PROTECT PERSONAL DATA WHEN USING NON-STOP ELECTRONIC TOLL COLLECTION

1. Legal basis 

• Decision no. 19/2020/QD-TTG
• Circular no. 45/2021/TT-BGTVT on operation of toll booths

2. Protect personal data when using non-stop electronic toll collection

1. Principle of protecting personal data when using ETC 

According to Clause 4, Article 4 of Decision 19, when implementing non-stop road toll collection, the implementing agencies must “ensure the user’s information security, except for information to be provided under a decision of the Competent Authority as prescribed by law”

ETC is directly related to personal information such as bank accounts, license plates, information related to account holders and vehicle owners, and this information can cause harm  to the data subject if exposed. Specifically, crooks can take advantage of that information to commit fraud. 

In addition, the Government sets out principles on the security of personal information of users of the non-stop road toll collection service, also to place responsibility on implementing agencies and to ensure the State's reputation. If the non-stop road toll collection service is poorly organized and affects the legal rights and interests of individuals, people will not trust and not use the service, thereby indirectly affecting the reputation of the State.

2. Notes for implementation and using of ETC 

2.1. Notes for individuals and organizations using ETC 

The first thing individuals need to do to limit data leakage is to use a secure system/network provider, limit access to open wifi from unknown sources to prevent data from being stolen on the phone. In addition, individuals and organizations using the non-stop road toll collection service must regularly check and monitor activities on applications/websites related to this service. Specifically, perform periodic checks and monitor system activity to early detect any suspicious behavior, thereby taking appropriate preventive actions.

2.2. Notes for agencies implementing ETC 

Agencies implementing and managing ETC need to build a firewall system with good protection and encryption of user data, and also need to regularly check and upgrade to prevent the system from being broken into.

----------

For more information, please contact:

Hoang Pham (James) / Managing Partner at: hoang.pham@vselawyers.com

© 2023 VSE LAWYERS LIMITED LIABILITY LAW COMPANY – All rights reserved.

Attention: This legal update is not an advice and should not be treated as such.