Unlike passwords or bank card numbers, which can be changed, biometric data is inherently linked to the human body. Once it is collected, used, or compromised, individuals have little or no ability to revoke or reset their biological identifiers. As a result, many legal systems, including Vietnam’s, classify biometric data as sensitive personal data subject to the highest level of legal protection. The era in which biometric data could be collected casually, handled indifferently, and treated as a routine part of data processing and storage by businesses in Vietnam must now come to an end. In Vietnam, a new legal framework on personal data protection that takes effect on January 1, 2026 — consisting of the 2025 Law on Personal Data Protection (LPDP) and Government Decree No. 356/2025/ND-CP detailing and guiding the implementation of the LPDP — has officially classified biometric data as sensitive data requiring the highest level of protection. Businesses must change Once biometric data — including facial recognition, fingerprints, iris patterns, and voice data — has been placed in the category of sensitive data, and businesses and organizations are required to implement a wide range of technical and legal measures to ensure compliance and data security. In […]
To read more, please click here.
