The The Personal Data Protection Act B.E. 2562 (2019) of Thailand, effective from 1 June 2022. It is the country’s first comprehensive data protection legislation. is Thailand’s first Any law, statute, declaration, decree, directive, legislative enactment, order, ordinance, regulation, rule or other binding restriction (as amended, consolidated or re-enacted from time to time) that relates to the protection of individuals with regards to the Processing of personal data., effective from 1 June 2022. As a new legislation, it brought significant changes for organisations operating in Thailand and reflects the ongoing global trend towards implementing stronger data protection measures.
Many of the provisions and obligations are influenced by the EU’s Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). (GDPR), with similar key definitions and principles. However, there are also certain differences.
In this blog, we compare the similarities and differences of these laws, exploring the nuances of key areas. Organisations operating in both jurisdictions must understand these nuances to ensure data protection compliance and avoid potential penalties.
Thailand does not currently have an adequacy agreement with the EU. However, the adoption of the PDPA could be seen as a step towards aligning their data protection standards with those of the EU, potentially paving the way for such an agreement in the future.
Identifying challenges, elevating trust: Thailand’s new PDPA meets the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data (General Data Protection Regulation).
The DPO Centre and DBC Group presented an exclusive webinar on 11 October 2023, exploring the similarities and differences between the two regulations, along with a discussion about some of the challenges organisations might have when operating across multiple jurisdictions.
See also our useful infographic overview.
We have worked with over 800 clients globally across the spectrum of industry sectors, supporting their data protection compliance and bringing peace of mind.
If you’d like to discuss how we can help your company, please contact us by filling in the form below.
For more news and insights about data protection follow The DPO Centre on LinkedIn
Fill in your details below and we’ll get back to you as soon as possible