On 11 December 2025, the Digital Transformation Law No. 148/2025/QH15 (the “DT Law”) was passed by the National Assembly and will officially take effect on 1 July 2026. Replacing the 2006 Law on Information Technology, the DT Law represents a significant milestone in completing Vietnam’s legal framework governing digital transformation.
Comprising 8 chapters and 48 articles, the DT Law establishes a set of fundamental and comprehensive provisions, forming an interdisciplinary legal framework to ensure a unified approach to the organization and coordination of digital transformation activities nationwide. In this special alert, we would like to highlight several key and notable aspects of the DT Law.
Scope of regulation and subjects of application
The DT Law stipulates the principles and policies on digital transformation, national coordination of digital transformation, and measures to ensure its implementation, as well as provisions on digital government, the digital economy, and digital society. In addition, it defines the responsibilities of agencies, organizations, and individuals in the digital transformation process. Notably, the scope of the DT Law extends across a wide range of specialized sectors, including data, electronic transactions, cybersecurity, telecommunications, artificial intelligence, and other relevant regulated fields.
The DT Law applies to all domestic and foreign agencies, organizations, and individuals that directly participate in, or are otherwise involved in, digital transformation activities in Vietnam.
New definitions
For the first time, the DT Law defines and standardizes several foundational concepts with important guiding values. A proper understanding of these concepts is essential for monitoring and assessing the legal obligations imposed under the DT Law as well as relevant sector-specific regulations.
First, “digital transformation” is defined as the process of transforming operational methods, governance structures, and service delivery models based on digital technologies, digital data, digital systems, digital platforms, and digital processes, with a view to creating new value, efficiency, and transparency. Importantly, this concept is not limited to the mere digitization of data or processes, but rather encompasses a systemic shift in how state authorities, enterprises, and other organizations operate.
Second, “digital infrastructure” is defined as a set of technical systems, connectivity, computing, storage, and other digital technology components that enable activities in the digital environment, including telecommunications infrastructure, data center infrastructure, cloud computing infrastructure, and transmission infrastructure for machine-to-machine connectivity.
Third, a “digital system” is defined as an advanced form of information system comprising digital technology components, digital data, digital platforms, software, hardware, algorithms, processing models, and connected devices, which are organized to create, process, store, connect, and operate digital services or digital processes, including real-time operational systems.
Fourth, a “digital platform” refers to an information system designed to create a digital environment that enables parties to conduct transactions or to provide and use products and services, as well as to support the development of products and services.
Finally, the “digital environment” is defined as the space for activities, interactions, transactions, and service provision that is formed and operated through digital infrastructure, public digital infrastructure, digital systems, digital platforms, and digital data.
Prohibited acts in digital transformation activities
The DT Law regulates a number of prohibited acts in order to ensure that digital transformation is implemented in a safe, sound, and public-interest-oriented manner. These prohibited acts may be broadly categorized as follows:
- Acts that obstruct or sabotage digital transformation activities, or that disrupt, suspend, or compromise the safety and security of digital systems of agencies, organizations, or individuals.
- Unauthorized access to, interference with, distortion, disabling of, or damage to digital systems, digital data, digital platforms, and digital services.
- The collection, use, sharing, trading, or exploitation of digital data in violation of applicable laws and regulations.
- Abuse of digital transformation for the purposes of fraud, manipulation, unlawful gain, or infringement of the lawful rights and interests of agencies, organizations, or individuals.
- Abuse of positions, powers, or official duties to create obstacles, discrimination, monopolies, market segmentation, or restrictions on competition in the development, operation, and exploitation of digital systems.
Scope of digital transformation activities
Under the DT Law, digital transformation activities comprise the following key categories:
- The formulation, issuance, and implementation of strategies, policies, standards, architectures, and mechanisms for the management, supervision, and assessment of the effectiveness of digital transformation.
- The development, integration, operation, and maintenance of digital infrastructure, digital platforms, information systems, software, and databases.
- The governance, exploitation, sharing, opening, and protection of data in accordance with data-related laws and regulations.
- The digitization of information and processes; the restructuring of governance models and operational methods; and the development of online public services, digital services, and digital twins.
- The assurance of cybersecurity and data security throughout the entire lifecycle of the design, deployment, and operation of digital systems.
- Research, testing, piloting, and deployment of new digital transformation products, services, and models, including controlled testing mechanisms (sandbox).
- Training, development, and broad-based dissemination of digital skills and capabilities.
- Communication and dissemination of policies and laws, as well as support for organizations and individuals in accessing and participating in the digital environment.
- The engagement, procurement, exploitation, and use of experts, infrastructure, platforms, products, and digital technology services for digital transformation purposes.
In addition to the activities outlined above, the Government is empowered to determine and introduce other digital transformation activities as necessary, depending on socio-economic development needs at each stage.
Principles of digital transformation
The principles governing the implementation of digital transformation activities are specifically provided in Article 6 of the DT Law. Accordingly, digital transformation is positioned as a process that promotes innovation, adopts a user-centric approach, and aims to enhance service quality while creating new value for state authorities, organizations, enterprises, and individuals.
In parallel with innovation objectives, the DT Law places particular emphasis on data as a core resource in digital transformation. The strengthening of data connectivity, sharing, and reuse—together with the principle of “once-only data declaration by default”—reflects the legislative intent to reduce administrative burdens, avoid duplication, and improve management efficiency as well as data-driven decision-making capacity. Nevertheless, the exploitation and use of data must always be accompanied by robust requirements for cybersecurity, data protection, and privacy safeguards.
