Now halfway through 2025, Thailand continues to advance in the realm of data privacy, with the ambitious goal of achieving zero data breaches. The Personal Data Protection Committee (PDPC), an independent government body established by the Personal Data Protection Act (PDPA), is taking a more proactive approach, having published several rulings and orders to enhance data protection measures and clarify compliance expectations for businesses. Here is a look back at Thailand’s data privacy developments in the first half of the year. Strengthening Law Enforcement and New Guidance for Compliance Enforcement of existing data protection laws and regulations has taken a step forward this year. Some of the specific initiatives include: Increased enforcement by the PDPC. A key trend to watch from the first half of 2025 is the PDPC’s active enforcement of the PDPA as it intensifies oversight through compliance orders and public warnings against noncompliant organizations while ramping up efforts to prevent and halt the illegal trading of personal data by actively monitoring emerging societal issues. Call center scams and cyber fraud control. Thailand published an amendment to the Emergency Decree on Measures for the Prevention and Suppression of Technological Crimes to strengthen measures against technological crimes, particularly targeting call center scams and cyber fraud. Orders from the Expert Committee. Several orders issued by the Expert Committee under the PDPA were announced in the first half of this year. These include directives for data controllers to take corrective actions to comply with the PDPA, as well as initiatives to raise awareness of data privacy within organizations, reflecting the regulator’s focus on promoting organizational awareness and compliance. A guideline report summarizing the Expert Committee’s decisions and orders was also published to serve as a reference for compliance. Public issue monitoring. The PDPC has been taking a more proactive approach by staying current with high-profile data privacy

Vietnam is making notable strides in decentralization, aiming to grant greater autonomy to local government entities to streamline administrative procedures. As part of this effort, the government issued Decree No. 133/2025/ND-CP on decentralization of state management of the Ministry of Science and Technology dated June 12, 2025 (Decree 133). Effective from July 1, 2025, Decree 133 decentralizes and delegates numerous state management functions—including in intellectual property (IP) and technology transfer—to provincial-level People’s Committees (PCs). This reform signals a profound shift in how IP rights are administered and enforced across Vietnam. While this offers new opportunities for IP owners, agents, and innovators, it also introduces additional operational complexities. Impact on IP and Technology Transfer Decree 133 significantly reallocates responsibilities in IP and technology transfer, primarily to provincial-level PCs. Provincial PCs and other provincial authorities are now empowered to handle a wide range of tasks, including but not limited to the following: Issuance of duplicates and reissuance of certificates of registration. Registration of license agreements for the transfer of usage rights for industrial property objects (e.g., trademarks, patents) and recording amendments, extensions, or early terminations of such agreements. Enforcing decisions on compulsory licensing of patent use rights. Evaluation and approval of technology transfer contracts—a key step in facilitating localized technological advancements. Permitting the establishment of foreign-invested scientific organizations and their branches, to encourage foreign direct investment in local R&D and technology development. Approval of provincial-level R&D tasks, aligning with local socio-economic development priorities. Legal Implications The decentralization and delegation brought forth by Decree 133 carry several significant legal implications: Echoing Decree 133, the Intellectual Property Office of Vietnam issued Notification No. 2351/TB-SHTT on June 26, 2025, announcing the cessation of 19 administrative procedures at the national level. Specifically, from July 1, 2025, the IP Office will no longer accept requests related to procedures that have been delegated to provincial-level PCs under Decree

On March 4, 2025, Cambodia’s Ministry of Labor and Vocational Training (MLVT) issued Prakas No. 073/25 on Procedures for Resolving Individual Labor Disputes, replacing Prakas No. 318 on the same topic from 2001 and introducing significant changes to how individual labor disputes are filed, processed, and escalated. In addition, Prakas No. 073 outlines the roles and responsibilities of labor inspectors, the process for filing and handling complaints, and the steps for conciliation and further legal recourse, as described below. Filing a Complaint Any party to an individual labor dispute can file a complaint with the Labor Dispute Department of the MLVT or the Department of Labor at the capital or provincial level. Upon receiving a complaint, a labor inspector will review the case and may initiate either conciliation or a labor inspection. Invitation letters will be issued to the disputing parties to provide relevant information and documents. Conciliation Process Prakas No. 073 places strong emphasis on the conciliation process, introducing strict procedural rules and deadlines with clear consequences for noncompliance: If the claimant fails to provide required information within the specified deadline (or within three working days thereafter without reasonable excuse), the complaint is deemed void. If the respondent fails to attend the conciliation meeting within the deadline (or within three working days thereafter without reasonable excuse), the conciliation is considered unsuccessful, and the respondent is deemed guilty as claimed. Once all necessary information is gathered, a labor inspector will invite both parties to a joint conciliation meeting, which must be held within three weeks of the complaint being received. If the claimant fails to attend the meeting or sign the minutes without a reasonable excuse, the complaint is void. If the respondent fails to attend the meeting without a reasonable excuse, the conciliation is unsuccessful, and the respondent is deemed guilty as claimed. If conciliation fails, the parties may

