Thailand has delayed the introduction of its data law by one year. Businesses will now have one more year to comply with a new personal data protection law, Reuters reports. The decision is due to the covid-19 crises which affected business’ preparation for implementation. The deadline to comply with the new law has now been set for end May 2021 from 27 May.
The Personal Data Protection Act became law in May 2019 with a one-year transition period. It is designed to follow the European Union’s General Data Protection Regulation, and includes clauses on consent and rights of data subjects as well as ways to prevent data abuse.
“Many organizations are facing difficulties during the pandemic, so they cannot fully adapt to comply with the law yet”, said Puttipong Punnakanta, Thailand’s Minister of Digital Economy and Society. “We also need more time to conduct stakeholder hearings in order to issue follow-up regulations, as that has been interrupted at this time”, Punnakanta added.
The law will apply not only to companies located in Thailand, but also those overseas which collect, use, or disclose personal data of subjects in the country, specifically for advertisements and “behavior monitoring”. The law already exempts national security and cybersecurity agencies, parliament and the senate, and credit information companies and their members, from compliance.
