Policies and laws on the digital economy of the United States

The United States is one of the world’s pioneering countries in the development of the digital economy, with a relatively comprehensive system of policies and laws aimed at promoting innovation and creativity, protecting data privacy, ensuring fair competition, and fostering the development of digital infrastructure. One of the fundamental characteristics of the United States’ policy and legal framework on the digital economy is that it does not establish a single overarching statute; instead, it is formed through a system of federal laws and state laws that regulate specific sectors and specific categories of risks arising in the digital environment[12].

Based on a review of relevant materials, United States law on the digital economy focuses on four main groups of legal relations. First, relations related to electronic transactions and consumer protection in the digital environment are regulated primarily through e-commerce regulations and the enforcement authority of agencies such as the Federal Trade Commission (FTC)[13]. Second, relations concerning data and privacy are regulated in a decentralized manner, through sector-specific federal statutes such as the Children’s Online Privacy Protection Act and state-level statutes such as consumer privacy protection laws, which aim to control the collection, processing, and use of personal data in the digital space[14]. Third, relations concerning competition and anti-monopoly in digital markets are regulated through the application and interpretation of traditional competition statutes, including the Sherman Antitrust Act 1890, the Clayton Antitrust Act 1914, and the Federal Trade Commission Act 1914[15]. Fourth, relations aimed at promoting development while managing risks arising from artificial intelligence are addressed through the Executive Order on the safe, secure, and trustworthy development and use of artificial intelligence[16], together with open data policies[17] designed to encourage enterprises, scholars, and individuals to exploit public data for innovation and creative activities.

Overall, policies and laws on the digital economy of the United States reflect a “market-led but government-shaped” approach. Although the United States does not establish a unified legal system in the manner of the European Union, it focuses on risk-based legal regulation, encourages competition and innovation, and strengthens the responsibilities of key actors. This approach has proven to be reasonable in practice, as evidenced by the United States’ leading role worldwide in the development of the digital economy.

3.2. Policies and laws on the digital economy of the European Union

The European Union is also one of the world’s pioneering actors in building a legal framework for the digital economy. With the vision of “Europe’s Digital Decade”[18], the EU has developed a comprehensive legal system aimed at creating a Digital Single Market, protecting the fundamental rights of consumers and citizens, while ensuring fair competition and promoting innovation. This legal system regulates the following basic groups of social relations. First, relations concerning digital services and platforms are governed by the Digital Services Act (DSA)[19] and the Digital Markets Act (DMA)[20], which seek to establish the legal responsibilities of online platforms, enhance transparency, protect consumers, and control abuses of dominant positions in digital markets. Second, relations concerning personal data protection and privacy are regulated in a unified manner by the General Data Protection Regulation (GDPR), which includes provisions requiring enterprises to obtain users’ explicit consent when collecting personal data, provide rights of access, rectification, and erasure of personal data, and impose fines of up to 4% of global turnover in case of violations[21]. Third, social relations concerning data governance and the protection of non-personal data are regulated through the Data Governance Act[22] and the Data Act[23], aiming to promote data sharing for the common good, expand access to data for enterprises and consumers, and create a foundation for data-driven competition and innovation. Fourth, relations related to the governance of artificial intelligence (AI) are regulated by the Artificial Intelligence Act, which adopts a risk-based approach to AI regulation: (i) unacceptable-risk AI systems (which are prohibited), such as real-time biometric surveillance in public spaces; (ii) high-risk AI systems, for example those used in finance, education, healthcare, and the judiciary, which are subject to requirements on transparency, conformity assessment, and supervision; and (iii) low-risk AI systems, such as chatbots and deepfakes, which are required only to meet transparency obligations[24].

In practice, the EU’s policies and laws on the digital economy as described above have created a “global standard” - known as the “Brussels Effect” - whereby global companies are compelled to adjust their practices to comply with EU regulations if they wish to access the EU market. This has enabled the EU to maintain a central role in shaping the ethical and legal foundations of the global digital economy. However, alongside these positive impacts, several challenges have emerged in the implementation of the EU’s digital economy policies and laws, including: the pace of legal adjustment sometimes lagging behind technological development; compliance burdens that may affect start-ups; and difficulties in competing with countries whose development models are based on more liberal data exploitation.

3.3. Policies and laws on the digital economy of China

China is one of the leading countries in promoting the development of the digital economy, regarding it as a strategic pillar for transforming the growth model and enhancing national competitiveness. Under the unified leadership of the Central Committee of the Communist Party of China and the State, China has built an increasingly comprehensive system of policies and laws to promote the digital economy, manage data, and strengthen control over large technology platforms.

The system of policies and laws on the digital economy focuses on regulating the following basic groups of issues. First, issues concerning strategic orientations for digital economy development are established through national-level initiatives and plans such as the strategy from “Internet Plus” to “Digital China”[25], which identifies the digital economy as a central driver of economic growth; the Big Data Development Action Plan[26]; and the New Generation Artificial Intelligence Development Plan[27]. Second, issues concerning data, privacy, and information security are regulated by a centralized and stringent legal framework, reflecting the view that data are a strategic resource linked to national sovereignty and positioning the State at the center of data governance. Representative laws regulating this group of issues include the Law on Personal Information Protection, which requires enterprises to obtain explicit consent from users for data collection, prohibits the cross-border transfer of personal data without approval from competent authorities, and imposes penalties of up to 5% of annual turnover or RMB 50 million in cases of serious violations[28]; as well as the Cybersecurity Law[29] and the Data Security Law[30], which require organizations to strictly manage network systems, classify data according to levels of national security risk, and apply corresponding protection measures. Third, issues related to the control of digital platforms are regulated through provisions such as requirements for technology platforms to disclose algorithmic principles when these have a significant impact on user behavior, as stipulated in the Regulation on the Administration of Algorithmic Recommendation Services for Internet Information Services[31]. Fourth, issues concerning the development of digital infrastructure and strategic technologies are regulated through initiatives such as the “East Data, West Computing” Project[32], which promotes a nationwide system of data centers and computing networks, and the strategy for piloting the digital renminbi (central bank digital currency) in 23 cities, reaching more than 260 million users by the end of April 2022[33].

