Thailand passes internet security law decried as 'cyber
martial law'
Send a link to a friend
 [February 28, 2019]
By Patpicha Tanakasempipat
BANGKOK (Reuters) - Thailand's
military-appointed parliament on Thursday passed a controversial
cybersecurity law that gives sweeping powers to state cyber agencies,
despite concerns from businesses and activists over judicial oversight
and potential abuse of power.
The Cybersecurity Act, approved unanimously, is the latest in a wave of
new laws in Asian countries that assert government control over the
internet.
Civil liberties advocates, internet companies and business groups have
protested the legislation, saying it would sacrifice privacy and the
rule of law, and warning compliance burdens could drive foreign
businesses out of Thailand.
The military government has pushed for several laws it said would
support the country's digital economy, including an amendment to the
Computer Crime Act in 2017, which has been used to crack down on
dissent.
Internet freedom activists have called the legislation a "cyber martial
law," as it encompasses all procedures from everyday encounters of slow
internet connections to nationwide attacks on critical infrastructure.
If a cybersecurity situation reached a critical level, the legislation
allows the military-led National Security Council to override all
procedures with its own law.
"Despite some wording improvements, the contentious issues are all still
there," Arthit Suriyawongkul, an advocate with the Thai Netizen Network,
told Reuters.
The law allows the National Cybersecurity Committee (NCSC) to summon
individuals for questioning and enter private property without court
orders in case of actual or anticipated "serious cyber threats."
An additional Cybersecurity Regulating Committee will have sweeping
powers to access computer data and networks, make copies of information,
and seize computers or any devices.
[to top of second column] |
An employee works inside a server room at a company in Bangkok,
Thailand, November 22, 2016. REUTERS/Athit Perawongmetha
Court warrants are not required for those actions in "emergency cases," and
criminal penalties will be imposed for those who do not comply with orders.
Thailand's military government already censors the internet and often casts
criticism as a threat to national security.
DATA PROTECTION
Legislators also unanimously passed the Personal Data Protection Act, intended
to imitate the European Union's General Data Protection Regulation (GDPR).
The legislation does not require international firms to store data locally, but
businesses have raised concerns about its territorial applicability.
The data protection law, effective after a one-year transition period, will
apply not only to companies located in Thailand, but also overseas companies
which collect, use, or disclose personal data of subjects in Thailand,
specifically for advertisements and "behavior monitoring."
"It is unrealistic for any one regime to aspire to centralize the delivery of
privacy protections for the entire world in just one regulator," said Asia
Internet Coalition (AIC), a Singapore-based group which represents U.S. giants
Google, Apple, Facebook and Amazon and seven other major internet companies.
Supporters of the laws hailed them as long overdue.
"The two laws are crucial to help Thailand keep up with neighbors and the
world," said Saowanee Suwannacheep, a chairman of the ad-hoc parliamentary
committee that worked on the legislation.
(Reporting by Patpicha Tanakasempipat; editing by Darren Schuettler)
[© 2019 Thomson Reuters. All rights
reserved.] Copyright 2019 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
 |
