Thailand’s Digital Government Development Agency (DGA) has proposed new standards that would require government agencies to select cloud services exclusively from a preapproved shortlist of providers. The draft Digital Government Standards re: Cloud Service Provider Standards aims to strengthen procurement confidence and reduce risks associated with selecting cloud service providers that do not meet the required standards. A public hearing period on these standards concluded on December 27, 2025. The DGA will now review submitted comments and consider revising the standards accordingly. Shortlisted Cloud Service Provider Tiers The draft standards establish three tiers of cloud service providers based on their assessed service capability levels, core qualifications, and certifications. The DGA sets qualification requirements for each tier, and it is at the discretion of each agency to select the tier of cloud service provider that best suits its operational needs, as follows: Tier 1 cloud service providers are suitable for providing services involving disclosable official data. Tier 2 cloud service providers are suitable for handling official data and protected data, such as personal data, which requires a high-security public cloud (e.g., virtual private cloud). Tier 3 cloud service providers are suitable for providing services to agencies with specific regulatory and security requirements that handle highly protected data, such as the national security system. These providers must offer sovereign or hybrid cloud as stipulated by the Ministry of Digital Economy and Society. All tiers of cloud service providers must be legal entities incorporated under Thai law and can be authorized distributors of offshore cloud service providers. However, each tier will be subject to different requirements, including infrastructure obligations. Government agencies are encouraged to select a cloud service provider appropriate for their intended use. For example, if a government agency intends to procure cloud services for operating applications that process personal data,

Thailand’s approach to cannabis regulation has moved quickly from broad access to a medical, prescription‑only system. The latest government regulation classifies the cannabis flower as a controlled herb under the Thai Traditional Medicine Wisdom Act. The latest rules ban advertising and recreational sales, allow sales only to patients with prescriptions (up to 30 days), and require flowers to come from GACP‑certified (Good Agricultural and Collection Practices) farms. More importantly, cannabis dispensaries can only sell to patients presenting valid prescriptions issued by one of seven professions—medical doctors, Thai traditional practitioners, applied Thai traditional practitioners, traditional Chinese medicine practitioners, pharmacists, dentists, and folk healers—consistent with approved clinical indications. Noncompliance risks license suspension or revocation, and criminal penalties of up to one year’s imprisonment or a THB 20,000 fine. The dispensary‑only model that proliferated in Thailand in recent years is expected to end soon, as the rules will push all cannabis dispensaries into medical settings or retail pharmacies. Dispensaries must convert into medical establishments—clinics, pharmacies, or traditional pharmacies—complete with on‑site licensed practitioners as well as budtenders; strong controls for storage, hygiene, odor, and smoke; and facilities for record-keeping. All flowers dispensed or exported must come from GACP‑certified farms. If the government ends dispensaries outright and forces a conversion to clinics or pharmacies, compensation will not be automatic at the outset. As a result, business operators should plan for compliance and repurposing under the Medical Facilities Act, Modern Drug Act, and Herbal Product Act, which regulate medical clinics, modern pharmacies, and traditional medicine pharmacies, respectively. The table below summarizes the required licenses for clinics, pharmacies, and traditional medicine pharmacies selling cannabis flowers in Thailand. Aside from the specific listed licenses, all three types of establishments must also obtain a license to sell a controlled herb (cannabis flowers) from the Department of Thai Traditional

Thailand has enacted comprehensive sexual harassment legislation that significantly expands criminal penalties and creates new compliance obligations for online platform operators. The Act Amending the Penal Code (No. 30) B.E. 2568 (2025), enacted on December 29, 2025, and taking effect the following day, introduces a comprehensive definition of sexual harassment, establishes new criminal offenses with graduated penalties, and imposes content removal obligations on social media platforms and computer system service providers. The amendment, which establishes a comprehensive framework for addressing sexual harassment in both physical and digital environments, significantly expands legal exposure for online service operators. It also grants courts authority to order takedowns of violating data accessible to the public. Definition of Sexual Harassment The law introduces “sexual harassment” as a distinct statutory concept covering physical conduct, verbal conduct, sounds, gestures, expressions, postures, communications, surveillance, stalking, and acts committed through computer systems or electronic devices. Conduct qualifies as sexual harassment when it is sexual in nature and likely to cause the victim distress, annoyance, embarrassment, humiliation, fear, or a sense of sexual insecurity. Criminal Offenses and Penalties The amended Penal Code establishes graduated penalties based on the severity and context of the harassment—including enhanced penalties for public or online conduct. For instance: Basic sexual harassment is punishable by imprisonment for up to one year, a fine of up to THB 20,000, or both. Continuous or repeated harassment that prevents normal life escalates penalties to imprisonment for up to two years, a fine of up to THB 40,000, or both. Critically for online operators, harassment committed in public places, in the presence of the public, or through computer systems accessible to the general public triggers imprisonment for up to three years, a fine of up to THB 60,000, or both. Acts of harassment committed by supervisors, employers, or others

On December 30, 2025, Thailand’s Electronic Transactions Development Agency (ETDA) notified digital marketplace operators of a consolidated list of “high‑risk products” that are subject to strict monitoring on digital platforms. The list was jointly prepared by the Thai Industrial Standards Institute (TISI) and the Food and Drug Administration (FDA) to guide platform compliance in the initial phase of implementation of the Electronic Transaction Committee’s Notification on Other Measures for Marketplace for Goods with Specific Characteristics under Section 18(2) of the 2022 Royal Decree on Digital Platform Businesses Requiring Notification B.E.2568 (2025). The notice is addressed to operators of digital platform services that function as product marketplaces with specific characteristics laid out in the notification. The ETDA states that the TISI and the FDA are closely monitoring the high‑risk product categories on digital platforms, and the published list serves as the baseline reference for platform screening during the initial phase of the notification’s implementation. High‑Risk Product List The list aggregates categories of products that are illegal to sell online or are otherwise tightly regulated under Thai law, with an emphasis on health-related products, controlled substances, medical devices, and a wide range of industrial products that require certification or compliance with specified Thai Industrial Standards, as detailed below. Prohibited and tightly controlled health products. This includes all categories of modern medicines subject to control other than general household remedies; all categories of controlled herbal products except for over-the-counter herbal products; narcotics; psychotropic substances; and medical devices requiring use in medical facilities or a physician’s prescription. Selected industrial products requiring heightened controls. The list highlights dozens of TISI-regulated items commonly sold online. Examples include pacifiers, rice cookers, electrical wire, food wrap film, crayons, washing machines and dryers, air conditioners, electric cookers and air fryers, water heaters, microwave ovens, LED luminaires, hair dryers