From the above analysis, it can be observed that, unlike Western democracies, China’s digital economy policy reflects a “state-oriented – enterprise-dependent” model, pursuing a dual objective of promoting technological growth while ensuring state social control and national security. Deep state intervention in data governance and digital platform regulation in China contributes to stability of the digital economy and digital sovereignty, but also raises concerns regarding restrictions on privacy, freedom of information, and fair competition.

3.4. Policies and laws on the digital economy of Singapore

Singapore is a leading country in Southeast Asia in the development and implementation of policies and laws on the digital economy, with a vision that combines innovation, effective governance, and a flexible yet robust legal framework. The Government of Singapore identifies the digital economy as a central pillar of sustainable growth, contributing 17% of GDP in 2022[34], and as a decisive factor in national competitiveness in the context of technological globalization. Policies and laws on digital economy development in Singapore focus on regulating the following core groups of issues: First, strategic orientation for digital economy development has been and continues to be implemented on the basis of the National Digital Economy Strategy[35] and the Digital Connectivity Blueprint, with the target that the digital economy will contribute more than 50% of GDP by 2030[36]. Second, data, privacy, and cybersecurity are currently regulated by a relatively comprehensive legal system, with the building of digital trust as a central objective. Specifically, the Personal Data Protection Act requires enterprises wishing to collect and use personal data to obtain the consent of consumers; ensure transparency regarding the purposes of use; secure personal data; and allows for penalties of up to 10% of annual turnover or one million Singapore dollars, whichever is higher, for violations[37]. Singapore is also the first country in the ASEAN region to recognize and implement the Cross-Border Privacy Rules (APEC CBPR) certification framework[38], facilitating cross-border data flows while ensuring standards of privacy protection. In addition, the Cybersecurity Act establishes a supervisory framework for critical information infrastructure (CII) in sectors such as finance, energy, telecommunications, and healthcare; and requires service providers to conduct periodic risk assessments, prepare incident response plans, and report incidents within specified time limits[39]. Third, the policy and legal framework on artificial intelligence (AI), risk governance, and digital ethics is currently regulated through the AI Governance Framework, one of the world’s earliest guiding frameworks on ethics and accountability in AI development. This framework requires algorithmic transparency, accountability, avoidance of data bias, and adherence to technological ethics[40]. Fourth, the promotion of digital transformation in enterprises, digitalization policies in finance, and digital currency are advanced through targeted support programs and investment initiatives. Initiatives supporting digital transformation of small and medium-sized enterprises[41], together with the central role of the Monetary Authority of Singapore in fintech regulation, experimentation with digital currency[42], and digital assets through controlled regulatory sandboxes[43], have contributed to the formation of a dynamic and well-governed digital economy ecosystem for small and medium-sized enterprises.

The foregoing analyses show that Singapore’s policies and laws on the digital economy reflect a “market-oriented, principle-based regulation” approach, which is flexible yet stringent. This city-state regards digital trust, sustainable innovation, and global connectivity as three pillars of its digital future. Overall, Singapore’s policy and legal framework provides valuable reference points for developing countries worldwide in the process of improving their legal frameworks for the digital economy.

An examination of the legal frameworks on the digital economy in the United States, the European Union, China, and Singapore indicates that, although all aim to build and develop the digital economy, each country or region has adopted a distinct legal approach, reflecting differences in institutional structures, governance models, and development orientations. Nevertheless, across these four models, several common trends in digital economy legal frameworks have emerged, including an emphasis on the central role of data, risk-based regulatory approaches - particularly with respect to emerging technologies such as artificial intelligence (AI) - and the requirement to strike a balance between promoting innovation and safeguarding the lawful rights and interests of stakeholders, as well as ensuring sustainable development. These elements constitute an important basis for Viet Nam to consider, select, and adapt international experience in the process of refining its legal framework for the digital economy.

4. Reference values for improving Viet Nam's policies and laws on the digital economy

4.1. The current state of Viet Nam's policies and laws on the digital economy

In recent years, Viet Nam has identified the development of the digital economy as a strategic pillar for promoting rapid and sustainable growth. The National Digital Transformation Program to 2025, with a vision to 2030, approved by the Prime Minister, sets the targets that by 2025 the digital economy will account for approximately 20% of GDP and by 2030 approximately 30% of GDP [44].

