On November 30, 2024, the National Assembly of Vietnam issued a new Law on Data (“Data Law”), the first of its kind in the country. Initiated by a legislative proposal in February 2024, the Data Law underwent an accelerated preparation process and was officially promulgated just nine months later. It is worth noting that the Data Law is not the same as the Personal Data Protection Law, which is still in draft form and is expected to be submitted to the National Assembly in November 2025. The scope of application of the Data Law is broader, including not only personal data but also other types of data. The Data Law governs digital data, the National Data Center, the National General Database, digital data products and services, digital data management, and the rights, obligations, and responsibilities of agencies, organizations, and individuals related to digital data activities. Set to take effect on July 1, 2025, the Data Law is expected to have a significant impact on businesses involved in data-processing activities. Below are some key takeaways from this pivotal legislation. Cross-Border Data Transfer and Processing The Data Law recognizes and protects the freedom of cross-border data transfer and processing, as well as the legitimate rights and interests of relevant agencies, organizations, and individuals. The government is assigned the responsibility to provide detailed regulations on cross-border data transfer and processing activities, including the transfer of offshore data into Vietnam. National Data Center Resolution No. 175/NQ-CP issued by the Vietnamese government in October 2023 set out ambitious goals for a new National Data Center, which will integrate and manage human-related data from the national database, databases of ministries and central and local authorities, and other databases. The National Data Center is expected to be a core platform to provide data-related services, support policy

Thailand has released a draft amended Electronic Transactions Act (ETA), which aims to overhaul the current version of the law from 2001 to correct its enforcement limitations and update the ETA to be consistent with current electronic transactions practice. The draft ETA is open for public comment until December 20, 2024. The draft ETA introduces a new supervisory scheme that (1) recognizes electronic transactions executed by both current and future technologies without having to enact regulations recognizing the technology, (2) replaces the licensing, registration, and notification scheme for electronic transaction service providers with a trust-mark scheme, and (3) introduces a new mechanism to regulate electronic transaction service providers. The major amendments under the draft ETA address: Relationship with other relevant laws. The draft ETA is designated as the primary law governing electronic transactions, whether between private parties or between private parties and the state. However, if specific laws—including those on electronic administrative procedures—prescribe methods for conducting particular electronic transactions, those laws will prevail. Definitions. The draft ETA revises some existing terms, such as “transaction,” which is now more clearly defined as “any act relating to civil or commercial activities, including administrative procedures, administrative contracts, and any other actions by government agencies or officials.” It also introduces new definitions, such as “biometric data,” “automated system,” and “electronic seal.” Electronic transaction reliability. The draft ETA now clearly provides that electronic transactions executed using a method or an electronic method stipulated by the Electronic Transactions Development Agency (ETDA) as reliable are themselves presumed to be “reliable.” In case of a challenge over the implementation of a certified method or certified service, the challenging party bears the burden of proof and related expenses. Electronic transferable instruments. The draft ETA adopts the UNCITRAL Model Law on Electronic Transferable Records (ETRs) in recognizing ETRs (e.g.,

Thailand’s Ministry of Finance (MOF) has issued a new notification easing foreign shareholding and board limits for life insurers. This long-awaited update aligns with the draft notification that was previewed in May 2024, and reflects the MOF’s intention to enhance the stability and competitiveness of life insurers. Life Insurer Qualifications Life insurers may apply for permission to exceed 49% foreign shareholding or have a majority of foreign directors if: The life insurer operates in a manner that could harm the insured or the public, and either (1) the OIC has directed the company to improve its status or adjust its capital, or (2) the company’s actions may have a significant impact on the insurance industry, causing significant compensation burdens and affecting the company’s capital adequacy ratio (CAR); The life insurer’s shareholders are unable to increase capital; and The life insurer is unable to attract Thai investors to increase the capital necessary to ensure stability and the long-term operation of the business. Foreign Shareholder Qualifications To qualify, foreign shareholders must: Either be an insurance company or have at least 10 years of relevant experience in the insurance industry; Demonstrate financial stability and possess a credit rating (or have a parent company with a credit rating) of at least “A” from a reputable credit rating agency; Present a clear and comprehensive business plan to develop and promote the company’s efficiency and competitiveness in the industry; and Be able to make an investment that increases the company’s capital by at least THB 2 billion to maintain stability with a CAR of at least 250%. For more details on the MOF’s notification regarding criteria on foreign shareholding limits for life insurance companies, or on any issue concerning insurance regulations in Thailand, please contact Athistha (Nop) Chitranukroh at [email protected], Witchupong Chittchang at [email protected], Ajaree

Cambodia’s Law on Seed Management and Plant Breeder’s Rights was enacted in 2008, but it was not until recently that new plant varieties could successfully be registered for protection in the country. Although the law has been in place for some time, recent developments confirmed the application process and a schedule of charges for the registration of new plant varieties. With these developments, breeders have been able to register their new plant varieties in Cambodia since March 1, 2024. Applicants for new plant variety protection must be Cambodian nationals, foreign nationals domiciled in Cambodia, or permanent residents of either a country that is a contracting party to the International Union for the Protection of New Varieties of Plants (UPOV) Convention or a country with which Cambodia has signed a memorandum of understanding on plant variety protection. Applicants can also claim a priority date from the first application for the same plant variety filed in any contracting party of the UPOV Convention within 12 months of the earliest application’s filing date. To be eligible for protection, new plant varieties must satisfy the following criteria: Novelty: A variety is considered “new” if, at the date of filing the application for new plant variety protection, it has not been sold, marketed, or otherwise disposed of others—by or with the consent of the breeder—for more than: One year for any plant variety in Cambodia; Six years for trees and vines or four years for all other plant varieties in countries besides Cambodia. Distinctiveness: A variety must be clearly distinguishable from any other existing varieties. Uniformity: A variety must be sufficiently uniform in its relevant characteristics. Stability: A variety must remain unchanged in its essential characteristics at the end of each cycle of propagation and in each generation. The last three criteria are often