Tag Archive: protection

  1. The Thai Personal Data Protection Act (PDPA)

    Leave a Comment

    The Thailand Personal Data Protection Act (PDPA) is the latest piece of legislation which offers data protection regulations against the misuse of personal data that has been collected from individuals in Thailand. The PDPA was greatly influenced by the European Union’s General Data Protection Regulation (GDPR) which set a new standard for data protection regulations around the world.

    Objectives of the PDPA

    • The objective of the PDPA is to protect all personal data, such as people’s educational background, financial status, health records, criminal records, work records and other personal data such as fingerprints, voice, identification card number or numerical data of other documents. The law prevents people from using this data for any kind of benefit without express consent from the data subject.

    The PDPA imposes penalties for non-compliance with administrative fines (up to THB 5 million), criminal penalties (imprisonment up to one year and/or fines up to THB 1 million), and punitive damages up to twice the amount of the actual damages.

    Could you or your business be subjected to the PDPA?

    If the answer to any of the following questions is yes, then your business is subjected to the rules set out in the PDPA.

    • Do you or your business process personal data?
    • Do you or your business monitor the behavior off individuals located in Thailand?
    • Do you or your business offer goods and services to people located in Thailand?

    A business falls under the scope of the PDPA if it collects personal data and offers and promotes its services to individuals located within Thailand.

    Note that according to the PDPA, the data collectors and processors do not need to be located within the kingdom of Thailand.

    Exemptions under PDPA

    • Data collected for private purposes
    • Data collected by government agencies related to national security, money laundering and cybersecurity
    • Medias subject to ethical standards and public interest purposes
    • Data collected by Members of Parliament and Judiciary
    • Data collected by credit bureaus

    The PDPA excludes 2 types of personal data namely, personal data of a deceased person, and business data such as contact details, and title or address of the business.

    Like the GDPR, the PDPA has an extraterritorial reach which means that even without having offices in the kingdom, companies offering goods and services to Thai data subjects or monitoring any behavior that takes place within Thailand will need to comply with the PDPA and appoint a representative within the kingdom. The representative is responsible for all acts done by the data collector and processors which they represent.

    Consent from the data owner

    • The PDPA states that data owners’ consent only be sought honestly, and in good faith. The PDPA also empowers data subjects to revoke their consent at any time, subject to the requirements of applicable laws and other agreements, but such revocation cannot affect the previous collection, usage, or disclosure of personal data that had been legally consented.
    • Data controllers have the obligation to ensure that proper security measures are implemented to protect personal data against loss, alteration, or modification. Data collectors would also be obligated to ensure that the data used or disclosed (when permissible) is correct, complete, and current.
    • If a data controller wishes to use or disclose personal data, it is necessary to seek the data owner’s consent in writing.
    • Subject to certain exceptions, it would also be necessary to seek consent in writing to transfer personal data overseas, and a process would be established for consideration of whether the intended recipient country’s personal data protection laws provide sufficient protection against the misuse of personal data.
    • Deemed consent (implied consent) is also applicable according to the PDPA. In situations where the data subjects have voluntarily submitted their information to the data controller. For example, if a person would like to subscribe to receive newsletters or updates via email, that person can opt-in by providing his or her email to data controller. By giving his or her email, it is deemed that that person would like to receive such newsletters or updates via email. If person no longer wishes to receive such updates, it is the duty of the data controller to provide a measure for unsubscribing (opt-out measure)

    In conclusion, the PDPA offers protection against the misuse of collected personal data from individuals in Thailand. It has an extraterritorial reach due to the fact that of data collectors and processors are outside the kingdom of Thailand, they have to appoint representatives within the kingdom, and those appointed representatives will be wholly responsible for the acts committed by the data collectors and processors. It also states that the data collectors and processors must receive consent from the data subject for them to use their personal data in any way. However, there are certain exceptions of some operations that do not require consent in the collecting and processing of personal data which are stipulated in Article 4 of the PDPA and are mentioned above.

    If you have any questions regarding the Thai Personal Data Protection Act, feel free to contact us at [email protected] or call us at +66 (0)2 117 9131-2.

  2. Update on Thai Labor Law Protection Act

    Kommentare deaktiviert für Update on Thai Labor Law Protection Act

    A new amendment for the Labor Law Protection Act has been announced in the Government Gazette on 5 April 2562 and the Act will come into force 30 days after its publication in the Gazette.