In recent years, Viet Nam has gradually formed a legal framework governing relations arising in the digital economy through the promulgation and amendment of numerous legal instruments across different fields. Rather than adopting a single comprehensive law on the digital economy, Vietnamese law currently follows a multi-layered and sector-based approach, with fragmentation across fields. The main regulatory axes include electronic transactions, data, consumer protection, e-commerce, taxation, and regulatory sandbox mechanisms for innovation. The general legal foundation for digital economy activities is first established through the Law on Electronic Transactions 2023, which provides a legal basis for the establishment and performance of transactions in the digital environment. In addition, relations relating to e-commerce and business activities on digital platforms continue to be regulated by Decree No. 52/2013/ND-CP dated 16 May 2013 on E-commerce, as amended and supplemented by Decree No. 85/2021/ND-CP dated 25 September 2021. Notably, the promulgation of the Law on Protection of Consumers’ Rights 2023 has expanded the scope of regulation to the digital environment, recognizing the legal responsibilities of organizations and individuals conducting business on digital platforms, as well as mechanisms for consumer protection in digital transactions. With regard to data-related aspects in general and in the digital economy in particular, the Law on Data 2024 (effective from 1 July 2025), together with Decree No. 13/2023/ND-CP dated 17 April 2023 on Personal Data Protection and the adoption of the Law on Personal Data Protection 2025 (effective from 1 January 2026), demonstrates the efforts of competent state authorities to gradually improve the data governance framework in the digital economy. In addition, the National Assembly has adopted the Law on Digital Transformation, which devotes a separate section to regulating a number of general issues specific to the digital economy. Furthermore, the Law on Artificial Intelligence 2025, which has been adopted and will take effect from 1 March 2026, provides a legal basis for the research, development, provision, deployment, and use of artificial intelligence systems, as well as for controlling risks in the digital economy. Accordingly, as of the present time, Viet Nam’s legal framework on the digital economy has been established in a relatively comprehensive manner, gradually expanding its regulatory scope to newly emerging legal relations rather than being confined to traditional business models. At the same time, legal mechanisms to ensure the lawful rights and interests of relevant stakeholders in the digital economy, including the State, business organizations and individuals, and consumers, have also been established, with a view to ensuring a balance between promoting digital economic growth and sustainable development.

However, notwithstanding the achievements attained, Viet Nam’s legal framework on the digital economy still reveals a number of shortcomings that affect the effectiveness of regulation and its capacity to adapt to the rapid and complex development of the digital economy, while mechanisms for ensuring the lawful and legitimate rights and interests of relevant stakeholders have not yet ensured practical feasibility. These shortcomings fundamentally stem from the absence of a foundational legal framework on the digital economy capable of ensuring coherence, consistency, and sector-specificity in regulating related legal relations. Certain specific shortcomings of Viet Nam’s current legal framework on the digital economy are manifested across several aspects as follows:

First, at present, the legal framework on the digital economy in Viet Nam is still approached and regulated on a sector-by-sector basis; this also leads to a situation in which the legal system does not ensure coherence and consistency. Specifically, a number of issues are currently governed by multiple legal norms across different legal instruments, such as matters related to data, which are regulated in a scattered manner and from different perspectives in the Law on Electronic Transactions 2023, the Law on Data 2024, the Law on Personal Data Protection 2025, and others. The identification and classification of data are prescribed differently among these instruments, resulting in complexity and confusion in access, understanding, and implementation in practice[45]… In addition, legislation on data, personal data protection, and digital consumer protection has not been designed as a unified whole. The rights of digital consumers, the rights of data subjects, and the obligations of digital enterprises are currently provided for in multiple different legal instruments (the Law on Protection of Consumers’ Rights 2023, the Law on Data 2024, the Law on Personal Data Protection 2025, etc.), giving rise to the risk of overlap or gaps in protection mechanisms in disputes arising from the collection, processing, and exploitation of data on digital platforms. This demonstrates that Vietnamese law has not yet approached data and digital consumers as the central objects of regulation of the digital economy, similar to the rights-based approach adopted by many developed countries and regions.

The lack of coherence and consistency of the legal framework on the digital economy is also reflected in inconsistencies in legislative drafting techniques. For example, in addition to general provisions on administrative sanctions, criminal liability, and compensation for damages, the Law on Personal Data Protection 2025 also stipulates maximum monetary fines in administrative sanctions for certain acts related to personal data protection[46]. This is one of the few laws that provide relatively specific provisions on maximum monetary fines for violations. Previously, maximum monetary fines in various sectors were prescribed in the Law on Handling of Administrative Violations[47]. If such inconsistencies in legislative technique and regulatory approaches to the same issue continue to exist, this constitutes a limitation and shortcoming of the legal framework, potentially leading to difficulties in legal research and application by state authorities, as well as in access to and understanding of information by organizations and individuals.

Second, the legal framework on the digital economy in Viet Nam still presents limitations with respect to the sector-specific nature of regulation. Specifically, in recent years, aside from legal instruments regulating certain specific aspects of the digital economy, such as the Law on Protection of Consumers’ Rights and decrees on e-commerce, most other issues - such as electronic transactions, cybersecurity, data, and personal data protection - are still regulated in a scattered manner across multiple instruments and jointly with other areas of digital transformation, such as digital government and digital society. This also gives rise to certain difficulties for organizations and individuals in accessing, researching, and implementing the relevant regulations.

Third, the provisions related to the digital economy in the Law on Digital Transformation 2025 do not yet ensure sufficient breadth and comprehensiveness, nor are they capable of establishing a foundational “framework law” for the formation of a legal framework on the digital economy. Specifically, in addition to provisions on digital transformation in general - including the digital economy - such as principles and policies on digital transformation; national coordination of digital transformation; responsibilities of state authorities, organizations, and individuals; and measures to ensure digital transformation, the Law on Digital Transformation contains only four articles regulating certain specific issues of the digital economy, namely: development of the digital economy; policies on digital economy development for small and medium-sized enterprises, cooperatives, and household businesses; responsibilities of operators of digital systems and digital platforms; and statistics and reporting on the digital economy[48].

