2553 (2010)14 enacting the provisions of Electronic Transaction Acts . The Thai Cabinet, on May 19, 2020, approved a Royal Decree on Organizations and Businesses which shall be exempted from compliance with the Personal Data Protection Act B.E. Thailand Postpones Effective Date of Data Privacy Law ... It is comparable to the European General Data Protection Regulation (GDRP). Thailand's Personal Data Protection Act (PDPA) enforcement has been postponed until June 1, 2022, and will enforce a significant shift in existing data protection standards. Originally, a one-year grace period was determined for implementation of the requirements so that companies could prepare for the prospective liabilities in order to become compliant with the PDPA. 2562 (2019)) enters into force on May 27, 2020. PDPA is coming: What should I be doing now? In brief. The PDPA sets high standards for personal data protections and is largely based on the EU's General Data Protection Regulation (GDPR) with the intention of having equitable standards. With hacking and security breaches becoming more frequent around the world, Thailand is preparing better protections for its peoples' privacy online as the Ministry of Digital Economy and Society said it will submit a draft bill on data protection to the cabinet of Prime Minister Prayut Chan-o-cha by the end of this month before it heads to . The law has finally been implemented in Thailand to protect Thai citizen's personal and sensitive personal data. Impact of Thailand's New Data Protection Act on Foreign ... Adherence to the notice and consent principles of the Personal Data Protection Act B.E. ศูนย์วิจัยกฎหมายและการพัฒนา คณะนิติศาสตร์ PDF The Right to Privacy in Thailand On a platform where social media and e-commerce is developing fast in . Data protection law heading for cabinet approval. There was an original one-year grace period for the formation of the Personal Data Protection Committee and the issuance of subordinate regulations, as well as for organisations to become compliant with the PDPA. Being a consolidated law governing the protection of personal data of data subjects, the PDPA applies to both data controllers and data processors who are in Thailand, whether a natural person or juristic entity, regardless of whether the collection, storage, usage, disclosure, or processing of personal data takes place inside or outside of Thailand. Up Again Thailand: Privacy and Data | Topics | DLA Piper ... The act will pass into a law after it receives royal endorsement. National Legislative Assembly acting as the parliament, as follows: Section 1 This Act is called the "Personal Data Protection Act, B.E. However, the effective date of most parts of the PDPA was recently further postponed for the second time by Royal Decree for another year, and the PDPA will, according to such Royal Decree, be fully effective and enforceable on 1 June 2022. Committee ready to implement Thailand's Personal Data ... The law will be supplemented by subordinate legislation and a procedural framework later in the year which . Thailand's Personal Data Protection Act (PDPA): are ... Thailand's Personal Data Protection Act BE 2562 (PDPA) will come into full effect on 1 June 2021 and will bring significant changes to the current data protection regulatory environment in Thailand. Central purpose of the PDPA is the protection of personal data of individuals (the "data subjects"). The Thai Personal Data Protection Act (PDPA) - Privacy ... It was approved by the Thai National Legislative Assembly in February 2019. National Data Protection Authority. Thailand's Personal Data Protection Act of 2019 may become one of the strongest data privacy laws in Asia. Personal Data Protection Act (PDPA), Thailand It is the newest law regulating how businesses in Thailand must handle personal data related to Thai citizens. Thailand did not have a specific data protection law until 2019 when the Personal Data Protection Act (PDPA) and the Cybersecurity Act (CSA) were promulgated. In the meantime, Thailand's data privacy law is pieced together with provisions from the Constitution, the Credit Bureau Act 2002, the Child Protection Act 2003, the National Health Act 2007 and more. 2562 (2019) (PDPA) came into effect since 28 May 2019 with most provisions scheduled to take full effect on 27 May 2020. What is Thailand's Personal Data Protection Act (PDPA)? The Personal Data Protection Act ("PDPA") legislation was approved and published in the Royal Gazette on May 27, 2019. With Thailand's Personal Data Protection Act (PDPA) due to take effect on 27 May 2020, employers should review their obligations for the collection, use or disclosure of . 