    The amendments introduce additional rights for employees, such as:

    • Increase of statutory severance pay for an employee who has worked for at least 20 years;
    • Employees are now entitled to personal leave of at least 3 days/year and will be paid during the leaving date;
    • Maternity leave increase from 90 days to 98 days and split the leave period to 2 periods:
      1. Prenatal period before the delivery date and;
      2. Maternity leave period.
    • Employers must pay up to 45 days during maternity leave;
    • Employers must pay wages, overtime payments, payments for working on holidays, and payments for working overtime on holidays, at the same rate for both male and female employees;
    • If it’s necessary for the employer to suspend the business, partially or as a whole, for any reason, the employer must pay the employee at least 75 percent of his or her usual daily wages throughout the suspension period.

    The above changes will certainly be welcomed by Thai employees.

  3. New Data Protection Laws in Europe – GDPR

    Kommentare deaktiviert für New Data Protection Laws in Europe – GDPR

    Effective since May 25th the new law on Data Protection “GDPR” improves consumer rights. But whom does it affect, what are the effects and how to comply with the new regulation?

    GDPR was already approved in April 2016 by the EU Parliament after an extended period of preparation. It replaces the Data Protection Directive 95/46/EC and includes heavy fines for those, who do not comply with the new data protection standards.

    The new regulation protects the data privacy of all EU citizens and strengthens consumer’s rights. Key changes range from an extended jurisdiction of the GDPR to the obligation of appointing a Data Protection Officer. It affects companies all over the world that process data of EU citizens.
    To comply with the new regulations the companies have to implement a privacy statement on their website preferably as an own and visible menu option true to the motto “Privacy by Design”.

    Companies must especially pay attention to publications like newsletters. From now on, the operator has to expressly request the consumer’s consent. Tacit consent is not sufficient anymore the consumer has to agree actively on the data processing for example by clicking a checkbox on the website. Pre-checked boxes are not valid. Furthermore, there must be the option to withdraw the consent anytime and without difficulty. This can be achieved with an opt-out in each newsletter. Moreover, the operator has to record the consent. The easiest way is to set a double-opt-in, so that the consumer has to confirm the subscription. Since the GDPR also applies to subscriptions that were conducted prior to the effective date the consent must be recollected.

    The fine for not complying with the GDPR is legally determined: up to 20 Mio Euro or 4% of the worldwide turnover. The higher amount will be charged.

  4. Data Protection in Thailand

    Kommentare deaktiviert für Data Protection in Thailand

    While globalization has entailed a series of policy convergence across the globe, one area that has not been smoothly integrated is that of data protection. The Western concept of privacy signifies individualism, liberalism, public-private divide, and the rule of law, all of which underpin liberal democracy widely espoused in the West, but not so in other regions of the world including Asia.

     

    Such notions are simply not present in the context of Thailand, a Southeast Asian nation with an extensive history of state surveillance. From the ancient to the modern period, extensive collection of people’s personal information has been a long-standing practice. Ancient Siamese states collected personal information of their commoners’ population through registration rolls and a coded wrist-tattooing system. In the modern era, the state keeps its population under bureaucratic surveillance through citizen ID cards, household registration passbooks, social welfare cards, and so forth. And Thailand so far has not enacted any specific statutory law governing the handling and protection of personal data.

     

    Currently, general principles dealing with the protection of personal data are scattered over many laws (including, amongst others, the Constitution of the Kingdom of Thailand, the Civil & Commercial Code, the Penal Code, the Telecommunication Business Act, the Financial Institutions Act, and the National Health Security Act). Such laws do not offer comprehensive protection and apply only to specific situations and industries. Further, the Official Information Act sets out restrictions on the collection, use or disclosure of personal data maintained by the government only.

     

    Without clear regulations in place, there is much uncertainty among private businesses on their obligations on handling personal data of their customers, clients, employees, etc.

     

    1.The Proposed Personal Data Protection Act

     

    Aiming to end this situation a Personal Data Protection Act was drawn up several years ago, but so far still has not been passed into law. With the Cabinet now having approved this bill in principle, there is speculation that Thailand will one day have proper regulations in place governing this important issue. However, it is still unclear if and when the proposed bill will eventually be enacted as binding law.