Fourth, although the legal framework on the digital economy has expanded its scope of regulation, a number of provisions remain difficult to ensure in practice. For example, this is evident in regulations related to controlling the use of consumers’ personal data. In current online commercial transactions, it is inevitable that consumers must provide sellers or service providers with certain basic personal information, such as full name, address, telephone number, date of birth, and biometric indicators. Moreover, as the number of transactions increases, consumers provide such personal information to an increasing number of business organizations and individuals. Consequently, when consumers’ personal information is unlawfully used, transferred, or traded, consumers find it very difficult to identify which business organization or individual committed such acts. The unlawful transfer and trading of personal data are currently widespread, as evidenced by the fact that business organizations and individuals with whom consumers have never had any contact nonetheless possess their contact information for advertising and product promotion, causing inconvenience to consumers. Even more seriously, such personal information and data are unlawfully used by certain organizations and individuals to commit fraud for the purpose of misappropriating property. Although the provisions of the Law on Protection of Consumers’ Rights 2023 and other regulations on consumer information protection are relatively specific, there are still no provisions that enable consumers to control the unlawful use, transfer, or trading of their personal information and data after such information has been provided to business organizations or individuals. This constitutes one of the major challenges in the development of the digital economy.

Fifth, at present, prohibited acts and sanctions applicable to violations are generally provided for in the laws governing each specific sector or are specifically regulated in the Criminal Code, the Law on Handling of Administrative Violations, and a number of decrees. However, from a comprehensive perspective, although provisions on prohibited acts have increasingly been identified, supplemented, and refined, regulations on enforcement measures and sanctions have not yet been promulgated in a timely manner. Many violations currently still lack specific provisions on handling, such as violations of the principles governing the development, provision, exploitation, and use of artificial intelligence by relevant entities as prescribed in the Law on Digital Technology Industry 2025[49]; the Law on Artificial Intelligence 2025; and specific violations related to personal data protection as stipulated in the Law on Personal Data Protection 2025.

Sixth, the current legal framework on the digital economy still contains certain “gaps” in regulating specific issues related to the control of unfair competition, abuse of dominant market position, and monopoly position in digital markets; as well as risk control and the supervision of goods and revenues of individuals conducting online business through social media platforms such as Zalo and Facebook. This is also one of the important areas in which Viet Nam may draw upon international experience in the process of further improving its legal framework on the digital economy.

4.2. International experience and reference value for Viet Nam

Based on the above analysis of policies and laws on the digital economy in the United States, the European Union, China, and Singapore, several sound experiences can be drawn that may be applied in Viet Nam, specifically as follows:

First, the experience of a number of countries shows that the core requirement of digital economy law does not lie in whether or not there exists a “comprehensive overarching statute”, but rather in the presence of a foundational and unified legal framework to ensure the coherence of the legal system. The European Union has built a “digital legal ecosystem” consisting of component laws that are mutually supportive and balanced, simultaneously promoting innovation and protecting human rights. Singapore, although regulating through principles and soft-law instruments, still maintains a consistent strategic framework and coordination mechanism. From this perspective, the lesson for Viet Nam is the need to establish a foundational framework (a Law on the Digital Economy or a separate chapter within the Law on Digital Transformation with a broader and more comprehensive scope of regulation than the current Law on Digital Transformation 2025) in order to standardize concepts, principles, mechanisms of cross-reference, and methods for resolving conflicts among sectoral laws; thereby addressing the situation of scattered, inconsistent, and insufficiently “specific” regulations governing activities in the digital economy.

Second, the legal framework on the digital economy in Viet Nam should be established following a rights-based approach, in which personal data and digital consumers are placed at the center. The EU clearly demonstrates this model through the GDPR and regulations strengthening platform responsibilities toward users; the United States, although lacking a comprehensive federal statute on personal data, operates under a risk-based approach, focusing on vulnerable groups and consumer protection under strong enforcement by the FTC; Singapore builds “digital trust” as a prerequisite for digital economic development. Given the current state of Vietnamese law, where the rights of digital consumers, the rights of data subjects, and the obligations of digital enterprises are still regulated in a fragmented manner, the lesson is the need to reorganize legal norms toward integration and consistency, thereby creating a basis for rights to be effectively exercised rather than merely recognized.

Third, the legal framework on the digital economy must ensure openness and flexibility, while at the same time maintaining strict control over data-related issues. This lesson is drawn from China’s experience in establishing its legal framework, where data are identified as a strategic resource and the regulation of the digital economy is closely linked to data sovereignty and risk-based governance mechanisms. China has built a centralized and stringent legal mechanism to classify data according to their level of impact on national security, strictly control cross-border data flows, and place the State at the center of data governance. Drawing on China’s experience, Viet Nam should study the establishment of a data-tiering mechanism; harmonize the determination of data concepts and classifications among the Law on Electronic Transactions 2023, the Law on Data 2024, the Law on Personal Data Protection 2025, and data sovereignty policies, in order to ensure national information security and protect consumers.

Fourth, experience from the European Union, the United States, and Singapore suggests that governance of new technologies, particularly artificial intelligence (AI), should be designed along a risk-based regulatory approach and combine hard law and soft law instruments. Alongside legal provisions concerning obligations of assessment, certification, and risk supervision, countries also place emphasis on issuing and applying policy tools, guidelines, and ethical frameworks, which function as “soft law” in regulation and orientation. Accordingly, in Viet Nam, it is necessary to promptly promulgate and further improving legal regulations governing aspects that remain “unaddressed”, particularly in relation to competition, taxation, and legal liability for violations, as analyzed above; at the same time, mechanisms for regulatory sandboxes and guidance-oriented rules should be promoted before being transformed into binding legal provisions.