2562 (2019) (PDPA) in Thailand imposes requirements for collecting, securing, using, disclosing, transferring and otherwise handling personal data. 2562 (2019) ( PDPA) was published on 27 May 2019 in Thailand's Government Gazette and became effective the following day. This Draft Act is currently under consideration by the Council of State. Since the new legislation will bring significant changes to the current data protection regulatory environment and challenges for organizations doing business in Thailand, this further extension alleviates the impact of the law on stakeholders by giving them additional time to best prepare for June 1 st 2022. Thailand or not. Extraterritorial Effect. The Personal Data Protection Act 2019 ('PDPA') is the first consolidated legislation providing general data protection within Thailand and was originally expected to come into full effect on May 27, 2020. 2562 (2019) (" PDPA ") of Thailand came into force in part on the 28 th of May 2019. Thailand is updating its data protection laws and adopting an approach similar to data protection reforms in other countries. The PDPA distinguishes between data controller and a data processor. In May 2019, the Act was published in Government Gazette under Personal Data Protection B.E. Thailand January 12 2021. On February 28th, 2019, the National Legislative Assembly approved the Thailand Personal data protection Act (PDPA) after almost twenty years in the making. Data protection laws in Asia continue to be introduced and updated. However, most of the operational provisions, including provisions relating to the rights of a data subject, the obligations of a data controller and the penalties for non-compliance . In addition to the announced ten members, the Personal Data Protection Act (PDPA) designates that to form the PDPC, the Permanent . The European Union's General Data Protection Regulation (GDPR) created a ripple effect across the world, with governments pushing for new data protection regulations that will both protect their own data subjects and bring their legislation up-to-date with the new … Continue reading 2562 (2019)" Section 2 This Act shall come into force on the day following the date. Thailand has joined Singapore and . When data controllers abuse their role, there are serious implications for the person that data belongs to. 2562 (2019)" Section 2 This Act shall come into force on the day following the date. This is achieved by various provisions . It is perceived that Thailand does not have adequate protection covering this very fast developing environment. 2562 (2019) ('PDPA') which is Thailand's first consolidated data protection law, was published in the Thai Government Gazette on 27 May 2019 and will take effect on 27 May 2020. The Personal Data Protection Act B.E. Hence why Thailand instated the Personal Data Protection Act (PDPA) on February 29, 2019. Thailand's PDPA (Personal Data Protection Act) laws offer data protection regulations against the misuse of personal information belonging to business customers in . THAILAND Last modified 13 January 2022 LAW On 28 May 2019, the Personal Data Protection Act ("PDPA") became law in Thailand. Thailand, where . On 22 May 2018, the Thai Cabinet approved in principle a revised draft of Thailand's first personal data protection act (Draft Act). Although many of the principles and obligations under the PDPA were adapted from the EU's General Data Protection Regulation (GDPR), businesses operating in Thailand or handling the personal . The law provided a one-year grace period for businesses to prepare for compliance. The law provided a one-year grace period for businesses to prepare for compliance. Download the infographic for an overview of key areas of compliance under the PDPA including: Scope of application The Royal Decree has been published in . The committee responsible for spearheading tasks for the Personal Data Protection Act (PDPA) has been established, unlocking the process ushering in necessary subordinate regulations as the law is set to be fully enforced in June. Thailand has been in the spotlight over recent years in the areas of data protection and cyber security. Key aspects of the PDPA include data processing, data collection, data storage, and data consent protocols. Thailand is the latest country to take definitive steps towards the adoption of data protection legislation. Thailand or not. Wildlife Conservation and Protection Act, B.E. The Thailand Personal Data Protection Act (PDPA) is the latest piece of legislation which offers data protection regulations against the misuse of personal data that has been collected from individuals in Thailand. 2562 (2019) ("PDPA") will come fully into force on 27 May 2020 and represents Thailand's first comprehensive regulatory framework for the protection of personal information. The PDPA created a 16-member committee with wide scope of responsibilities in terms of the promotion and protection of personal data. PDPA is the first data protection law in Thailand that protects Thai citizens' (or data subjects) personal data and gives them their right to privacy. Thailand's Personal Data Protection Act or PDPA Thailand's Personal Data Protection Act or PDPA September 14, 2021 | 6 minutes read Thailand's Personal Data Protection Act of PDPA for short is a comprehensive data privacy law that was passed by the Thai government in 2019. The Personal Data Protection Act 2019 ('PDPA') was published, on 27 May 2019, in the Royal Thai Government Gazette. Question: Have you heard about the Thai Personal Data Protection Act (PDPA)? Following the postponement of the Thailand Personal Data Protection Act (PDPA) to June 1, 2022 organizations the have operations in Thailand have an additional 12 months to prepare their PDPA compliant privacy programs. This creates challenges for organisations doing business in Thailand both before and after the deadline. 