Laos’ Law on Prevention and Combating Cyber Crime (2015)
July 2015
National Regulations
The Law on Prevention and Combating Cyber Crime (2015) is a pivotal legislative measure by the Lao People’s Democratic Republic (Lao PDR) to address the growing challenges of cybercrime. Enacted on 15 July 2015, this law establishes a comprehensive legal framework to prevent, investigate, and penalize cyber-related offenses, thereby enhancing the security and integrity of information and communication technologies within the country.
Key provisions of the law
- Definitions and scope: The law provides clear definitions for critical terms such as ‘computer system,’ ‘computer data,’ and ‘cybercrime,’ ensuring precise interpretation and application. It applies to individuals, legal entities, and organizations, both domestic and foreign, that engage with computer systems and data within Lao PDR.
- Cybercrime offenses: The legislation identifies and criminalizes various cyber offenses, including:
- Unauthorized access: Gaining access to computer systems without permission.Data interference: Altering, damaging, or deleting computer data unlawfully.System interference: Hindering the functioning of computer systems through unauthorized means.Computer-related forgery and fraud: Inputting, altering, or deleting data with fraudulent intent.Dissemination of malicious software: Creating or distributing software designed to damage or disrupt systems.Distribution of pornographic material: Sharing obscene content via computer systems.
- Preventive measuresThe law emphasizes proactive strategies to combat cybercrime, including:
- Public awareness campaigns: Educating the public on cyber threats and safe practices.
- Training and capacity building: Enhancing the skills of law enforcement and relevant stakeholders.
- Data protection initiatives: Implementing measures to safeguard data integrity and confidentiality.
- Establishment of LaoCERTTo coordinate national cybersecurity efforts, the law establishes the Lao Computer Emergency Response Team (LaoCERT). LaoCERT’s responsibilities include:
- Incident response: Addressing and mitigating cyber incidents.Monitoring and analysis: Keeping track of cyber threats and vulnerabilities.Collaboration: Working with international and regional cybersecurity entities.
- Investigation and enforcementThe law outlines procedures for investigating cybercrimes, granting authorities the power to:
- Collect digital evidence: Secure electronic data pertinent to offenses.Conduct searches and seizures: Access computer systems and data storage for evidence gathering.Preserve data: Ensure that critical data remains intact during investigations.
- PenaltiesThe law prescribes penalties proportionate to the severity of the offense, ranging from fines to imprisonment, thereby reinforcing the legal framework’s deterrent effect.
Alignment with international standards
The structure and content of Lao PDR’s cybercrime law reflect elements of the Budapest Convention, indicating efforts to harmonize with global best practices.