Thailand’s Computer Crime Act B.E. 2550 (2007) came into effect in July 2007. Among other matters, it addresses computer related issues such as the illegal access to and interference with computer systems and data, the illegal disclosure of security measures, and the illegal interception of computer data.
In recent years, the government has pledged support for the promotion of Thailand’s information technology and communications (ITC) sector, with a series of strategies aimed at developing related infrastructure, accelerating innovation, and transforming the country’s economy into one that is based on digital technologies.
To facilitate these objectives, the country’s Cabinet officially approved a project titled ‘Digital Thailand’, with an initial budget of some THB 3.7 billion, acknowledging that Thailand’s industrial growth has passed three stages of economic evolution: Thailand 1.0 (an agricultural based economy), Thailand 2.0 (a light industry based economy), and Thailand 3.0 (a heavy industry based economy). “Digital Thailand” or “Thailand 4.0” aims to move Thailand’s economy to the next level by facilitating the trade in goods and services through e-commerce.
Various projects are planned under the initiative, including the delivery of affordable broadband internet access to villages nationwide, and the deployment of ITC to improve public services offered by state agencies. The latter includes an attempt to consolidate government services into a single portal that comprises all state agencies.
In response to these developments, and in order to keep pace with the changing types of offence which have become ever more complicated due to evolving and advanced technologies, the Cabinet approved the Draft Amendment to the Computer Crime Act (the “Draft CCA“) on 19 April 2016. The Draft CCA is currently being considered by the National Legislative Assembly (the “NLA“)’s Extraordinary Committee and it is still subject to change.
The Extraordinary Committee, on 17 August 2016, revealed the latest revised Draft CCA during a public hearing at the Electronic Transactions Development Agency (ETDA). Notable draft amendments relate to the following key areas:
|Issues||The Current Computer Crime Act B.E. 2550 (2007)||The Latest Draft CCA (version of 17 August 2016)|
|Responsible Ministry||The Ministry of Information and Communications Technology (MICT)||The Ministry of Digital Economy (MoDE)|
|Spam Mail||Prohibiting the sending of computer data or email to others, by concealing or falsifying its origin, in a manner that disturbs other computer systems’ normal operation.||Adding the offence of sending computer data or emails to others, which causes disturbance to the recipient, without allowing the recipient to opt out.|
|False Computer Data||Prohibiting the importation into a computer system forged computer data or false computer data, in a manner that is likely to cause damage to others or the public.||Prohibiting the importation into a computer system, in bad faith, false computer data or the input of data into a computer system by suppressing true facts that should be revealed; in order to obtain any property from the person so deceived or a third party, or cause such a person or third party to execute, revoke, or destroy a document of right.|
|Safe Harbor for Service Providers||Any service provider who intentionally supports or consents to an offence made by others within a computer system under their control shall be subject to the same penalty as the offenders.||Introducing, for the first time, a defense for service providers who take down illegal content from their computer system in accordance with the procedures under the Ministerial Notification, which will be issued at a later stage.|
|Investigative and Inquiry Powers||The competent official files a petition to the court to restrain the dissemination of certain illegal content under the Computer Crime Act.||Setting up a new committee named “the Computer Data Filtering Committee” who may submit the petition to the court to specifically restrain the dissemination of computer data which is in violation of public order or good morals of the public.|
|The Computer Data Filtering Committee||The competent official files a petition to the court to restrain the dissemination of certain illegal content under the Computer Crime Act.||Setting up a new committee named “the Computer Data Filtering Committee” who may submit the petition to the court to specifically restrain the dissemination of computer data which is in violation of public order or good morals of the public.|
|Retention Period of Traffic Data||Requiring service providers to store traffic data for a period of not less than 90 days from the date on which the data was input into a computer system and up to 1 year in case of necessity.||Requiring service providers to store traffic data for a period of not less than 90 days from the date on which the data is input into a computer system and up to 2 years in special cases.|
Once the NLA finishes reviewing/revising the Draft CCA, it will be published in the Government Gazette and become effective after 30 days from the publication date. Again, the Draft CCA is still subject to change. We are monitoring this closely and will continue to update developments.