Electronic Transactions (E-Transactions) in Vietnam
As defined in the Electronic Transaction Law (the ET Law), electronic transaction or e-transaction means a transaction conducted by electronic means. Electronic means are means that operate on the basis of an electric, electronic, digital, magnetic, wireless, optical, electro-magnetic technology or similar technologies. Any transactions by electronic means in the form of data messages (information created, sent, received and stored by electronic means) in accordance with the ET Law will be deemed to be recognized as written transactions.
The ET Law provides, among others, general regulations on protection of data messages and the information confidentiality in e-transactions, particularly in the signing and performance of e-contracts using e-signatures.
In short, an e-signature is a signature created in the form of words, letters, numerals, symbols, sounds or other forms by electronic means, logically attached or associated with a data message, and capable of certifying the person who signs the data messages as well as the consent of such person to the content of the signed data. Being a subset of e-signatures, a digital signature is created by transforming a data message using an asymmetric cryptographic system, whereby the person obtaining the original data message and the public key of the signatory is able to determine correctly the following: (i) that the above-mentioned transformation is made with the correct private key corresponding to the public key in the same key pair, (ii) the integrity of the contents of the data message as from the time of making the abovementioned transformation. The management, provision and use of e-signature is regulated in the ET Law, while digital signature related issues are separately stipulated in Decree 130 dated 27 September 2018.
Information or content under the form of a data messages collected from the e-transactions will have the legal validity as the original if the content of such information or data message meets the conditions of integrity since its first creation, is accessible and usable in its complete form as needed. The contents of a data message shall be considered to have integrity when such contents remain unchanged since its first creation in the form of a complete data message, except for changes in their appearance arising out of the process of sending, storage or display of the data message. Data messages will have the legal validity as evidence as determined on the basis of the reliability of the method of creating, storing or transmitting the data message; the method of ensuring and maintaining the integrity of the data message; the method of identifying the creator and on other relevant elements.
Pursuant to Article 35 of the ET Law, when entering into an e-contract or e-transaction, the contractual parties or involved parties are allowed to agree on technical requirements, certification, conditions to ensure the integrity and confidentiality related to such e-contract, e-transaction (the “E-Transaction Certification Method”). Accordingly, unless otherwise provided for by law, they can agree to use whatever E-Transaction Certification Method for certifying their acceptance/approval to the data message in question including e-signatures, digital signatures, or any other agreed methods provided that information or data messages collected from such e-transaction adequately meets the conditions to be recognized as discussed above, i.e., integrity, accessibility and usability of the contents of a data message collected from e-transactions since its creation in the form of a complete data message.
Some common E-Transaction Certification Methods currently in use include a digital signature provided by a licensed digital signature certification service provider, and the mechanisms agreed by the parties to express their consent to e-transactions such as online functions on the website, e-mail, messages, or other methods, etc. While a digital signature, a valid E-Transaction Certification Method, is provided for and is ensured by a third party service provider in accordance with the laws of Vietnam. The other E-Transaction Certification Methods will ensure the validity of the related e-transactions in accordance with the ET Law by legal entities applying the certification method / mechanism without any further licenses required and they must prove the validity of such e-transaction themselves.
As per Articles 21 and 22 of the ET Law, an e-signature shall be created in the form of words, script, numerals, symbols, sounds or in other forms by electronic means, logically attached or associated with a data message and shall be capable of certifying the person who has signed the data message and certifying the approval by such person with respect to the content of the signed data message. It may be certified by an organization providing e-signature certification services.
An e-signature shall be deemed to have been secured if such e-signature is certified an organization providing e-signature certification services. or satisfies all of following 4 conditions:
- The data creating the e-signature solely attaches to the signatory in the context in which such data is used;
- The data creating the e-signature is only under the control of the signatory at the time of signing;
- All changes in the e-signature after the time of signing are detectable; and
- All changes in the contents of the data message after the time of signing are detectable.
As per Article 3.6 of Decree 130, a digital signature means a form of e-signature created by transforming a data message using an asymmetric cryptographic system, whereby the person obtaining the original data message and the public key of the signatory is able to determine correctly the following:
- That the above-mentioned transformation is made with the correct private key corresponding to the public key in the same key pair; and
- The integrity of the contents of the data message as from the time of making the above mentioned transformation.
In practice of dispute resolution in the courts of Vietnam, the court accepts the evidence in the form of a data message. Except for the case of using digital signatures to certify the validity of an e-transaction, the involved parties submitting the evidence in the form of a data message will be obliged to prove that the content of such data message is integral, accessible. and usable, i.e.: the court will consider and examine the value of this type of evidence on the basis of the written statement for recording the entire contents of data message sent via electronic means made by the bailiff (“Thừa phát lại” in Vietnamese) in accordance with the prevailing laws.