On April 29, 2025, the State Bank of Vietnam (SBV) issued Circular No. 03/2025/TT-NHNN (Circular 03), which provides detailed guidance on the opening and use of Vietnamese dong (VND) accounts by non-resident foreign investors engaging in indirect investment activities in Vietnam. Circular 03, which took effect on June 16, 2025, amends Circular No. 06/2019/TT-NHNN of the SBV on the management of foreign exchange for foreign direct investment activities in Vietnam (Circular 06) and replaces Circular No. 05/2014/TT-NHNN of the SBV guiding the opening and use of indirect investment capital accounts for implementation of foreign indirect investment activities in Vietnam (Circular 05). Below are some of the key points of Circular 03. Change of Account Name Circular 03 renames “indirect investment capital account” to “indirect investment account” (IIA). This change aligns with the terminology used in other legislation, ensuring consistency across Vietnam’s legal framework governing foreign exchange and investment activities. Additionally, by removing the word “capital,” the new term better encompasses the full range of transactions that may be conducted through these accounts, such as share transfer and other forms of indirect investment-related activities. This helps prevent misinterpretation and facilitates compliance for foreign investors operating in Vietnam. Account Types Circular 03 clearly delineates account types and investor residency status as follows: For non-resident foreign investors: The opening and use of investment accounts in VND is for carrying out transactions related to indirect investment activities. For resident foreign investors: Credit and debit transactions are made through payment accounts in VND in accordance with relevant laws. Additional Permitted Uses of IIAs In addition to the cash inflows and outflows authorized under Circular 05, Circular 03 introduces more cash transactions that can be conducted via IIAs. These include: Receiving interest and other legal income when conducting stock purchase transactions that do not require sufficient funds when placing orders by foreign institutional investors under

Three American giants are actively protecting their intellectual property rights against generative AI, as two legal battles commence on both sides of the Atlantic. In the UK, Seattle-based media company Getty Images accuses UK-based Stability AI of multiple IP infringements. In the US, The Walt Disney Company and Universal Studios are teaming up against Midjourney, an AI startup, with their main ground being copyright infringement. Both cases are centered around questions legal minds have been posing since the introduction of generative AI: Is the output of generative AI an infringement? And who is ultimately responsible for the output, the platform or the user? Getty Images v. Stability AI Getty initially filed a claim in the High Court in 2023, which resulted in Stability applying for reverse summary judgment on the grounds that Getty had no real prospect of success, arguing that their operations took place outside the UK. However, the High Court judge hearing the case decided that the claims brought by Getty did have a real prospect of succeeding in court. Despite this, Stability saw a small victory when the court ruled that the representative action brought by Getty would not succeed due to the difficulties in identifying who qualified for the class. The proposed class was comprised of 50,000 rightsholders who alleged their rights were also infringed. Stability was successful in arguing that identifying these individuals would be challenging due to the unclear definition of the class. This current trial is centered around four main grounds: Copyright infringement. Getty accuses Stability of using content that Getty owns or has an exclusive license for when training their model, Stable Diffusion, resulting in the generated output containing substantial parts of that content. Getty is also alleging secondary copyright infringement, arguing that Stability is importing an article into the UK that they know is infringing

