News and developments
Latest Legal Updates to Thailand 4.0
Recently, Thailand started implementing a legal framework for Thailand 4.0, including in particular the following acts:
- Personal Data Protection Act;
- Electronic Transactions Act;
- Digital Government Administration and Services Act; and
- Cyber Security Act.
Cyber Security Act (“CSA”)
The CSA aims to protect critical information infrastructure, which must meet higher standards for security to prevent cyberattacks. This law seeks to ensure cyberspace’s security, enforce legal safeguards, and sets out a cybersecurity risk assessment plan to prevent cybersecurity threats that may affect national security and public interests.
The CSA applies to entities of both the public and private sector that:
- Own information and communication infrastructure, which are integral for the maintenance of vital functions of society; and
- are engaged in
- National security;
- Material public service;
- Banking and finance;
- Information technology and telecommunications;
- Transportation and logistics;
- Energy and public utilities;
- Public health; and
- Other areas as prescribed by the relevant cybersecurity authority.
Personal Data Protection Act (“PDPA”)
The PDPA aims to provide a minimum standard of protection of personal data, which would be comparable to the personal data protection standards of the EU. At present, the PDPA was postponed for a second time and might come into effect on 1 July 2022.Digital Government Administration and Services Act (“DGA”)
With the DGA, the Thai government aims to use digital technology as a management tool to increase efficiency and facilitate public services. The key to reaching this goal is the following:- Digitization of internal systems in each agency,
- Making data and services interchangeable with other agencies, establishing a one-stop service for government agencies; and
- Create participation from all sectors.
Electronic Transactions Act (“ETA”)
The ETA intends to facilitate electronic transactions and stipulates that digital evidence is officially accepted for electric transactions in Thailand. Furthermore, the ETA aims to harmonize Thailand’s electronic transaction law with the United Nations Electronic Communications Convention. According to the ETA:- Any action required to be in writing by law can be executed electronically, such as e-mail, or electronic data exchange, provided that such information is accessible and usable subsequently to the transaction without its meaning being altered.
- The ETA recognizes contracts made between an individual and an Automated Electronic Data Exchange System (“AEDES”) or between two or more AEDES. AEDES is defined as computer programs, electronic methods, or other automated methods used to commence a legal transaction or any operation performed by the data system, either in part or in whole, without examination or intervention by a natural person.