Mobile service providers in Thailand must comply with personal data law
The Personal Data Protection Act (PDPA) is set to come into force on Wednesday, June 1. The National Broadcasting and Telecommunications Commission (NBTC) has ordered all telecommunications companies to strictly comply with the PDPA.
Trairat Viriyasirikul, acting secretary general of the NBTC, said the regulator has completed drafting the necessary measures for telecom operators to protect their users’ rights to personal data and freedom of communication. The draft regulations are proposed to the NBTC Board for approval, after which they will be presented for a public hearing and then published in the Royal Gazette.
Meanwhile, major mobile operators have confirmed that they are fully prepared for the implementation of customer data protection and cybersecurity regulations.
Total Access Communications (DTAC) said it has established a user-friendly personal data policy, which outlines the means by which customers can monitor and control their personal information. The company said it collects, maintains and manages users’ personal information in accordance with the PDPA.
Advanced Info Service (AIS) meanwhile said it has analyzed, developed and improved compliance tools and procedures. It has also intensified its efforts to raise customer awareness of legislation, particularly in terms of rights and the protection of personal data.
In addition, AIS informed its mobile users, corporate customers, suppliers and business partners of key legal procedures and rules. These include the purpose of data collection and processing, restrictions on the use of personal data, data security measures and rights relating to personal data, and company contact details.
The PDPA was published in the Royal Gazette in May 2019, with a one-year adjustment period for stakeholders. Full implementation of the law was subsequently delayed twice due to the pandemic. (NNT)