Thailand’s Government has finally published The Personal Data Protection Act, B.E. 2562 (2019) (“PDPA”) in the Government Gazette, and thus has become effective from 27th May 2019. The Act was approved and endorsed by the National Legislative Assembly on 28th February 2019 (“PDPA”), thereafter had been submitted for royal endorsement and subsequent publication in the Government Gazette. The PDPA’s will provide Thailand with its very first consolidated law to govern data protection in the country. Thailand’s Government has largely drawn concepts from the EU General Data Protection Regulation (GDPR), with certain modifications suitable to the national perspective. Thus Lexology reports that “compliance with the GDPR does not necessarily mean compliance with the PDPA”. Key takeaways from the PDPA What is 'personal data'? The PDPA defines it broadly as “information relating to a person which is identifiable, directly or indirectly”. The Act…
