According to Decree No. 72 of 2013, aggregated information websites are required to store the information for at least 90 days from the date it is posted on the website (Article 24). Electronic information page (website) is an information system used to establish one or more information pages presented in the form of symbols, numbers, words, images, sounds and other forms of information in service of provision and use of information on the Internet (Art. 3.21). In March 2018, Vietnamese government issued Decree No. 27/2018/ND-CP to partially amend and enhance Decree No. 72. Requirement on data retention remains at least 90 days from the date it is posted on the website. Also, data processing log is required to be stored for at least two years.

Vietnam has joined an agreement with binding commitments to open transfers of data across borders: the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP, Art. 14.11). However, the country has been given a period of five years to comply with the requirement.

Regulations on data protection are fragmented in many Law and supporting documents in Vietnamese legal system. The most comprehensive legal framework on data protection is the Law on Network Information Security (Law No. 86/2015/QH13 or Law 86), which entered into force in July 2016. The Law 86 only applies to information provided, transferred, collected and processed over telecommunications and computer networks (Art. 3.2). Personal data protection is also regulated in Arts. 16-20 of the Law No. 24/2018/QH14 on Cybersecurity. Other regulations on data protection are to be found in different law, for example Law on Information Technology, Law on E-commerce Transactions, Law on Consumers' Protection, and other Decrees.

Decree No. 72 establishes the management of Internet services and online networks. Arts. 22, 25, 28 and 34 require providers of websites, social networks, information on mobile network and online games, respectively, to have at least one server inside the country "serving the inspection, storage, and provision of information at the request of competent state management agencies". In March 2018, the Vietnamese government issued Decree No. 27/2018/ND-CP to partially amend and enhance Decree No. 72. Requirements on local servers remain.

In February 2020, the Vietnamese government issued Decree No. 15/2020/ND-CP to regulate administrative violations on post-telecommunications, radio frequency, IT and electronic transactions. Art. 44.1(d) of the Decree regulates penalties for not storing information at the server system with IP address in Vietnam for electronic newspapers, general websites or web portal and social networks subject to the license. Art. 95.3 regulates penalties for advertising email and internet message services using servers not located in Vietnam.

In June 2018, the Vietnamese government issued Law No. 24/2018/QH14 on Cybersecurity. Art. 26 requires that foreign providers of Internet services, telecom services and value-added services to open representative offices or branches in Vietnam. According to the Law, personal information of Vietnamese users or users within Vietnam must be stored domestically. In addition, Art. 25 of the Law states that Gateway Internet Connection operators are encouraged to establish in the territory of Vietnam. It is reported that the government will decide the duration for which such businesses must store users’ data in the Vietnamese territory, but it is currently unclear which criteria will be used. The concept of "telecom services" and "Internet services" are not yet defined.

Vietnam does not have an independent telecom authority. The Authority of Telecommunications is a ministerial unit which performs the advisory and regulatory functions over the telecommunications sectors in nationwide.

Arts. 19-21 of Decree No.25/2011/ND-CP outline the requirements for enterprises applying for a license in the telecom sector in Vietnam. These requirements vary across types of service and geographical coverage. They include minimum capital requirements from 5 VND Billion to 3,000 VND Billion and investment plans, among other requirements.

Vietnam has appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

Decree No. 25/2011/ND-CP details and guides on the implementation of a number of articles of the Telecommunications Law. According to the Decree, the Ministry of Information and Communications is to regulate the framework for the price of telecommunication services. In 2019, Vietnammobile, a small mobile network company claimed that the price floor scheme in Decree No. 25/2011 was a restriction, created a burden for small enterprises and decreased competition in the sector, especially when three dominant firms cooperated and raised the price. The Ministry of Information and Communications is reported to propose to the government on the lift of such regulation. However, such deregulation is still in process.

While any Vietnamese firm can operate as an Internet Service Provider (ISP), only state-owned companies are allowed to operate as Online Service Providers or Internet Exchange Providers. Art. 11 of Decree No. 72/2013/ND-CP regulates Vietnam National Internet Exchange (VNIX), under the Ministry of Information and Communications, as the only Internet Exchange Point to be authorised.

It is reported that there is no requirement for functional or accounting separation required for operators with significant market power.

Art. 3 of Decree No. 25/2011/ND-CP regulates that an organization or individual that owns more than 20% of shares in a telecommunications enterprise may not own more than 20% of the charter capital or shares of another telecommunications enterprise doing business in the same market.

There is dominance of three big corporations in telecommunication markets of Vietnam which are VNPT, Viettel and Mobifone. All these three corporations are owned or partially owned by the government, and dominate more than 96% of the market.

According to Art. 18.3 of Law No. 41/2009/QH12 on telecommunications of Vietnam regulates foreign investment in telecommunications. In addition to the basic licenses required by telecommunications legislation, foreign investors who intend to provide telecommunications networks and services must first obtain an investment certificate issued by the licensing authorities. If the project is not covered by a plan approved by the Prime Minister, the licensing authority must seek opinions on the project from the Ministry of Planning and Investment, the Ministry of Information and Communications, and any other relevant organization. They must then request that the Prime Minister render a decision on the investment policy, adjust the national plan, or open the investment market further to foreign investment.