Thailand Delays Data Protection Law Because of COVID-19

Written by: Richard Sheinis, Esq.

Thailand’s Personal Data Protection Act was passed in May 2019, and was scheduled to go into effect May 27, 2020.  The Act is very similar to the European Union’s General Data Protection Regulation.

Only a few days before the Act was to become effective, it was decided that 22 types of agencies and businesses would be exempt from compliance until May 2021.  The 22 types of businesses and agencies covers almost all businesses, effectively delaying any applicability of the law.

It was recognized that COVID-19 made it difficult for businesses to fully comply with the Act.  The Minister of Digital Economy and Society also stated that COVID-19 has interrupted the development of regulations that supplement the Act.

The Act, when effective, will apply to companies located in Thailand, as well as those in other countries that collect, use, or disclose personal data of persons in Thailand.