Data Security and Cybercrime, published in the Lexology Navigator, presents a Q&A-style overview of data security and cybercrime in 28 jurisdictions worldwide. The Thailand chapter of the guide, contributed by Tilleke & Gibbins, discusses the following main subjects:
- Legal framework: Legislation governing personal data including the Telecommunications Business Act and the Official Information Act; laws applicable to certain professionals such as medical practitioners and lawyers; and the requirement to appoint a data protection officer.
- Collection and storage of data: Requirements, limitations, restrictions, individuals requesting the deletion of their data, and consent.
- Data security and breach notification: Security obligations under the Computer Crimes Act and the Royal Decree on Electronic Payments and requirements of data owners and processors to notify individuals and regulators of a breach.
- Penalties and compensation: Tort claims, criminal charges, and penalties including fines, prison sentences, and administrative actions such as loss of license.
- Cybersecurity: Criminalized activities including illegal interception, utilization or disclosure of messages, information, and any other data by means of telecommunication and activities prohibited under the Computer Crimes Act.
Lexology is a leading business-to-business content and connections company that specializes in legal markets.