In summary, Viet Nam is facing a significant opportunity to develop the digital economy as a national growth driver. However, to effectively seize this opportunity, it is necessary to soon complete the legal framework on the digital economy. To achieve this objective, Viet Nam should selectively learn from the experience of other countries as well as from certain international and regional organizations, in order to ensure that the law will: promote innovation; protect the rights and legitimate interests of citizens and enterprises; and enhance digital governance capacity, digital security, and fair competition. The inheritance of experience from the European Union, the United States, China, and Singapore, with appropriate adaptation to Vietnamese conditions, will constitute an important foundation for a sustainable, responsible, and deeply integrated digital economy in the coming period.

Conclusion

The digital economy is reshaping structures of production, consumption, and governance on a global scale, posing urgent requirements for the improvement of national policies and laws. Through analysis of the experience of several advanced digital economies such as the United States, the European Union, China, and Singapore, a common trend can be observed: the construction of a dynamic legal ecosystem that takes innovation as a driving force, while at the same time emphasizing personal data protection, fair competition, and the maintenance of digital trust.

For Viet Nam, the digital economy is gradually becoming a new growth driver; however, the existing policy and legal framework remains fragmented, lacks systemic coherence, and has not fully met the regulatory demands of complex digital business models. Therefore, the selective absorption of international experience is necessary in order to: form a comprehensive, coherent, and flexible legal framework; strengthen capacity for privacy and data protection; build a legal environment that encourages innovation and entrepreneurship; and consolidate the legal foundations for digital sovereignty and national cybersecurity.

The institutionalization of these orientations will not only contribute to Viet Nam’s deeper integration into the global digital space, but also ensure a responsible, inclusive, and sustainable digital economy.

REFERENCES

A. Research works

1. Alex He (2025), China ‘s changing approach to digital trade, https://www.cigionline.org/articles/chinas-changing-approach-to-digital-trade/, accessed on December 23, 2025.

2. China National Intellectual Property Administration (2015), China Issues Action Plan for Big Data Development, https://english.cnipa.gov.cn/art/2015/9/25/art_2706_165131.html, accessed on December 23, 2025.

3. Chinese State Council (2017), New Generation of Artificial Intelligence Development Plan, https://flia.org/wp-content/uploads/2017/07/A-New-Generation-of-Artificial-Intelligence-Development-Plan-1.pdf, accessed on December 23, 2025.

4. European Commission (2021), 2030 Digital Compass: the European way for the Digital Decade, https://openfuture.eu/wp-content/uploads/2022/04/210309digital_compass_communication.pdf, accessed on December 23, 2025.

5. Federal Trade Commission (FTC) (2022), Bringing Dark Patterns to Light, Staff Report, https://www.ftc.gov/system/files/ftc_gov/pdf/P214800%20Dark%20Patterns%20Report%209.14.2022%20-%20FINAL.pdf, accessed on December 23, 2025.

6. Huawei & Oxford Econonomics (2016), Digital Spillover: Measuring the true impact of the digital economy, https://www.huawei.com/minisite/gci/en/digital-spillover/files/gci_digital_spillover.pdf, accessed on March 11, 2025.

7. Infocomm Media Development Authority (2017), Helping SMEs in their Digital Journey through IMDA’s SMEs Go Digital, https://www.imda.gov.sg/-/media/imda/files/about/media-releases/2017/annex-a---fact-sheet---smes-go-digital.pdf, accessed on December 23, 2025.

8. Infocomm Media Development Authority (2018), Digital Economy Framework for Action, (2018), https://www.imda.gov.sg/-/media/imda/files/sg-digital/sgd-framework-for-action.pdf, accessed on December 23, 2025.

9. Infocomm Media Development Authority (2024), About Apec Cross Border Privacy Rules (CBPR), https://www.imda.gov.sg/how-we-can-help/cross-border-privacy-rules-certification, accessed on December 23, 2025.

10. ITU, Digital economy, https://www.itu.int/itu-d/reports/partner2connect-action-framework/2022/03/12/fa-3-digital-economy/, accessed on December 23, 2025.

11. Ministry of Digital Development and Information (MDDI) (2023), Singapo’s Digital Connectivity Blueprint, https://www.imda.gov.sg/-/media/imda/files/programme/digital-connectivity-blueprint/digital-connectivity-blueprint-report.pdf, accessed on December 23, 2025.

12. Ministry of Digital Development and Information (MDDI) (2025), Digital Economy: Learn more about MDDI’s role in developing Singapo’s Digital Economy, https://www.mddi.gov.sg/what-we-do/digital-development/digital-economy/, accessed on December 23, 2025.

13. Monetary Authority of Singapo (2021), Project Orchid, https://www.mas.gov.sg/schemes-and-initiatives/project-orchid, accessed on December 23, 2025.

14. Monetary Authority of Singapo (2021), Project Guardian - Open and Interoperable Networks, https://www.mas.gov.sg/-/media/mas-media-library/development/fintech/project-guardian/project-guardian-open-interoperable-network.pdf, accessed on December 23, 2025.

15. Nadezhda Purtova (2018), The law of everything. Broad concept of personal data and future of EU data protection law, Taylor & Francis online, https://www.tandfonline.com/doi/full/10.1080/17579961.2018.1452176#abstract, accessed on April 10, 2025.

16. OECD (2019), Going Digital: Shaping Policies, Improving Lives, https://www.oecd.org/content/dam/oecd/en/publications/reports/2019/03/going-digital-shaping-policies-improving-lives_g1g9f091/9789264312012-en.pdf, accessed on December 23, 2025.

17. Office of Management and Budget (2013), Open Data Policy-Managing Information as an Asset, https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2013/m-13-13.pdf, accessed on December 23, 2025.