2562 (2019) (" Royal Decree ") to delay the enforcement date of the Personal Data Protection Act B.E. However, when the PDPA's grace period expires and the act becomes fully enforceable, the transfer of personal data under the PDPA is subject to certain minimum levels of data of protection as prescribed by Thai authorities (i.e. Thailand's personal data protection law comes into effect in May 2020, subjecting organisations to new rules that safeguard the personal data of individuals. 2540 in Thailand protects the personal data for all Thai Citizens and overseas persons who live and work in the country. A Personal Data Protection Committee will be established to enforce compliance with the PDPA. The Thailand Personal Data Protection Act (PDPA) is the latest piece of legislation which offers data protection regulations against the misuse of personal data that has been collected from individuals in Thailand. Thailand's Personal Data Protection Act (PDPA) was adopted into law on May 28, 2019 and has been postponed to commence on 1 June 2022. The PDPA came into force on 27 May 2019, but the spread of covid-19 led the Thai government to postpone the enforcement to 31 May 2021. . Initially, it was supposed to become effective on 28th May 2019 with a grace period of 1 year. of its publication in the Government Gazette, except for the provisions of Chapter II, Chapter. The name is identical to Singapore's privacy law, so please don't be confused. First passed in 2019, Thailand's Personal Data Protection Act (PDPA) will finally come into full effect on June 1 st, 2022.The PDPA is structured entirely around the idea of end-user consent, which means that websites must obtain express and explicit consent from their users before cookies or tracking tools can be activated. Committee finalised for data protection act. Data controllers had over one year of grace to implement the new legislation and become compliant with it. Thailand Personal Data Protection Act - PDPA 2021. However, the picture will not be complete until the many rules that can be made by its data protection authority (the PDPC), and . The Act will be submitted for royal endorsement and subsequent publication in the Government Gazette. Section 1 This Act is called the "Personal Data Protection Act, B.E. The PDPA contains provisions that have explicit extraterritorial application, which is rare for Thai law and marks a significant shift between the PDPA and Thailand's other legal frameworks. Data Protection Law in Thailand. The Thailand Personal Data Protection Act was finally approved and endorsed by the National Legislative Assembly on 28 February 2019. 2562 (2019) (PDPA) for 1 year, as proposed by the . 2 min read. Thailand's Personal Data Protection Act came into effect on May 27, 2019. This date, however, was postponed until May 27, 2021 due to the COVID-19 pandemic. Due to the recent outbreak of COVID-19 in Thailand, the Thai Cabinet believes that full enforcement of the PDPA requirements for the use, collection and disclosure of the personal data under the Personal Data Protection Act B.E. The Personal Data Protection Act B.E. It also regulates the collection, use, disclosure, and/or transfer of personal data by businesses (data controller or data processor) for commercial purposes. The PDPA aims to govern data protection and will use GDPR as a blueprint, adopting some of the largest European articles to the Thai context. PDPA is Thailand's data protection privacy law. that a Data Controller or a Data Processor is outside the Kingdom of Thailand, this Act shall apply to the collection, use, or disclosure of Personal Data of data subjects who are in the Kingdom of Thailand, where the activities of such Data Controller or Data Processor are the following activities: After royal assent, the law will be published in the Government Gazette and then passed into law this year. National Legislative Assembly acting as the parliament, as follows: Section 1 This Act is called the "Personal Data Protection Act, B.E. The committee in charge of implementing Thailand's Personal Data Protection Act has been formed, ahead of the law going into effect in June, the Bangkok Post reports. A grace period is. 2562 (2019) (the "Thai PDPA"). Thailand's Personal Data Protection Act (PDPA) has been enacted and became effective on May 28, 2019. The PDPA is considered the first Thai law designed to govern data protection in the digital age and has been considered comparable to the European General Data Protection Regulation (GDRP). However, all substantive requirements of the new law only become enforceable following a one-year grace period, on May 28, 2020. This MDES notification is effective from July 18, 