Vietnam has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Vietnam has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

Vietnam has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

Since 2019, domestic and international providers of telecommunications services, internet services and value-added services in Vietnam’s cyberspace that collect, analyse or process private information or data about relationships of their service users or data created by their service users in Vietnam shall open branches or representative offices in Vietnam.

Decree No. 72/2013/ND-CP regulates the management of Internet services and online networks in Vietnam. Art. 23a, introduced through the amendment in Decree No. 27/2018/ND-CP, stipulates that aggregated information websites and social networks must have at least one individual responsible for managing content. This individual must either be a Vietnamese national or a foreign national holding a temporary residence card issued by a competent authority, with a validity period of at least six months from the date of dossier submission.
Art. 20 defines aggregated information websites as platforms operated by agencies, organizations, or enterprises that publish aggregated content, which must be cited textually and accurately from official sources, with proper attribution to the original authors or agencies and the date of publication. Additionally, under Art. 3.22, a social network is defined as an information system that provides users with services such as storage, provision, use, search, sharing, and exchange of information, including functionalities for creating private websites, forums, online chat rooms, audio and video sharing, and other similar services.

Law No. 86/2015/QH13 imposes restrictions and conditions on entities engaging in the import, export, and trade of various network information security products with encryption capabilities. It has been reported that applications for import permits are cumbersome and involve licenses, certificates of conformity, product specifications, copies of commercial invoices, and copies of commercial contracts or documentary evidence. In addition, Decree No.108/2016/ND-CP stipulates in detail the conditions for trade in network information security products and services related to Law No. 86/2015/Qh13. According to Art. 4.2 of the Decree, the Vietnamese Ministry of Information and Communications (MIC) is assigned to make a list of network information security products to be imported upon license. Upon the Decree, MIC issued Circular No.13/2018/TT-BTTTT. The Circular regulates the list of network information security products to be imported upon licenses and procedures, as well as dossiers for import licensing. The information network security products to be imported upon license include (i) HS847130 (portable digital automatic data processing machines); (ii) HS847141 (automatic data processing machines and units); (iii) HS847149 (digital automatic data processing machines and units).

Decree No. 58/2016/ND-CP dated July 2016 regulates the sale and provision of civil encryption products and services as well as the export or import of civil encryption products. According to the Decree, corporations who want to export and import civil encryption products are requested to apply for the export and import license. Annex 1 of the Decree lists products and services within the scope of the decree, including:
-Biometric encryption products, encryption key management or storage items;
-Cryptographic components of a PKI system;
-Stored data security products;
-Online data security products;
-IP and channel security products;
-Analog and digital voice security products;
-Wireless security products;
-Facsimile and telegraph security products;
-Information protection services utilising civil
encryption products;
-Civil encryption testing and evaluation services;
-Network data security consulting services utilising civil encryption products.
In addition, Annex 2 of the Decree lists civil encryption products to be exported and imported under license: HS8443, HS 8471, HS8473, HS 8517, HS8523, HS8525, HS8526, HS 8529, HS8542, HS854.
The National Agency of Cryptography and Information Security (NACIS) is currently drafting a new decree to amend Decree No. 58/2016/ND-CP, addressing various issues related to cyber information security, including the export and import of civil encryption products.

Self-certification is allowed in the country for radio transmission, electromagnetic interference (EMI) or electromagnetic compatibility (EMC). Vietnam allows foreign companies to self-certify that they comply with these standards, through a Supplier Declaration of Conformity (SDoC). The National technical regulation QCVN 118:2018/BTTTT requires conformity testing and conformity declaration. The supplier or manufacturer of the equipment declares the equipment meets the technical and administrative requirements. A testing laboratory recognized by the regulator tests the equipment, and the supplier registers this equipment with the regulator. These procedures are based on ISO/IEC 17050, with some modifications and requirements to be in line with the legislation framework of goods and products quality control of Vietnam.

Chapter 2 of the Law on Cybersecurity, which entered into force in January 2019, regulates information systems for national security. Article 10.2 defines important information systems for national security, including:
- Military, security, diplomatic and cypher information systems;
- Information systems that store and process information belonging to state secrets;
- The information system serving the storage and preservation of artefacts and documents of significant value;
- Information systems serving the preservation of materials and substances particularly dangerous to humans and the ecological environment;
- Information systems serving the preservation, manufacturing and management of facilities of other special importance related to national security;
- Important information systems serving operations of central agencies and organisations;
- National information systems in the fields of energy, finance, banking, telecommunications, transportation, natural resources and environment, chemicals, health, culture, and journalism;
- Automatic control and monitoring systems at important works related to national security, an important goal of national security.
According to Arts. 11-13, important information systems need impact assessment, inspection, and control conducted by special forces to protect network security from the Ministry of Public Security, the Ministry of Defence, and the Government Cipher Committee.

Art. 36 of Law No. 86/2015/QH13 states that the responsibilities of users of cryptographic products and services include providing the necessary information on cryptographic keys to the competent state authorities upon request. The Law also introduces licensing requirements for tools that offer encryption as a primary function.

Sections 35 and 60 of Decree No. 52/2013/ND-CP provide that certain E-commerce services need to be licensed by the Ministry of Industry and Trade: E-commerce websites that permit participants to sell and purchase goods according to the method of goods exchange; evaluation and certification of personal data protection policies of traders, organisations and individuals participating in e-commerce activities; and certification of e-contracts.
In addition, Art. 44 states that traders and organisations providing online auction services must register the provision of auction services, and under Art. 52, traders, organisations or individuals may set up sales e-commerce websites if, among other conditions, they have notified the Ministry of Industry and Trade. Also, pursuant to the provisions of Art. 61, one of the conditions for conducting credit rating of e-commerce websites is being a trader or an organisation established under Vietnamese law.

The Ministry of Industry and Trade (MOIT) issued Circular No.59/2015/TT-BCT to regulate the management of e-commerce activities via mobile applications. The circular strictly regulates the operation of e-commerce on mobile applications, which requires registration to MOIT. The circular applies to all Vietnamese individuals and organisations, foreigners who reside in Vietnam, and foreigners and organisations who have a presence in Vietnam through investment, setting up branches, or representative offices.

In 2015, the State Bank of Vietnam issued Circular 39/2014/TT-NHNN to regulate payments via intermediaries, and the Circular was then replaced by Circular 23/2019/TT-NHNN in 2019. E-payments made via intermediaries such as e-wallets are regulated under this Circular. According to the Circular, owners of e-wallets must link the wallet to a bank account created in Vietnam or via branches of foreign banks in Vietnam in order to make payments in Vietnam.

It is reported that the de minimis threshold, that is the minimum value of goods below which customs do not charge duties, is USD 43, below the 200 USD threshold recommended by the International Chamber of Commerce (ICC).

Chapter 2 of Decree No. 72/2013/ND-CP on ".vn" domain service regulates that foreign companies that provide ".vn" domain registration must either establish the business in Vietnam according to Vietnamese law or have a contract with ICANN-accredited registrars. In addition, foreign companies that provide ".vn" domain registration services must have a contract with the Vietnam Internet Network Information Center to provide ".vn" domain registration services.