The problem and present situation of privacy rights in the digital in Thailand.

By Chungtong Opassiriwit *



1. Present situation of privacy rights in Thailand.

For the past few years Thailand had been developed a lot of mechanisms or related laws to protect privacy rights of people such as :-


1.1 Constitution of the Kingdom of Thailand.

Thailand constitution enacted in 1997 has define principle to protect privacy of people and at the same time has define principle to protect people right to know. The principles are :-

- A person can invoke human dignity or exercise his or her rights and liberties in so far as it is not in violation of rights and liberties of other persons or contrary to this Constitution or good morals.

- A person, whose rights and liberties recognized by this Constitution are violated, can invoke the provisions of this Constitution to bring a lawsuit or to defend himself or herself in the court.

- A persons family right, dignity, reputation or the right of privacy shall be protected.

The assertion or circulation of a statement or picture in any manner whatsoever to the public, which violates or affects a person’s family rights, dignity, reputation or the right of privacy, shall not be made except for the case which is beneficial to the public.

- A persons shall enjoy the liberty of communication by lawful means.

The censorship, detention or disclosure of communication between persons including any other act disclosing a statement in the communication between persons shall not be made except by virtue of the provisions of the law specifically enacted for security of the State or maintaining public order or good morals.

- A persons shall have the right to get access to public information in possession of a State agency, State enterprise of local government organization, unless the disclosure of such information shall affect the security of the State, public safety or interests of other persons which shall be protected as provided by law.


1.2 The official Information Act. Of Thailand.

The Official Information Act. was enacted in 1997. This Act. had two objectives. The first objective is to provide principles and mechanisms to protect people right to know and stimulate the free-flow of information and people participation in public administration. The second objective is to provide principles and mechanisms to protect privacy of people which related to personal information controlled or kept within state agencies or state enterprises.

The principles of personal information protection or data protection which stated in the Official Information Act. had the same principles or the same standard as international standard but in still cover only the personal information which was kept by government agencies include provincial administration local administration and state enterprise.

The office of the official information commission has already provided the detail of the Official Information Act. (in English) in their Web site ( http://www.oic.go.th )

The Act. state that all the state agency shall take the following actions with regard to the provision of a personal information system.


(1.) Providing for a personal information system only insofar as it is relevant to and necessary for the achievement of the objectives of the operation of the state agency, and terminating the provision there of whenever it becomes unnecessary ;


(2.) Providing an appropriate security system for the personal information system in order to prevent improper use or any use to the prejudice of the person.


(3.) In the case where the information has directly been collected from the person who is the subject there of a state agency shall, in advance or simultaneously with the request there for, notify such person of the purpose for the use of the information, the ordinary nature of its use and whether such of making the request is one which the information may be given voluntarily or one which it must be given compulsorily under the law.


(4.) In the case where the personal information is dispatched to any place which, in consequence thereof, may become known to general members of the public, a State agency must notify the person who is the subject thereof, unless it is carried out in conformity with the ordinary nature of the use of the information.


(5.) A State agency shall not disclose personal information in its control to other state agencies or other persons without prior or immediate consent given in writing by the person who is the subject there of except for the disclosure in the following circumstances : (As mention by law)


(6.) In disclosing the personal information with out prior or immediate consent by the person who is the subject thereof, a list recording the disclosure shall be prepared and attached to such information.


(7.) A person shall have the right to get access to personal information relation to him. When such person makes a request in writing, the State agency in control of such information shall allow him or his authorized representative to inspect or obtain a copy of the same.


(8.) In the case where there exists a reasonable ground to disclose a medical report relating to any person, state officials may disclose it only to doctors entrusted by such person.


(9.) A person who considers that any part of personal in formation relating to him is incorrect shall have the right to make a request in writing to the State agency in control of such information to correct, alter of delete that part of information. The State agency shall consider therequest and notify its result to such person without delay.


(10.) In the case where the State agency fails to correct, alter or delete the information pursuant to the request, such person shall have the right to appeal to the Information Disclosure Tribunal within thirty days as from the date of the receipt of the notification of the order refusing to correct, alter or delete the same. In any case, the person who is the subject of the information shall have the right to require the State official to attach his request to the relevant part of the information.


1.3 In the year 2002 Thailand has also enact a law concerning with Privacy Protection. “The Credit Information Business Act.”

The purpose of this Act. Is to give the principles or direction for the business operator of the credit business and institutes concern such as Bank Finance Insurance company to do their business without harmful to the individual interests and Privacy. When looking into the detail of the principles of the Credit Information Business Act. You can say that they have the same basis or the same approach as the APEC Privacy Principles.


2. Future Development of Privacy rights in Thailand.

In the year 2005 the Government of Thailand has already agree to include The Personal Information or Privacy Protection Act. Which will Applied to private sector.

The office of the official information commission (OIC.) have already finished the first draft of the law. During the past two or three years OIC. and other minister concern had already organized series of seminars between public and Private Sector in order to view their opinion about the principles and detail of the draft law. The private sector had told us about problems and impacts that might be occur to their business if we introduce or implement some part of the draft law.

Since the APEC have already approve the APEC Privacy Framework, Thailand will use that Framework as guide to improve the draft law to meet the APEC Framework and Principles. We will hold a small group meeting with some private sectors concern. To solve some problems that are not clear in order to make sure that the draft law will be met the over all APEC Gold that is to protect information Privacy and maintain information law.

- The issues that were bought in to consideration by private sector are

(1.) Do we will apply the draft law immediately to all private sector at the same time

(2.) How can we educate the controller of private sectors.

(3.) How about the scope of consent Do will be applied during the collection stage or using stage.

(4.) How about the penalties that we will apply.


3. Problems and Solutions


3.1 Awareness of People

For the past few years there were more awareness or concern of public in Thailand about their privacy protection. There were a lot of opinions in newspapers about personal information and privacy protection. But it is still not enough to make sure that most of the people in the society are really aware of there privacy right especially officers both in public and private sectors whose work concern with other personal informations. Thailand still need to have more programs for educating people and officers in both public and private sectors about the personal information and privacy protection.


3.2 Privacy abuse in the internet

Thailand authorities and public are increasingly concern about abusement of people privacy in the internet. Police department and Technology department have established special unit to monitor and tackle the problems especially the abusement of children privacy. We still need to have programes to educate children to protect themself. Parents of children must be informed about the Probability of abusements so they can help making awareness in their children.