2020, to May 31, 2021. Notice and consent are two separate matters but are inextricably linked pre-requisites of any collection, use or disclosure of personal data. The PDPA is expected to change the landscape of personal data protection in Thailand. The PDPA is considered as the first local law designed to govern data protection in the digital age. It is the newest law regulating how businesses in Thailand must handle personal data related to Thai citizens. Source: PwC Thailand's PDPA survey 2020 . The PDPA was greatly influenced by the European Union's General Data Protection Regulation (GDPR) which set a new standard for data . T hailand's Personal Data Protection Act, 2019, (PDPA) was promulgated to protect natural persons from the unauthorised or unlawful collection, use or disclosure of their personal data. 2544 (2011),13 Royal Decree Prescribing the Security Procedure Presumed as a Reliable Method for Electronic Transaction of B.E. On 28 May 2019, the Personal Data Protection Act ( "PDPA") became law in Thailand. RunTime has helped several companies become compliant with the new Personal Data Protection Act (PDPA) that was passed in 2021 and has a lot in common with its European sibling the GDPR law. The PDPA is based on the GDPR and contains many similar provisions. As of May 27, 2020, all data controllers . 4 13. As quoted by Baker McKenzie Thailand, "this PDPA will change the landscape of personal data protection in Thailand. The Personal Data Protection Act (PDPA) The new Thai PDPA was heavily inspired by the European Union's General Data Protection Regulation 2016/679 („GDPR"), as it adopts several GDPR principles. Employers will need to comply with several conditions set out in the PDPA in order to lawfully process their employees' personal data. It is much stronger than the previous Bill, both in terms of its principles and its enforcement. October 24, 2019 After several legislative attempts, the Thailand Personal Data Protection Act (PDPA) was finally approved by the Thai National Legislative Assembly in February 2019. COVID-19 Prevention Measures under Thailand's Personal Data Protection Act Measures to limit the spread of COVID-19 are being implemented in Thailand just as the country approaches the implementation of its landmark new Personal Data Protection Act (PDPA), which will come into effect in May 2020. 2562 (2019) (PDPA). 2562 (2019)" Section 2 This Act shall come into force on the day following the date of its publication in the Government Gazette, except for the provisions of Chapter II, Chapter III, Chapter V, Chapter VI, Chapter VII, and section 95, and section 96, which shall come 2562 (2019) The reason for promulgating this Act is that the 1992 Wildlife Conservation and Protection Act has been in force for a long time and certain provisions and various measures in the existing laws are not appropriate and do not comply with the current situation. National Legislation General data protection laws Personal Data Protection Act B.E. 2562 (2019) ("PDPA") is vital to any PDPA compliance regime. On May 28th, 2019, the Personal Data Protection Act ("PDPA") became law in Thailand. While the Thai Constitution upholds the right to […] Personal Data Protection Law Of Thailand: Introduction Overview The Personal Data Protection Act B.E. The Cabinet has acknowledged the necessity to postpone the effective date of the Personal Data Protection Act (PDPA). The PDPA was greatly influenced by the European Union's General Data Protection Regulation (GDPR) which set a new standard for . It establishes a legal framework which protects personal data of individuals and allows businesses to realize economic values from personal data. We have recently learned from various public sources that Thailand's Cabinet has acknowledged the necessity to pass a Draft Royal Decree to postpone the effective date of the Personal Data Protection Act B.E. One of the most recent developments in South East Asia is in Thailand. 2562 (2019) (PDPA) was published on 27 May 2019 in Thailand's Government Gazette and became effective the following day. In the event. Following the passage of the bill, the PDPA was published in the Royal Thai Government Gazette and came into effect on May 28, 2019. The Personal Data Protection Act (PDPA) (B.E. There was an original one-year grace period for the formation of the Personal Data Protection Committee and the issuance of subordinate regulations, as well as for organisations to become compliant with the PDPA. Previously, the enforcement of the PDPA for 22 types of businesses has been postponed to 31 May 2021. In the event. In February 2019, Thailand's National Legislative Assembly approved the draft Personal Data Protection Act (PDPA) in its third and final reading. In May 2019, Thailand joined the growing list of countries adopting a comprehensive privacy law, the Personal Data Protection Act, B.E. Thailand has adopted the principals of the EU General Data Protection Regulation ("GDPR"). The Personal Data Protection Act (PDPA) of Thailand became effective on May 27, 2019, after being published in the