The Ninh Binh Province Police Department has issued a warning about the risk of privacy breaches and leaks of sensitive images from surveillance camera systems. As the prevalence of surveillance cameras in homes rises, primarily for security, property protection, and monitoring the elderly and children, there are growing concerns regarding the potential misuse of these devices.
According to the police, there have been numerous instances of sensitive images related to private life being leaked from these camera systems, causing significant harm to individuals' reputations and dignity. The police attribute these leaks to several factors, including installers setting default passwords, residents using weak passwords, failure to update software, and opting for cheap cameras that lack necessary security standards.
In light of these issues, the Ninh Binh Province Police Department advises residents against installing cameras in sensitive areas such as bedrooms, changing rooms, bathrooms, and toilets. They recommend that users regularly update their software and avoid using default passwords or allowing installers to set passwords. If a password is provided by an installer, it should be changed immediately to ensure security.
Furthermore, residents are encouraged to create strong passwords that include a mix of uppercase letters, lowercase letters, numbers, and symbols, and to change these passwords frequently. When selecting surveillance cameras, it is advisable to choose reputable brands known for their data security standards to mitigate risks.
On April 23, 2025, the National Cyber Security Association organized a seminar to discuss the urgent need for a Law on Personal Data Protection in Vietnam. This law aims to address the widespread leaks and trading of personal data, which has become a pressing issue in the digital age.
During the seminar, Major General Nguyen Minh Chinh, the Deputy Chairman of the National Cyber Security Association, emphasized the importance of the proposed law as a significant step towards institutionalizing human rights and privacy. He noted that the law would not only meet domestic needs but also align with international integration requirements, ensuring national digital sovereignty.
The draft law, expected to be presented to the National Assembly in May and take effect in January 2026, aims to provide a legal framework for the protection of personal data. It will establish 11 basic rights for data subjects, including the right to know, consent, access, and delete their personal data. Additionally, the law will impose obligations on data processors to safeguard this information.
In light of the increasing prevalence of personal data online and the rampant leaks and trading of such data, the law is seen as essential for protecting individual rights and ensuring data security. The law also includes specific regulations for processing personal data of children and individuals who are missing or deceased.
As discussions about the law progress, experts have called for the establishment of a controlled testing mechanism for technology and services related to personal data, as well as a comprehensive governance framework to ensure effective implementation after the law is enacted.
Meanwhile, OpenAI has recently integrated image analysis capabilities into ChatGPT, allowing it to infer geographic locations based on images provided by users. This new feature, available to ChatGPT Plus and Enterprise users, utilizes advanced computer vision models to analyze elements such as architecture, signs, and even fashion styles to estimate where a photo was taken.
While this feature presents exciting opportunities for various applications, it has also raised significant privacy concerns. The ability of an AI to deduce locations from images could potentially be misused for doxxing or tracking individuals through shared photos, leading to unwanted privacy violations.
OpenAI has acknowledged these concerns and stated that they are training the model to avoid identifying individuals and sharing sensitive information. Users are advised not to upload personal photos and to be aware of the implications of sharing images online.
In another development, Samsung has prioritized privacy and security in its Galaxy AI smartphones. With many AI features requiring data to be sent to the cloud for processing, users have expressed concerns about potential data leaks. Samsung's solution involves the Personal Data Engine and On-device AI, which process data directly on the device's chip, thereby reducing the risk of data exposure.
Samsung's Knox Vault is a hardware-based security solution designed to protect sensitive information such as fingerprints and passwords. This innovative approach ensures that critical data remains secure even if the device is compromised. Additionally, Samsung has implemented a Maintenance Mode that allows users to lend their phones for repairs without exposing personal data.
In the context of data security, the European Union has also taken steps to enforce compliance with its Digital Markets Act (DMA). Recently, Apple and Meta were fined for violating this legislation, which aims to ensure fair competition in the digital market. The EU's competition watchdog has mandated that Apple remove restrictions preventing app developers from directing users to cheaper transactions outside the App Store.
Meta's 'pay or consent' model, which allows users to choose between a free ad-supported version of Facebook and Instagram or a paid ad-free version, was found to violate the DMA. Both companies have two months to comply with the regulations or face further penalties.
As these developments unfold, it is clear that the intersection of technology, privacy, and regulation is becoming increasingly complex. The ongoing discussions around personal data protection laws, privacy-enhancing technologies, and regulatory compliance highlight the urgent need for robust frameworks to safeguard individual rights in the digital age.
