The latest draft of Vietnam's Cybersecurity Administrative Sanctions Decree provides that its scope will cover both domestic and foreign entities operating in Vietnam, including those providing internet and cybersecurity services. The draft decree outlines monetary penalties for violations of cybersecurity and data protection laws. Repeated offenses or those involving personal data of over 5 million Vietnamese citizens could result in fines of up to 5% of an entity's annual revenue. Public consultation on the latest version of the decree is open until June 20th, with the decree expected to be officially issued on December 1st, 2023.