The Thai Parliament had on 28 Feb 2019 passed an act titled 'The Cybersecurity Act'.
This act apparently allows the government of Thailand to assert control over the usage and application of the Internet in Thailand.
Few interesting observations were noted based on the reports commenting on the passing of this Act:-
The Act encompasses all procedures from everyday encounters of slow internet connection to nationwide attacks on critical infrastructure
If a cybersecurity situation reached a critical level it allows the National Security Council (NSC) to override all procedures within its own laws
There is a National Cybersecurity Committee (NCSC) who under the Act can summon individuals for questioning and enter private property without a court order in case of actual or anticipated serious cyber threats
There is a Cybersecurity Regulating Committee (CSRC) who have powers to access computers data and networks, make copies of information and seize computers or any devices. The CSRC does not need a court order in cases if it is an emergency and a penalty will be imposed for non compliance to the actions/instructions by the CSRC
A Personal Data Protection Act (PDPA) was also approved. The PDPA apparently was modelled after the GDPR in EU
Back in February 2019, we wrote an article titled 'Cybersecurity Law - what do we understand’ in 2 parts.
The above interpretation (as in understanding the English language version of news report) of the Cybersecurity Act in Thailand is a clear example of what we said in our 2 articles posted.