Skip to main content
  • 1517 Accesses

Abstract

Formerly known as Laos, the Lao People’s Democratic Republic (Lao PDR) is a small developing country in South East Asia. Over the past decade, Lao has established a number of laws to strengthen their response to cyber security intrusions and to a lesser extent the protection of personal data. That is, the Government of the Lao PDR has enacted a slew of technology and data related laws including: (a) the Law on Electronic Transactions (No. 02/NA, 7 December 2012); (b) Law on Prevention and Combating of Cyber Crime (No. 61/NA, 15 July 2015); (c) Law on Information and Communication Technology (No. 02/NA, 7 November 2016); and (d) Law on the Protection of Electronic Data (No. 25/NA, 12 May 2017). Furthermore, the Ministry of Post and Telecommunications has also implemented the Instruction on Computer Security (No. 3623/MPT, 11 December 2017), under Law on Prevention and Combating of Cyber Crime.

Lao finds itself in a region of the world where the growth in digital technology is growing at one of the fastest rates. Southeast Asia is the world’s fastest growing Internet region with nearly four million new users coming online every month over the coming years (Ibid). This translates into a user base of 480 million. There are over 700 million active mobile connections in Southeast Asia. (Ibid) Online spending is expected to reach US$ 200 billion by 2025. This means that there will be a flourishing digital economy if every one of the 480 million users are secure and cross- border transactions are not hijacked by hackers (Ibid).

However, these laws are silent with respect to artificial intelligence and given the nature of how laws are issued it is likely that in due course new laws will be introduced to cover this activity. Assessing how these laws operate has been problematic given the lack of publicly available information.

Noteworthy too, is the emerging area of specific data protection law in the state of Lao. That is, it appears there is little to no appetite for dedicated data protection laws. The current legal framework is further limited as they do not fully accept and account for the OECD or ASEAN data protection principles outlined in Chap. 3. This, could in itself be problematic as the region becomes increasingly digitised. Furthermore, the laws in Lao are structured differently form the other states that have been examined in this book.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Evans, G, A Short History of Laos: The Land in Between, Allen and Unwin (2002). see also Church, P, A Short History of South East Asia 2017 John Wiley and Sons 74–87.

  2. 2.

    Ibid xiii–xiv.

  3. 3.

    Lorrillard, M, Lao history revisited Paradoxes and problems in current research. South East Asia Research, IP Publishing, (2006) 387–401.

  4. 4.

    Ibid.

  5. 5.

    Ibid.

  6. 6.

    See ‘Laos: The Transformation of Periphery Socialism’ in A Croissant, Lorenz, P, Comparative Politics of South East Asia: An Introduction to Governments and Political regimes (2018) Springer 113–141.

  7. 7.

    S Kim Transition to E-Governance in Laos, A Dissertation Presented to the Faculty of the Graduate School of Cornell University in partial fulfillment of the Requirements for the degree of Master of Public Administration May 2018.

  8. 8.

    Ibid.

  9. 9.

    Alston, P, Lao PDR’s Economic Strategy Entrenches Poverty Special Rapporteur, Human Rights, Office of the High Commissioner, United Nations 28 March 2019 https://www.ohchr.org/EN/NewsEvents/Pages/DisplayNews.aspx?NewsID=24416&LangID=E

  10. 10.

    Asia Pacific Economic Cooperation, https://www.apec.org/About-Us/About-APEC/Member-Economies.aspx. World Trade Organisation https://www.wto.org/english/thewto_e/countries_e/lao_e.htm

  11. 11.

    Gan, TT, Cyber Risk Leader, Deloitte Southeast Asia, Data and privacy protection in ASEAN – what does it mean for businesses in the region? 2028 https://www2.deloitte.com/content/dam/Deloitte/sg/Documents/risk/sea-risk-data-privacy-in-asean.pdf

  12. 12.

    Ibid.

  13. 13.

    Ibid.

  14. 14.

    Constitution of the Lao People’s Democratic Republic (Revised 2015) No 63/NA Vientiane 8 December 2015 https://www.policinglaw.info/assets/downloads/2015_Constitution_of_Laos_(English_translation).pdf

  15. 15.

    Ibid, Article 44.

  16. 16.

    United Nations, Human Rights, Office of the High Commissioner, Status of Ratification Interactive Dashboard https://indicators.ohchr.org

  17. 17.