Vietnam’s new Personal Data Protection Law (PDPL) was passed by the National Assembly on June 26, 2025, and will enter into force on January 1, 2026. The PDPL introduces several new concepts, exemptions, and obligations in comparison with the current Decree No. 13/2023/ND-CP on personal data protection (PDPD), while other contents remain essentially the same. The relationship between the PDPD and the PDPL has not been clearly addressed; however, it is expected that the government will issue a new decree providing necessary guidance on certain requirements under the PDPL, and the PDPD will remain in effect until it is replaced by this new decree. Some key points of the new PDPL include the following: Personal data will be further defined by lists of basic personal data and sensitive personal data to be issued by the government. The consent-centric approach of the PDPD remains in place, along with additional exemptions for certain data processing activities. The requirements for the data processing impact assessment (DPIA) and transfer impact assessment (TIA) remain unchanged. However, there are new exemptions for the TIA, including for the processing and storing in the cloud of employee data, and when the data subject is the person sending its own data outside of Vietnam. Consent obtained under the PDPD remains valid under the PDPL. DPIAs and TIAs submitted under the PDPD are valid under the PDPL but may need to be updated to be in line with the requirements of the PDPL. Administrative fines depend on the type of violation. The fine for sale and purchase of personal data will be 10 times the revenue from the sale or VND 3 billion (about USD 115,000), whichever is higher. The fine for cross-border transfer violations is 5% of the violator’s revenue of the preceding year or VND 3 billion, whichever is higher. Other violations are

As modern business strategies increasingly embrace sustainability, the influence of ESG principles is reshaping product design, packaging, and brand protection. From label-free bottles to the legal importance of 3D marks in Thailand, these developments highlight the growing connection between environmental responsibility and intellectual property. The Rise of ESG ESG principles have become critical in shaping business strategies worldwide. Companies are increasingly required to disclose ESG data, which influences investor decisions, loans, and consumer behavior. Studies show that consumers are willing to pay more for sustainable packaging, and businesses with strong ESG commitments often achieve higher growth rates. Product Minimization Trend One sector experiencing significant transformation is the consumer product industry, where brands worldwide are adapting their packaging to align with ESG principles. A notable approach is packaging minimization, exemplified by Pepsi’s introduction of its first label-free PET bottle in China in 2022. Similarly, in Thailand, several bottled water brands have embraced label-free designs, including Sprinkle drinking water’s “Redesign to Reduce” initiative and other similar efforts. These shifts not only enhance brand perception but are also warmly welcomed by consumers and business associates alike. For instance, Cathay Pacific has introduced label-free bottled water on select flights and cabins as part of their ongoing commitment to boosting onboard recycling efforts. From Design to Distinctiveness with 3D Marks Packaging has evolved into a critical component of brand identity, blending functionality with distinctiveness to strengthen consumer recognition and loyalty. This shift carries significant implications for intellectual property. Protecting these designs is no longer optional but essential, given their substantial commercial value. Securing legal protection—whether through design rights or three-dimensional (3D) trademarks—has become a strategic necessity. In an era shaped by sustainability and innovation, safeguarding distinctive packaging is not just a precaution but a fundamental step in maintaining competitive advantage and ensuring enduring brand success. In Thailand, businesses can register 3D marks

In Thailand, in-court business rehabilitation is a legal proceeding that enhances a debtor’s chance to restructure business operations for corporate debtors who are unable to repay their debts. The purpose of this proceeding is to allow the debtor to continue operating the business and generate income to repay creditors. The amounts that creditors receive in the rehabilitation proceeding are greater than the amounts creditors would receive if the debtor went bankrupt. The law is not designed to allow debtors or creditors to use the business rehabilitation process in bad faith for their benefit or to defraud another party. Accordingly, the Business Rehabilitation Law, which is included in the Thai Bankruptcy Act B.E. 2483 (1940), provides criminal liability for actions taken before or during the process. This article addresses the key points regarding criminal liability for safeguarding debtors and creditors in business rehabilitation proceedings from any parties who act in bad faith. Criminal Liability in Business Rehabilitation The following provisions establish the framework for criminal liability in business rehabilitation cases, ensuring that all parties act with integrity throughout the process. The Bankruptcy Act of Thailand B.E. 2483 (1940) provides the relevant provisions regarding the business rehabilitation process. Additionally, if a company debtor or its authorized directors are found to have committed fraud or malfeasance under the Bankruptcy Act, they can also be held criminally liable under the Penal Code or related criminal statutes. The rehabilitation process aims to help a business recover financially under the supervision of the court. When the court approves the rehabilitation plan, the court appoints a business rehabilitation plan administrator to manage and implement the process. However, if it is discovered that the debtor, its executives, or even the plan administrator engaged in illegal activities prior to or during the rehabilitation process—such as tax evasion, embezzlement, fraud, or bribery—criminal charges may