18. Oriol Caudevilla (2022), Opinion - The Digital Yuan as a tool for Cross Border Payments, https://digital-euro-association.de/blog/opinion-the-digital-yuan-as-a-tool-for-cross-border-payments, accessed on December 23, 2025.

19. Rumana Bukht & Richard Heeks (2017), Defining, Conceptualising and Measuring the Digital Economy, https://diode.network/wp-content/uploads/2017/08/diwkppr68-diode.pdf, accessed on December 23, 2025.

20. The White House (2023), Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, https://bidenwhitehouse.archives.gov/briefing-room/presidential-actions/2023/10/30/executive-order-on-the-safe-secure-and-trustworthy-development-and-use-of-artificial-intelligence/, accessed on December 23, 2025.

21. UNCTAD (2019), Digital Economic Report 2019 - Value creation and capture: Implications for developing contries, https://unctad.org/system/files/official-document/der2019_en.pdf, accessed on December 23, 2025.

22. UNCTAD (2021), Digital Economy Report 2021: Cross-border data flows and development: For whom the data flow, https://unctad.org/system/files/official-document/der2021_overview_en_0.pdf, accessed on April 10, 2025.

23. Wan Peng, Dai Xiaoling (2022), "Eastern Data, Western Computing": Promoting the coordinated development of computing resources and boosting the development of the digital economy, http://theory.people.com.cn/n1/2022/0303/c40531d-32364429.html, accessed on December 23, 2025.

B. Legal normative documents and other documents

24. California (2018), California Consumer Privacy Act – CCPA, https://oag.ca.gov/privacy/ccpa, accessed on April 14, 2025.

25. Cyberspace Administration of China, Ministry of Industry and Information Technology, Ministry of Public Security, State Administration for Market Regulation (2021), Regulations on the Management of Internet Information Service Algorithm Recommendation, https://www.gov.cn/zhengce/zhengceku/2022-01/04/content_5666429.htm, accessed on December 23, 2025.

26. Parliament of Singapore (2012), Personal Data Protection Act, https://sso.agc.gov.sg/Act/PDPA2012, accessed on December 23, 2025.

27. Parliament of Singapore (2018), Cybersecurity Act, https://sso.agc.gov.sg/Acts-Supp/9-2018/Published/20180312?DocDate=20180312, accessed on December 23, 2025.

28. National Assembly (2012), Law on Handling of Administrative Violations (amended and supplemented)

29. National Assembly (2023), Law on Electronic Transactions

30. National Assembly (2024), Law on Data

31. National Assembly (2025), Law on Personal Data Protection

32. National Assembly (2025), Law on Digital Transformation

33. National Assembly (2025), Law on Digital Technology Industry

34. Singapore Personal Data Protection Commission (2020), Model Artificial Intelligent Governance Framework (Second Edition), https://www.pdpc.gov.sg/-/media/files/pdpc/pdf-files/resource-for-organisation/ai/sgmodelaigovframework2.pdf, truy cập ngày 23/12/2025

35. The European Parliament and The Council of The European Union (2016), General Data Protection Regulation (GDPR), https://eur-lex.europa.eu/eli/reg/2016/679/oj/eng, accessed on December 23, 2025.

36. The European Parliament and The Council of The European Union (2022), Digital Services Act, https://eur-lex.europa.eu/eli/reg/2022/2065/oj, accessed on December 23, 2025.

37. The European Parliament and The Council of The European Union (2022), Digital Markets Act, https://eur-lex.europa.eu/eli/reg/2022/2065/oj, accessed on December 23, 2025.

38. The European Parliament and The Council of The European Union (2022), Data Governance Act, https://eur-lex.europa.eu/eli/reg/2022/868/oj, accessed on December 23, 2025.

39. The European Parliament and The Council of The European Union (2023), Data Act, https://eur-lex.europa.eu/eli/reg/2023/2854/oj, accessed on December 23, 2025.

40. The European Parliament and The Council of The European Union (2024), Artificial Intelligent Act, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32024R1689, accessed on December 23, 2025.

41. The National People's Congress of The People's Republic of China (2021), Personal Information Protection Law (PIPL), http://en.npc.gov.cn.cdurl.cn/2021-12/29/c_694559.htm, accessed on December 23, 2025.

42. The National People's Congress of The People's Republic of China (2016), Cybersecurity Law, https://www.lawinfochina.com/Display.aspx?Id=22826&Lib=law&LookType=3, accessed on December 23, 2025.

43. The National People's Congress of The People's Republic of China (2021), Data Security Law, http://en.npc.gov.cn.cdurl.cn/2021-06/10/c_689311.htm, accessed on December 23, 2025.

44. Prime Minister (2020), Decision No. 749/QD-TTg dated June 3, 2020 approving the National Digital Transformation Program to 2025, with orientation to 2030

45. Prime Minister (2021), Decision No. 942/QD-TTg dated June 15, 2021 approving the Strategy for E-Government Development towards Digital Government for the 2021–2025 period, with orientation to 2030

46. Prime Minister (2022), Decision No. 411/QD-TTg dated March 31, 2022 approving the National Strategy for Digital Economy and Digital Society Development to 2025, with orientation to 2030

47. United States Congress (1890), Sherman Act, https://www.govinfo.gov/content/pkg/COMPS-3055/pdf/COMPS-3055.pdf, accessed on December 23, 2025.

48. United States Congress (1914), Clayton Antitrus Act, https://www.law.cornell.edu/wex/clayton_antitrust_act, accessed on December 23, 2025.

49. United States Congress (1914), Federal Trade Commission Act, https://www.govinfo.gov/content/pkg/COMPS-388/pdf/COMPS-388.pdf, accessed on December 23, 2025.