    Decree and Law on Electronic Transaction No. 20/NA, dated 7 December 2012, Ministry of Science and Technology, Issuing Date: 2012-12-07. See Part 1 General Provisions, Article 3 Definitions.

  18. 18.

    Ibid Part II Contracts, Data Messages and Electronic Documents. Chapter 1 Electronic Contracts. See also Chapter 3 Electronic Documents, Articles 13–15.

  19. 19.

    Ibid See Chapter 3 Electronic Documents, Articles 16–18.

  20. 20.

    Ibid Chapter 1 Types of Electronic Signatures, Articles 19–22, Chapter 2 General Requirements of Electronic Signatures, Articles 23–25, Chapter 3 Specific Requirements for Secure Digital Signatures, Articles 26–30.

  21. 21.

    Ibid Part V Intermediary, Articles 33–35.

  22. 22.

    Decree on Internet Information Management No. 327/GOV, dated 16 September 2014, Ministry of Posts and Telecommunications, Issuing Date: 2014-09-16.

  23. 23.

    Decree on Internet Information Management above n 15, Section II Dissemination of Information on the Internet, Article 8 Creating a Personal Account on Social Media.

  24. 24.

    Decree on Internet Information Management above n 15, Section V Restrictions, Articles 10 and 17. See also Article 15.

  25. 25.

    Decree on Internet Information Management above n 15, Section V Restrictions, Article 23.

  26. 26.

    Decree on Internet Information Management above n 15, Section VIII Final Provisions, Article 27. See also Section VII Implementation Measures, Article 26.

  27. 27.

    Law on Resistance and Prevention of Cybercrime No 61/NA dated 15 July 2015, Responsible Agency: Ministry of Posts and Telecommunications, Issuing Date: 2015-07-15. See also Guidelines on the Implementation of the Law on Counter and Prevention of Cybercrime No 2543/MPT, dated 24 September 2018, Responsible Agency: Ministry of Posts and Telecommunications, Issuing Date: 2019-04-08.

  28. 28.

    Ibid Part 1 General Provisions, Article 2 Cybercrime Resistance and Prevention.

  29. 29.

    Ibid Article 8 Cybercrime-Prone Behaviour.

  30. 30.

    Ibid Chapter 1 Cybercrime Resistance and Prevention Activities Article 19. See also Article 24.

  31. 31.

    Ibid Part 1 General Provisions, Article 3 Definition of Terms.

  32. 32.

    Ibid. Article 3 Definition of Terms (11) Virus, (12) Malicious Code and (13) Phishing.

  33. 33.

    Newby, K, Lao PDR Legal Alert: New Data and IT Security Standards applicable to Companies: Are You Compliant? https://www.dfdl.com/resources/legal-and-tax-updates/lao-pdr-legal-alert-new-data-and-it-security-standards-applicable-to-companies-are-you-compliant/

  34. 34.

    Ibid.

  35. 35.

    Ibid Chapter 3 The Centre for Deterring and Solving Computer Emergencies.

  36. 36.

    Ibid Article 31.

  37. 37.

    Ibid, Part IV International Cooperation in Cybercrime Resistance and Prevention, Articles 33–34.

  38. 38.

    Ibid Articles 35–16.

  39. 39.

    Ibid Article 38.

  40. 40.

    Law on Resistance and Prevention of Cybercrime, Article 39–41.

  41. 41.

    Law on Resistance and Prevention of Cybercrime, Articles 41(4)–(5) and 39(2).

  42. 42.

    Law on Resistance and Prevention of Cybercrime, Part VI Investigation-Interrogation of Computerised System Cases.

  43. 43.

    Law on Resistance and Prevention of Cybercrime, Part VII Management and Inspection, Chapter 1 Management, Article 48–51.

  44. 44.

    Law on Resistance and Prevention of Cybercrime, Article 52.

  45. 45.

    Law on Resistance and Prevention of Cybercrime, Part VII Management and Inspection, Chapter 2 Inspection, Articles 53–55.

  46. 46.

    Law on Resistance and Prevention of Cybercrime, Part VIII Rewards for Persons with Outstanding Performance and Measures against Violators, Article 56.

  47. 47.

    Law on Resistance and Prevention of Cybercrime, Articles 57–59. See also the Decree on Internet Information Management, Section VIII Final Provisions, Article 27.

  48. 48.

    Law on Resistance and Prevention of Cybercrime, Part VIII Rewards for Persons with Outstanding Performance and Measures against Violators, Article 62 Penal Measures.

  49. 49.

