The military-appointed National Legislative Assembly (NLA) has done a disservice to the people by passing the cybersecurity bill on Thursday, despite concerns over its threats to personal and corporate data privacy.
Once the bill becomes law when published in the Royal Gazette, it will give the authorities sweeping access to people's information and -- can be, and will likely be -- weaponised by authorities as a tool to curb freedom of expression to serve the powers-that-be.
The cybersecurity bill's intended objective is to prevent and tackle computer hacking, virus attacks or other threats that will damage computer systems and disrupt public infrastructures and government services.
Thailand needs a law that serves such a purpose. But the bill has a hidden agenda. The NLA added a broad and vague provision under Section 59 that widens its scope to cover "cyber threats that affect or may affect public order or national security". This leaves room for interpretation for law enforcement officers who can claim certain personal communications and information are deemed hostile to the government under this category and subsequently take action.
This type of abuse is likely to be made in retaliation to political dissidents and activists much like how the Computer Crime Act (CCA) has been misused.
Passed by lawmakers of the 2006 coup, the CCA was revised by the current NLA in 2016 to fix Section 14 which criminalises entering of "false or distorted information into computers". The revision was made to explicitly exclude offences under the defamation criminal law from the CCA.
For the revised CCA to serve its intended purpose, this section should have been used to tackle phishing or internet fraud. But its language is still vague, paving the way for authorities to abuse it to file criminal charges against those who criticised the regime or shared political information online over the past few years.
The cybersecurity bill will only add salt to the wound and push Thailand ever closer to a police state.
It will establish a new government agency, the National Cybersecurity Commission (NCSC), chaired by the prime minister. The law will allow the NCSC to instruct authorities to seek real-time access of personal or corporate information, order the removal of content, or seize, search, infiltrate and make copies of computers, computer systems and information on computers. All of these can be done without a court warrant if they see it as a high-level security threat.
Computer data sought under the enforcement of the cybersecurity bill can also be used for other offences covered by other laws. In the case of high-level threats, authorities can even order anyone to provide it with additional information.
Given that both the CCA and the cybersecurity bill were pushed and passed by the lawmakers serving the coup regimes, it is not beyond doubt that their hidden agenda is to curb free speech, enforce surveillance on citizens and retaliate against activists.
The CCA and the cyber bill will not benefit the Thai people but the government. Thailand in the digital era should not and must not tolerate these ills. After the general election on March 24, a new government and a group of legislators must realise that they are duty bound to serve the people by removing the threats to free speech and privacy embedded in the two laws.