50. United States Congress (2018), Children’s Online Privacy Protection Act (COPPA), https://www.congress.gov/bill/105th-congress/senate-bill/2326, accessed on December 23, 2025.

[*] Prof. Dr, VNU University of Law – Vietnam National University, Hanoi. Email: giaovnu@gmail.com, approved date: December 31, 2025

[**] PhD Candidate, University of Law – Vietnam National University, Hanoi; Lecturer, University of Economics – The University of Da Nang. Email: minhlth@due.edu.vn

The article constitutes part of the research results of the PhD dissertation entitled: “Improving the legal framework for building Digital Government in Viet Nam".

[1] Huawei & Oxford Econonomics (2016), Digital Spillover: Measuring the true impact of the digital economy, https://www.huawei.com/minisite/gci/en/digital-spillover/files/gci_digital_spillover.pdf, accessed on March 11, 2025, p.2.

[2] Prime Minister (2020), Decision No. 749/QD-TTg dated June 3, 2020 approving the “National Digital Transformation Program to 2025, with orientation to 2030".

[3] Prime Minister (2021), Decision No. 942/QD-TTg dated June 15, 2021 approving the Strategy for E-Government Development towards Digital Government for the 2021–2025 period, with orientation to 2030.

[4] Prime Minister (2022), Decision No. 411/QD-TTg dated March 31, 2022 approving the National Strategy for Digital Economy and Digital Society Development to 2025, with orientation to 2030.

[5] ITU, Digital economy, https://www.itu.int/itu-d/reports/partner2connect-action-framework/2022/03/12/fa-3-digital-economy/, accessed on December 23, 2025.

[6] Rumana Bukht & Richard Heeks (2017), Defining, Conceptualising and Measuring the Digital Economy, https://diode.network/wp-content/uploads/2017/08/diwkppr68-diode.pdf, accessed on December 23, 2025, p.1

[7] Rumana Bukht & Richard Heeks (2017), tlđd, p.1

[8] OECD (2019), Going Digital: Shaping Policies, Improving Lives, https://www.oecd.org/content/dam/oecd/en/publications/reports/2019/03/going-digital-shaping-policies-improving-lives_g1g9f091/9789264312012-en.pdf, accessed on December 23, 2025.

UNCTAD (2019), Digital Economic Report 2019 - Value creation and capture: Implications for developing contries, https://unctad.org/system/files/official-document/der2019_en.pdf, accessed on December 23, 2025.

[9] The European Parliament and The Council of The European Union (2022), Digital Service Act, https://eur-lex.europa.eu/eli/reg/2022/2065/oj, accessed on December 23, 2025.

[10] UNCTAD (2021), Digital Economy Report 2021: Cross-border data flows and development: For whom the data flow, https://unctad.org/system/files/official-document/der2021_overview_en_0.pdf, accessed on April 10, 2025.

[11] Nadezhda Purtova (2018), The law of everything. Broad concept of personal data and future of EU data protection law, Taylor & Francis online, https://www.tandfonline.com/doi/full/10.1080/17579961.2018.1452176#abstract, accessed on April 10, 2025.

[12] OECD (2019), tlđd

UNCTAD (2019), tlđd

[13] Federal Trade Commission (FTC) (2022), Bringing Dark Patterns to Light, Staff Report, https://www.ftc.gov/system/files/ftc_gov/pdf/P214800%20Dark%20Patterns%20Report%209.14.2022%20-%20FINAL.pdf, accessed on December 23, 2025.

[14] United States Congress (2018), Children’s Online Privacy Protection Act (COPPA), https://www.congress.gov/bill/105th-congress/senate-bill/2326, accessed on December 23, 2025.

California (2018), California Consumer Privacy Act – CCPA, https://oag.ca.gov/privacy/ccpa, accessed on April 14, 2025.

[15] United States Congress (1890), Sherman Act, https://www.govinfo.gov/content/pkg/COMPS-3055/pdf/COMPS-3055.pdf, truy cập ngày 23/12/2025

United States Congress (1914), Clayton Antitrus Act, https://www.law.cornell.edu/wex/clayton_antitrust_act, accessed on December 23, 2025.

United States Congress (1914), Federal Trade Commission Act, https://www.govinfo.gov/content/pkg/COMPS-388/pdf/COMPS-388.pdf, accessed on December 23, 2025.

[16] The White House (2023), Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, https://bidenwhitehouse.archives.gov/briefing-room/presidential-actions/2023/10/30/executive-order-on-the-safe-secure-and-trustworthy-development-and-use-of-artificial-intelligence/, accessed on December 23, 2025.

[17] Office of Management and Budget (2013), Open Data Policy-Managing Information as an Asset, https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2013/m-13-13.pdf, accessed on December 23, 2025.

[18] European Commission (2021), 2030 Digital Compass: the European way for the Digital Decade, https://openfuture.eu/wp-content/uploads/2022/04/210309digital_compass_communication.pdf, accessed on December 23, 2025.

[19] The European Parliament and The Council of The European Union (2022), Digital Services Act, https://eur-lex.europa.eu/eli/reg/2022/2065/oj, accessed on December 23, 2025.

[20] The European Parliament and The Council of The European Union (2022), Digital Markets Act, https://eur-lex.europa.eu/eli/reg/2022/2065/oj, accessed on December 23, 2025.

[21] The European Parliament and The Council of The European Union (2016), General Data Protection Regulation (GDPR), https://eur-lex.europa.eu/eli/reg/2016/679/oj/eng, accessed on December 23, 2025.