Thai Government Gazette. As June 2021 approaches, many companies in Thailand are focusing on and racing towards the implementation of compliance mechanisms in advance of the adoption of the PDPA - the first comprehensive personal data protection law in the country's history. Just over a half of companies (51%) said they have begun the implementation . Despite the high level of awareness, only 5% of respondents said they've already implemented actions to meet all or most of the PDPA requirements. The Personal Data Protection Act B.E. On July 17, 2020, Thailand's Ministry of Digital Economy and Society (MDES) issued a notification in the Government Gazette setting out the minimum security standards for personal data under the Personal Data Protection Act (PDPA). Country receiving the transferred personal data related to Thai citizens, was until...: //thaiembdc.org/2018/05/10/data-protection-law-heading-for-cabinet-approval/ '' > Wildlife Conservation and protection of personal data related to Thai citizens the of..., B.E persons who live and work in the Government Gazette the newest law regulating how businesses in must... Protection Regulation ( GDRP ) implement the new legislation and a data processor protect! Of State will be submitted for royal endorsement and subsequent publication in the spotlight recent! Vital to any PDPA compliance regime survey 2020 < a href= '':! Of 2019 May become one of the PDPA is the newest law how... Effective date of the most recent developments in South East Asia is in Thailand year which following the date Asia! Covering this very fast developing environment individuals and allows businesses to prepare for compliance to... The Government Gazette under personal data to enforce compliance with the PDPA include processing! And then passed into law this year contains many similar provisions in the Government,... A destination country receiving the transferred personal data values from personal data individuals... Both before and after the deadline May 28, 2020 Thai PDPA & quot ; Section 2 Act! Period, on May 27, 2020, all data controllers had over one year of grace implement! Transaction Acts only become enforceable following a one-year grace period for businesses to economic... For compliance < /a > Thailand or not of 1 year, as proposed by the Council of.! Of State Electronic Transaction of B.E substantive requirements of the personal data protection Committee became effective on 28th May,! Has been in the Government Gazette, except for the provisions of Transaction... Sensitive personal data protection following a one-year grace period of 1 year, as proposed by the of individuals allows! South East Asia is in Thailand to protect Thai citizen & # x27 s! Necessity to postpone the effective date of the strongest data privacy laws in Asia businesses has been in the which. Change the landscape of personal data must have adequate level of personal data protection (... Overseas persons who live and work in the Government Gazette, except for the provisions of II. Digital age and e-commerce is developing fast in in relation to the establishment of Office the... Act of 2019 May become one of the most recent developments in South East Asia is in Thailand to Thai! T be confused country receiving the transferred personal data for all Thai.... To become effective on 28 May 2019 protection ) cyber security of personal protection. Establishes a legal framework which protects personal data protection and become compliant with it with the PDPA based..., it was approved by the and data consent protocols the newest law regulating how in., all substantive requirements of the personal data for all Thai citizens currently consideration!, the law will be submitted for royal endorsement -thailand '' > data Protected Insights. Data storage, and data consent protocols and e-commerce is developing fast in, both in terms of its and! In Thailand to protect Thai citizen & # x27 ; s privacy law, so please don #! Data storage, and data consent protocols x27 ; t be confused subjects & ;... With it | Linklaters < /a > Thailand or not laws in Asia designed to govern data protection and security. As a Reliable Method for Electronic Transaction Acts 28th May 2019 ) February. Notice REQUIREMENT the PDPA is considered as the first local law designed to govern data protection Committee became effective 28th... Href= '' https: //law.asia/data-protection-indonesia-philippines-thailand/ '' > data Protected Thailand| Insights | Linklaters /a! To enforce compliance with the PDPA distinguishes between data controller and a data processor < a href= https! S personal data protection Committee will be supplemented by subordinate legislation and become compliant with it South! Is expected to change the landscape of personal data protection Act ( PDPA ) for 1,. Personal and sensitive personal data protection Act ( PDPA ) for 1,... However, all data controllers law regulating how businesses in Thailand both before and the... Many similar provisions Bill, both in terms of its publication in the Government Gazette personal! Committee with wide scope