The DT Law also acknowledges the dynamic nature of technological development, thereby allowing digital transformation to be implemented flexibly and adaptively, while encouraging the testing and adoption of new models and technologies tailored to the specific characteristics of each sector. At the same time, principles of inclusiveness, transparency, and accountability are emphasized to ensure that digital transformation does not create barriers to access, nor undermine oversight and accountability in technology-driven decision-making.
It is noteworthy that, while compliance with digital transformation principles is mandatory for state authorities, the DT Law encourages non-state organizations and enterprises to proactively apply these principles in their own operations.
Principles of digital system architecture and design
Digital systems are required to be designed based on digital platforms and shared components, ensuring scalability, interoperability, and reusability, while effectively leveraging cloud computing infrastructure and other technologies that enable flexible, secure, and cost-efficient operations. Connectivity, data sharing, and interoperability among systems must be incorporated from the design stage, based on open standards, open architectures, and standardized application programming interfaces (APIs).
The principles governing digital system architecture and design share several core elements with the general principles of digital transformation, including:
- A data-centric and user-centric approach;
- The assurance of cybersecurity and data protection;
- Flexibility, ease of upgrade, and adaptability, with encouragement to adopt modular architectures, independently deployable components, and appropriate new technologies; and
- Mandatory compliance by state authorities with the digital system architecture and design principles set out in the DT Law, while non-state organizations and enterprises are encouraged to apply these principles in their own systems.
In addition, the DT Law prescribes 07 minimum requirements for digital systems, which are mandatorily applicable to information systems, digital platforms, databases, and digital services of state authorities, as well as to digital systems serving public interests, essential digital services, and digital systems of organizations and enterprises authorized by state authorities to provide public services. These minimum requirements are encouraged to be applied by other organizations and enterprises, subject to their capabilities and operational needs.
Controlled regulatory sandbox mechanism
A notable highlight of the DT Law is the introduction of a controlled regulatory sandbox mechanism for new digital products, services, models, and solutions in digital transformation. Pilot development under this mechanism includes the development and trial operation of digital systems, digital platforms, and digital services that are not yet available on the market, as well as unprecedented projects implemented within a limited scope, for the purpose of evaluating effectiveness before the State formally proceeds with procurement, leasing, or investment decisions. This mechanism is expected to foster innovation while creating opportunities for enterprises to participate in the national digital transformation process.
Financing for digital transformation
The State ensures annual budgetary allocations for digital transformation activities at a minimum level of 1% of total state budget expenditures for science, technology, innovation, and digital transformation. This ratio may be gradually increased in line with development needs to implement the policies and orientations of the State in each period.
Detailed regulations on the management of funds, investment, procurement, service leasing, and specific mechanisms applicable to pilot development projects using state budget funds will be further prescribed by the Government in forthcoming implementing regulations.
Digital Government
The DT Law defines digital Government as a model for organizing and operating state authorities’ activities in the digital environment, based on digital data, digital infrastructure, public digital infrastructure, digital systems, and digital platforms, with a view to enabling timely decision-making, effective governance, transparency, and seamless connectivity and interoperability with organizations, enterprises, and individuals. Digital Government plays a pivotal role in administrative reform, particularly through the provision of online public services via the National Public Service Portal, with a strategic emphasis on end-to-end online public service delivery as the primary mode. At the same time, administrative and operational processes are required to be reviewed, standardized, and restructured prior to digitization, and agencies may not require organizations or individuals to resubmit valid digital information or data that has already been provided.
The quality of online public services is subject to real-time monitoring and measurement mechanisms, coupled with obligations to publicly disclose service quality commitments, feedback mechanisms, and improvement outcomes. In parallel, the DT Law places strong emphasis on universal accessibility, requiring state authorities to proactively ensure that online public services are accessible to vulnerable groups and to regularly conduct self-assessments of service coverage, thereby reinforcing public adoption and use of digital services across society.
Digital economy
The development of the digital economy is identified as a core and breakthrough task in Vietnam’s socio-economic development strategy, with the objective of promoting rapid, sustainable, and inclusive growth based on digital systems, digital platforms, digital technologies, and digital data. In this context, enterprises are positioned at the center and serve as the primary drivers in the adoption and development of digital technologies. The new legal framework provides significant policy space to support enterprises—particularly small and medium-sized enterprises, cooperatives, and household businesses—through financial assistance and other forms of support.
Digital Society
Under the DT Law, the development of a digital society aims to ensure that all individuals, especially vulnerable groups, have the opportunity to access and benefit from digital services in a safe, equitable, and effective manner. At the same time, digital society development is closely linked to the protection of personal data, cybersecurity, and the promotion of responsible digital culture and behavior in the digital environment.
The DT Law further affirms that human rights and citizens’ rights are recognized, respected, and protected, and must not be denied solely because they are exercised in the digital environment. Accordingly, the State bears responsibility for proactively narrowing the digital divide, protecting children, supporting the elderly and persons with disabilities, and fostering a healthy and sustainable digital culture.
Socio-Economic Impact of the DT Law
The DT Law aims to foster the development of a digital society in which human rights and citizens’ rights are safeguarded, and individuals are ensured equal access to digital services and online public services in a fast, streamlined, and efficient manner. The restructuring of administrative procedures and the deployment of end-to-end online public services represent core instruments of Digital Government, thereby simplifying processes and reducing compliance costs for citizens. In addition, through the establishment of a legal foundation for the formation and development of a data-driven economy based on digital systems and digital platforms, the DT Law is expected to enhance productivity and strengthen national competitiveness overall, while also generating tangible benefits for individuals, organizations, and enterprises.
