Thailand’s amended Computer Crime Act, which took effect in May this year, has brought about much needed changes in the way businesses can conduct electronic marketing. Spammers will now face criminal charges and hefty penalties if found guilty.
The latest rules are in line with Thailand’s national efforts in digital transformation as part of the “Thailand 4.0” policy to develop the country into a value-based economy driven by technology and innovation. To further this goal, the Thai government is actively promoting digital platforms, research and development, and science and technology.
Earlier this year, the Electronic Transactions Development Agency (ETDA) also revealed that in 2016, Thai people will use the internet, on average, 45 hours per week or 6.4 hours per day. Notably, 75.8 percent of that internet time will be spent on electronic messages. This high usage volume has provided plenty of electronic marketing opportunities, which continues to be one of the most economical ways to conduct marketing in Thailand.
To facilitate this economic change, and to provide legal protection for online users, the government and the National Legislative Assembly have updated a number of key laws, including the Computer Crime Act. The Ministry of Digital Economy and Society is also developing subordinate regulations to support the Computer Crime Act. One noteworthy area of change has been to the legal restrictions on inappropriate electronic marketing, and particularly spam emails.
Electronic marketing offenses under Section 11 of the Computer Crime Act
Although Section 11 of the old Computer Crime Act prohibited sending emails or electronic data which had concealed or falsified origins that affected the normal operation of a recipient’s computer, it did not apply to electronic marketing spam – emails or electronic data that disturbed the recipients. To address this exclusion, section 11 of the new Computer Crime Act makes it an offense to send emails or electronic data that disturbs recipients, and which do not allow recipients to unsubscribe.
The Ministry of Digital Economy and Society also subsequently issued a Ministerial Notification for Characteristics and Methods of Sending Data Deemed Not to Cause a Disturbance to the Recipient, which defines the types of emails and data that are not considered to cause disturbances to recipients. The notification provides “safe harbor rules” for businesses to abide by in their electronic marketing campaigns, when emailing existing or prospective customers, business partners, or third parties.
Safe harbor rules under the Computer Crime Act
Under the “safe harbor rules”, a “sender” is defined as any person who intends to send company emails or data for commercial purposes, and any website, application or social media operator that advertises or supports the sending of such email or data. The rules do not apply to telecommunications business operators that act as intermediaries for transmitting such emails or data, in order to prevent undue criminal liability for these operators when third parties use their services and networks.
The following types of data are not considered to cause a disturbance to recipients:
Emails or data that are sent for commercial purposes, and do not fall under the scope of the above, are only permissible when the recipient’s consent has been obtained. The following conditions for opting out or unsubscribing must also be met:
Implications for electronic marketing
Under the new rules, an offense incurs a maximum fine of THB 200,000 levied against each single spam email. It is thus important for corporations that engage in online business activities to comply with the safe harbor rules and be cautious in their online communications to avoid potential exposure to this penalty.
As the new Computer Crime Act and subordinate regulations have only been in effect for a short period, it remains to be seen how requirements can be complied with in practice. There are a few interesting issues to consider, such as how a sender can obtain consent from a recipient, and whether implied consent is acceptable. It should also be noted that the safe harbor notification grants the permanent secretary of the Ministry of Digital Economy and Society the authority to interpret and consider any issues arising from actions under the notification, which leaves open the possibility of additional legislative changes in the near future.