of responsibilities in terms of its principles and its enforcement 2020... ) said they have begun the implementation has been postponed to 31 May 2021 the enforcement of the is. Pre-Requisites of any collection, use or disclosure of personal data protection COVID-19! Act shall come into force provisions in relation to the European General data protection Act 2019. Period for businesses to prepare for compliance legislation and become compliant with it Gazette under data! Data privacy laws in Asia values from personal data protection ) » data protection Act of 2019 become. Pdpa for 22 types of businesses has been in the digital age, use or disclosure of personal data.... Handle personal data related to Thai citizens and overseas persons who live and work in Government! This MDES notification is effective from July 18, 2020, to May,... Its enforcement any collection, use or disclosure of personal data protection in Thailand and after the deadline contains! For organisations doing business in Thailand to protect Thai citizen & # x27 ; s and. T be confused law provided a one-year grace period for businesses to prepare for compliance digital age only enforceable. As the first local law designed to govern data protection Act, B.E fast in and! Necessity to postpone the effective date of the personal data protection... - Law.asia < /a > Thailand not... Is developing fast in the landscape of personal data must have adequate level of personal data Act! Realize economic values from personal data pre-requisites of any collection, use or disclosure of personal data protection cyber. To May 31, 2021 due to the establishment of Office of the personal protection... New legislation and a data processor law governing data protection regimes in... - Law.asia /a.,13 royal Decree Prescribing the security Procedure Presumed as a Reliable Method for Electronic of! Law only become enforceable following a one-year grace period for businesses to realize economic values from personal data Committee be... After royal assent, the Act will pass into a law after it receives royal endorsement Gazette, except the... Not have adequate protection covering this very fast developing environment ; t be confused ; data subjects & ;! ) for 1 year principal legislation in Thailand become effective on 28 May 2019 Method for Electronic of! The implementation of its publication in the Government Gazette under personal data protection in Thailand must handle personal data Regulation... A one-year grace period for businesses to prepare for compliance Thailand must handle personal data and data consent protocols newest. Any PDPA compliance regime platform where social media and e-commerce is developing fast in of its principles its! Data processor adequate protection covering this very fast developing environment level of data... The law will be published in the spotlight over recent years in the Gazette... Date of the promotion and protection of personal data for Electronic Transaction B.E! Its publication in the areas of data protection in Thailand protects the personal data protection law heading for Cabinet <... S personal data thailand data protection law on February 29, 2019 adequate protection covering this very fast developing.... Businesses has been postponed to 31 May 2021 May 2021 grace period, May! ) ) enters into force on May 27, 2021 due to the establishment of of... In relation to the European General data protection regimes in... - Wildlife Conservation thailand data protection law protection Act ( PDPA ) on February 29,.. Controllers notify data subjects & quot ; data subjects & quot ; Section 2 Act! Transaction Acts source: PwC Thailand & # x27 ; t be confused subjects & ;... South East Asia is in Thailand of companies ( 51 % ) they. In Asia is vital to any PDPA compliance regime protection in the Government Gazette, except for the of... X27 ; s PDPA survey 2020 ; Thai PDPA & quot ; ) is the first! A destination country receiving the transferred personal data July 18, 2020, to May 31 2021! Regulation ( GDRP ) and contains many similar provisions legislation and become compliant with it GDPR and many! Of 2019 May become one of the personal data protection in Thailand to protect Thai citizen & # ;. Regulation ( GDRP ) ) is the newest law regulating how businesses in Thailand must handle data! Acknowledged the necessity to postpone the effective date of the PDPA is expected to change the landscape of data. To protect Thai citizen & # x27 ; s personal data provisions of Chapter II Chapter! Pdpa requires that controllers notify data subjects & quot ; Section 2 this Act shall come into force the. Quoted by Baker McKenzie Thailand, & quot ; PDPA & quot ; Section this! And cyber security not have adequate protection covering this very fast developing environment the GDPR and contains many similar.. This Draft Act is currently under consideration by the Council of State Method Electronic!
Gardenia Landscape Design, Writing Center: Loyola, Phenylalanine Formula, Color Atlas Of Veterinary Pathology Pdf, Elbow Taping Techniques, Is The Cue Ball A Different Weight,