Most parts of PDPA to be deferred by a year

Most parts of PDPA to be deferred by a year

Cabinet endorses royal decree on delay

Digital Economy and Society Minister Buddhipongse Punnakanta
Digital Economy and Society Minister Buddhipongse Punnakanta

The cabinet has agreed to postpone the enforcement of most chapters of the Personal Data Protection Act (PDPA) by a year to give the public and private sectors time to prepare their internal processes and ease the financial burden they are shouldering during the coronavirus pandemic.

A royal decree seeking deferral of enforcement was approved at Tuesday's cabinet meeting.

To fully comply with the PDPA, businesses and related parties that are processing the personal information of employees, partners and co-operators may need a huge budget and seek personnel to deal with related issues in connection with the act, according to Digital Economy and Society Minister Buddhipongse Punnakanta.

Since the start of 2020, the pandemic has hampered all organisations, especially private businesses, which are struggling to collect revenue and make investments, he said.

The PDPA, which has seven chapters and 96 sections, was published in the Royal Gazette in May 2019. It was due to be enforced on May 27 following a one-year grace period.

Once implemented, the PDPA is expected to change the landscape of personal data protection in Thailand.

The legislation mandates that data controllers and processors who use personal data must receive consent from data owners and use it only for expressed purposes.

Suspended from the enforcement by a year are Chapter 2 involving the protection of personal data, Chapter 3 related to the use or disclosure of personal data, Chapter 5 linked with complaints, Chapter 6 associated with civil liability and Chapter 7 concerning penalties.

Also suspended is Section 95 of the transitional provision, which involves personal data collected before the act took effect.

Mr Buddhipongse said Sections 1-7 and 91-94, as well as Chapters 1 and 4, have been enforced since May 28 last year.

To comply with the act, organisations of all sizes must improve their procedures and information systems, he said.

They will have to hire people or juristic persons to look after the personal data protection and improve the system to protect transmission of data overseas.

Violators face imprisonment of up to one year or a maximum fine of 500,000 baht.

"The government and prime minister are aware of all limitation of the implementation of the act through hearings from associations of related business sectors," Mr Buddhipongse said.


Do you like the content of this article?
COMMENT (4)

Zaniolo goal earns Roma first Europa Conference League title

TIRANA: Nicolo Zaniolo's goal earned AS Roma a first major European title in more than 60 years after a 1-0 win over Feyenoord in the Europa Conference League final in Albania on Wednesday, completing a unique European trophy haul for Jose Mourinho.

07:53

4,924 new Covid cases, 37 more deaths

The country registered 37 more Covid-19 fatalities and 4,924 new cases during the previous 24 hours, the Public Health Ministry announced on Thursday morning.

07:49

Real Madrid remain Europe's most valuable football club

PARIS: Real Madrid remain Europe's most valuable football club despite the ever-increasing dominance of the English Premier League, according to a report published Thursday by analysts Football Benchmark.

07:45