    Law on Resistance and Prevention of Cybercrime, Article 9.

  50. 50.

    Law on Electronic Data Protection 25/NA, Date 12 May 2017, Responsible Agency Ministry of Posts and Telecommunications, Issuing Date: 2017-11-15.

  51. 51.

    Ibid, Article 3 Definitions, (10) Data Owner, (11) Official Data, (14) Electronic Data Administration Authorities and (18) Computer Emergency Interception and Resolution Centre.

  52. 52.

    Ibid, Chapter 2 Types of Electronic Data, Article 8.

  53. 53.

    Ibid, Article 9 General Data.

  54. 54.

    Ibid, Article 10 Specific Data.

  55. 55.

    Ibid, Chapter 3 Electronic Data Protection Tasks, Article 12 Data Collection.

  56. 56.

    Ibid, Article 16 Using and Disclosing Data.

  57. 57.

    Ibid, Article 17 Sending or Transferring of Electronic Data.

  58. 58.

    Ibid, Article 19 Updating or Editing of Electronic Data.

  59. 59.

    Ibid, Article 20 Deleting of Electronic Data.

  60. 60.

    Ibid, Chapter 4 The Measures on Securing of Electronic Data, Articles 21–23.

  61. 61.

    Ibid, Article 5 Rights and Obligations of the Data Owner, Articles 27–28.

  62. 62.

    Ibid, Chapter 6 Rights and Obligations of the Data Administration Authority, Article 29 rights of the Data Administration Authority.

  63. 63.

    Ibid, Article 30 Obligations of Data Administration Authority.

  64. 64.

    Ibid, Chapter 8 Dispute Settlement, Articles 34–39.

  65. 65.

    Law on Electronic Data Protection above n 42, Chapter 9 The Administration of Electronic Data Protection, Articles 40–44.

  66. 66.

    Law on Electronic Data Protection above n 42, Chapter 11 Policies toward Persons with Outstanding Achievements and Measures Against Violators, Articles 48–54. See also Law on Resistance and Prevention of Cybercrime above n 20, Part VIII Rewards for Persons with Outstanding Performance and Measures against Violators.

  67. 67.

    Law on Electronic Data Protection above n 42, Chapter 11 Policies toward Persons with Outstanding Achievements and Measures Against Violators, Articles 48–54. See also Article 31 General Prohibition, Article 32 Prohibition for the Data Owner and Article 33 Prohibition for the Data Administration Authority.

  68. 68.

    Pursuant to Law No. 61/NA, dated 15th July 2015 on the Prevention and Defence of Cybercrime. Pursuant to Prime Ministerial Decree No. 22/PM, dated 16th January 2017 on the Organizational Structure and Activity of the Ministry of Posts and Telecommunications.

  69. 69.

    Ibid.

  70. 70.

    Lao Services Portal, Department of Foreign Trade Policy in the Ministry of Industry and Commerce on behalf of all Government Agencies http://www.laoservicesportal.gov.la

  71. 71.

    Framework on Personal Data Protection, ASEAN Telecommunications and Information Technology Ministers Meeting (TELMIN) 25 November 2016 https://asean.org/storage/2012/05/10-ASEAN-Framework-on-PDP.pdf

  72. 72.

    Gan, TT, Cyber Risk Leader, Deloitte Southeast Asia, Data and privacy protection in ASEAN – what does it mean for businesses in the region? https://www2.deloitte.com/content/dam/Deloitte/sg/Documents/risk/sea-risk-data-privacy-in-asean.pdf

References

  • Church, P. (2017). A short history of South East Asia (pp. 74–87). Wiley.

    Google Scholar 

  • Evans, G. (2002). A short history of Laos: The land in between. Allen and Unwin.

    Google Scholar 

  • Lorenz, P. (2018). Comparative politics of South East Asia: An introduction to governments and political regimes (pp. 113–141). Springer.

    Google Scholar 

  • Lorrillard, M. (2006). Lao history revisited paradoxes and problems in current research. South East Asia research (pp. 387–401). IP Publishing.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Walters, R., Novak, M. (2021). Lao. In: Cyber Security, Artificial Intelligence, Data Protection & the Law . Springer, Singapore. https://doi.org/10.1007/978-981-16-1665-5_10

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-1665-5_10

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-1664-8

  • Online ISBN: 978-981-16-1665-5

  • eBook Packages: Law and CriminologyLaw and Criminology (R0)

Publish with us

Policies and ethics