[22] The European Parliament and The Council of The European Union (2022), Data Governance Act, https://eur-lex.europa.eu/eli/reg/2022/868/oj, accessed on December 23, 2025.

[23] The European Parliament and The Council of The European Union (2023), Data Act, https://eur-lex.europa.eu/eli/reg/2023/2854/oj, accessed on December 23, 2025.

[24] The European Parliament and The Council of The European Union (2024), Artificial Intelligent Act , https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32024R1689, accessed on December 23, 2025.

[25] Alex He (2025), China ‘s changing approach to digital trade, https://www.cigionline.org/articles/chinas-changing-approach-to-digital-trade/, accessed on December 23, 2025.

[26] China National Intellectual Property Administration (2015), China Issues Action Plan for Big Data Development, https://english.cnipa.gov.cn/art/2015/9/25/art_2706_165131.html, accessed on December 23, 2025.

[27] Chinese State Council (2017), New Generation of Artificial Intelligence Development Plan, https://flia.org/wp-content/uploads/2017/07/A-New-Generation-of-Artificial-Intelligence-Development-Plan-1.pdf, accessed on December 23, 2025.

[28] The National People's Congress of The People's Republic of China (2021), Personal Information Protection Law (PIPL), http://en.npc.gov.cn.cdurl.cn/2021-12/29/c_694559.htm, accessed on December 23, 2025.

[29] The National People's Congress of The People's Republic of China (2016), Cybersecurity Law, https://www.lawinfochina.com/Display.aspx?Id=22826&Lib=law&LookType=3, accessed on December 23, 2025.

[30] The National People's Congress of The People's Republic of China (2021), Data Security Law, http://en.npc.gov.cn.cdurl.cn/2021-06/10/c_689311.htm, accessed on December 23, 2025.

[31] Cyberspace Administration of China, Ministry of Industry and Information Technology, Ministry of Public Security, State Administration for Market Regulation (2021), Regulations on the Management of Internet Information Service Algorithm Recommendation, https://www.gov.cn/zhengce/zhengceku/2022-01/04/content_5666429.htm, accessed on December 23, 2025.

[32] Wan Peng, Dai Xiaoling (2022), "Eastern Data, Western Computing": Promoting the coordinated development of computing resources and boosting the development of the digital economy, http://theory.people.com.cn/n1/2022/0303/c40531d-32364429.html, accessed on December 23, 2025.

[33] Oriol Caudevilla (2022), Opinion - The Digital Yuan as a tool for Cross Border Payments, https://digital-euro-association.de/blog/opinion-the-digital-yuan-as-a-tool-for-cross-border-payments, accessed on December 23, 2025.

[34] Ministry of Digital Development and Information (MDDI) (2025), Digital Economy: Learn more about MDDI’s role in developing Singapore’s Digital Economy, https://www.mddi.gov.sg/what-we-do/digital-development/digital-economy/, accessed on December 23, 2025.

[35] Infocomm Media Development Authority (2018), Digital Economy Framework for Action, (2018), https://www.imda.gov.sg/-/media/imda/files/sg-digital/sgd-framework-for-action.pdf, accessed on December 23, 2025.

[36] Ministry of Digital Development and Information (MDDI) (2023), Singapo’s Digital Connectivity Blueprint, https://www.imda.gov.sg/-/media/imda/files/programme/digital-connectivity-blueprint/digital-connectivity-blueprint-report.pdf, accessed on December 23, 2025.

[37] Parliament of Singapore (2012), Personal Data Protection Act, https://sso.agc.gov.sg/Act/PDPA2012, accessed on December 23, 2025.

[38] Infocomm Media Development Authority (2024), About Apec Cross Border Privacy Rules (CBPR), https://www.imda.gov.sg/how-we-can-help/cross-border-privacy-rules-certification, accessed on December 23, 2025.

[39] Parliament of Singapore (2018), Cybersecurity Act, https://sso.agc.gov.sg/Acts-Supp/9-2018/Published/20180312?DocDate=20180312, accessed on December 23, 2025.

[40] Singapo Personal Data Protection Commission (2020), Model Artificial Intelligent Governance Framework (Second Edition), https://www.pdpc.gov.sg/-/media/files/pdpc/pdf-files/resource-for-organisation/ai/sgmodelaigovframework2.pdf, accessed on December 23, 2025.

[41] Infocomm Media Development Authority (2017), Helping SMEs in their Digital Journey through IMDA’s SMEs Go Digital, https://www.imda.gov.sg/-/media/imda/files/about/media-releases/2017/annex-a---fact-sheet---smes-go-digital.pdf, accessed on December 23, 2025.

[42] Monetary Authority of Singapo (2021), Project Orchid, https://www.mas.gov.sg/schemes-and-initiatives/project-orchid, accessed on December 23, 2025.

[43] Monetary Authority of Singapore (2021), Project Guardian - Open and Interoperable Networks, https://www.mas.gov.sg/-/media/mas-media-library/development/fintech/project-guardian/project-guardian-open-interoperable-network.pdf, accessed on December 23, 2025.

[44] Prime Minister of Viet Nam (2020), op. cit.

[45] National Assembly (2024), Law on Data 2024, Article 3.

National Assembly (2023), Law on Electronic Transactions 2023, Article 3.

[46] National Assembly (2025), Law on Personal Data Protection 2025, Article 8.

[47] National Assembly (2012), Law on Handling of Administrative Violations 2012 (as amended and supplemented), Article 24.

[48] National Assembly (2025), Law on Digital Transformation 2025.

[49] National Assembly (2025), Law on Digital Technology Industry 2025, Articles 41 and 45.