The police are investigating the use of "freebie" software
Attorney Pham Vu Khanh Toan, managing partner of Pham & Associate, informed that under the 2015 Penal Code, effective from January 1, 2018, businesses using illegal computer software will be subject to financial fines of VND20 million-1 billion ($909-45,400), depending on the degree of misconduct, gains from infringement acts, and the damage caused, non-custodial sanction of up to three years, and jail terms of six months to three years.
Additionally, violating businesses may also be banned from engaging in certain activities, practices or lines of work for 1-5 years. Businesses may be suspended from six months to two years, banned from doing business and involvement in specific lines of work or fund raising for one to three years, depending on the degree of the violation.
While the Penal Code sets in place such severe punitive schemes, sources familiar with the Ministry of Culture, Sports and Tourism revealed that interagency scrutiny taskforces, by auditing 63 businesses, imposed financial fines amounting to VND1.56 billion ($70,909) in 2017.
While infringements seem to have gone down from the VND2.5 billion ($113,636) in financial fines for software piracy in 2015, local software piracy remains rampant in different forms and degrees. This is mostly attributed to poor awareness and responsiveness for legal compliance by many individuals and organisations that use and benefit from computer programmes.
Meanwhile, estimates of the Vietnam Computer Emergency Response Team (VNCERT) indicate that in the first two months of 2018 only 1,504 cyberattacks were recorded in Vietnam in different forms. In comparison, more than 10,000 cyberattacks targeting businesses, agencies, and individuals were recorded in Vietnam in 2017.
According to VNCERT, one of the main causes of these incidents may be attributed to businesses using software of dubious sources, leaving their computers vulnerable to malware infection.
“If businesses could manage their software assets more effectively (i.e. by using genuine and licensed software), the risk of cybersecurity breaches would be much lower, keeping firms safe from cyberattacks," said Pham Cao Thai, chief inspector of MoCST.
Thai also informed that every year the Inspectorate of the ministry disperses thousands of reminders to businesses, asking for a proactive review of their information technology systems and preparation of relevant documentation justifying license ownership for all software they use or distribute, and advising businesses that non-compliance with existing copyright laws and related rights may expose them to administrative liabilities or penal obligations, while at the same time reduce the competitiveness of Vietnamese firms.
Accordingly, the Copyright Office of Vietnam has recently sent letters to thousands of businesses across the country, recommending them to revisit how computer software are being used at their establishments and adhere to existing laws and regulations on copyright, which also helps avoid cyberattacks.
The Copyright Office also warns that the primary cause for information system incidents at businesses is the use of computer programmes of dubious sources, resulting in malware infection.
“Over the years, the enforcement and protection of copyrights, property rights, and ownership rights for computer software have achieved impressive results. Nevertheless, computer software piracy is still a widespread issue with different forms and varying degrees of abuse. This is mostly attributed to the poor awareness and compliance of many individuals and organisations that use and benefit from computer programmes,” said Bui Nguyen Hung, director general of the Copyright Office of Vietnam.
If businesses want to avoid being severely penalised or even suspended under the new provisions of the Penal Code, attorney Toan recommended that businesses and business owners take the following actions to avoid being held accountable.
First, firms need to have in place relevant internal policies. In effect, while such in-house rules may not be mandatory, the legitimacy of such rules is still recognised by law, thus having in place good corporate practices will safeguard the interests of both the business owners and the firms.
Having such rules in place may be seen as a useful way to keep the corporate apparatus running, in addition to internal controls regarding the use of the business' intellectual property, and avoid potential infringements of copyrights and related rights from within the company, which may expose the business and business owners to unnecessary risks.
Second, there is a need to review the copyrights and related rights being protected by law to avoid the copyright abuses that may happen within the business. Additionally, firms also need to be alert in protecting their intellectual property.VIR