THAILAND'S CYBERSECURITY ACT: 

DOs & DON'Ts

SEPTEMBER 2019

To accompany the Study on “Thailand’s Cybersecurity Act: Towards a human-centred Act, protecting online freedom and privacy, while tackling cyber threats” was developed as a guide to Thailand, its institutions, its private entities and its netizens, to contribute to a strong policy and streamlined process of implementation and monitoring of the National Cybersecurity Act in line with international human rights standards, Manushya Foundation also developed a summary on "Thailand's Cybersecurity Act: DOs & DON'Ts, Towards a Human centred Act protecting online freedom and privacy, while tackling cyber threats".

In this summary, DOs and DON'Ts of the following six challenges are explained:

  • CHALLENGE 1: Broad scope and definition using National security, economic security, martial security and public order in the implementation and monitoring of the Act;

  • CHALLENGE 2: Problematic substantive provisions and failure to define them in relation to Three Level of Cyber Threats (non- critical, critical and crisis threats);

  • CHALLENGE 3: Controversial control mechanisms (government bodies and agencies) under the Act: Top-down structure, broad powers given to authorities putting netizens under surveillance, lack of transparency and standards; 

  • CHALLENGE 4: Powerplay in the application of the Act: Control over Critical Information Infrastructures (CII) and reporting obligations placed on them; 

  • CHALLENGE 5: Absence of checks and balances: Cybersecurity Threats, lack of accountability and the use of the Court system; 

  • CHALLENGE 6: Failure to ensure remedies: Grievance redressal, imprisonment, fine and compensation.

DOs & DONT's - Thailand's Cybersecurity
sadsadsf
Cover DOs and DONTs TH.png