     

    If the Personal Data Protection Act became law in the form as it currently is, a data controller would need to comply with the following:

    • Unless permitted by law, the collection, usage or disclosure of personal data without the consent from the data subject is prohibited;
    • A data controller must inform the data subject on the purpose for which the respective personal data is collected and obtain the data subject’s consent. Collected personal data can be used or disclosed for the approved purposes only;
    • If a data controller intends to use or disclose personal data beyond the purpose for which consent has been obtained, he will need to inform the data subject and obtain additional consent;
    • The collection of sensitive data (e.g. data related to sexual conduct, criminal history, health, national origin, race, political opinions or religious beliefs) is only permitted within the strict limitations of the law;
    • Except where the data subject expressly consented otherwise, any processing of personal data for marketing purposes is not permitted;
    • Measures must be implemented to ensure that collected personal data is protected against loss, alteration and modification;
    • A Personal Data Protection Committee would be established and hear any claim lodged by a data subject concerning the abuse of personal data; and
    • Violations would be punishable under criminal law and permit the data subject to claim for damages.

    The Personal Data Protection Act, if passed into law, will provide higher standards for the protection of personal data.

     

    Please see some specific issues related to data protection as follows:

    a) Electronic Marketing

    Currently, there is no particular law that restricts the use of personal data for electronic marketing. The availability of an option for opt-in and opt-out is just the practice as a norm and not yet the law.

    b) Online Privacy (including cookies and location data)

    Presently, there is no provision under the relevant laws and the Draft that specifically prohibits or regulates the placing of cookies on users‘ computers.

     

    Although there are provisions under the Computer Crime Act B.E. 2550 (2007), imposing punishments for specific computer data alterations, the computer cookies or location tracing mechanisms are excluded as they do not cause any of the above alterations on computers.

     

  5. Purchaser Protection under the Thai Land Development Act

    Kommentare deaktiviert für Purchaser Protection under the Thai Land Development Act

    It is a rather unknown fact among foreign property purchasers, in particular in tourist resort destinations in southern Thailand, that Thai property law sets forth a strict regime for development of real estate projects. One significant piece of legislation in this context is the Land Development Act, B.E. 2543 (2000) (hereinafter referred to as “LDA”).

    1. The “Development License”

    The LDA requires any real estate development in Thailand comprising ten or more units to obtain a development license. This license will be granted if certain required standards are met by the project and it may contain detailed and specific conditions for the development of the project.

    The LDA provides purchasers of property in Thailand with a certain minimum level of legal protection. In order to take the full advantage of this protection, prior to a property purchase from a licensed development, the development license should be compared with following important documents:

    1. the brochure and other marketing material provided by the developer (the land developer can advertise its project before obtaining the land development license from the Land Development Commission),
    2. the land and house purchase agreements and
    3. the development plan.

     

    1. Specific procedure for legal disputes

    In our experience, legal disputes frequently occur when a land developer breaches the contract and/or does not follow his own development plan. For this case the LDA provides protection for purchasers, if the correct legal procedure is considered. The LDA applies for both individuals and juristic persons. If there are any problems with a land developer, purchasers may file a complaint with the Land Development Commission in accordance with LDA Section 52.

    This legal procedure is a very efficient means of dispute resolution.

    1. The “Developed Estate Juristic Person”

    From the beginning to the completion of a real estate development project, the LDA sets forth procedures related to the development of the land. For instance, the land developer has the responsibility to maintain public facilities and public services until the so-called “Developed Estate Juristic Person” has been established to take over the responsibility for the maintenance. We note that

    1. the public facilities provided by the land developer for the purposes of the land development in accordance with the approved map and project (such as the road, park or children playground) shall be subject to a servitude in the interest of each unit in the development. In this regard, the land developer shall have the duty to maintain such public facilities to be in the original condition and shall refrain from doing any act which may adversely affect the servitude or make it less convenient.
    2. the land developer shall conduct maintenance of the public facilities in the project for a period of at least 1 year as from the date of completion of the construction of the public facilities within the project.
    3. the land developer shall cause a bank or a financial institution to conclude a guarantee with the Commission with regards to the maintenance of public facilities which have been provided by the land developer and remain within the responsibility of the land developer to maintain.
    4. according to LDA Section 41, the land developer shall be discharged from the duty to maintain the public facilities if the purchasers of developed land of not less than half of the sub-lots in the project map have established a developed estate juristic entity under the LDA (or a juristic person under other law for the purpose of taking the transfer of such property for its operation and maintenance) within the notice period specified by the land developer, which shall be not less than 180 days from the date of the receipt of the notification by the land developer. If the purchasers cannot establish a developed estate juristic entity on time, the land developer may
    • obtain an approval from the Commission to carry out any particular act for the purpose of maintaining the public facilities or
    • register the transfer of such property to be a property for public use.

    According to LDA Section 44 (1), it is not allowed that the purchasers of developed land of not less than half of the sub-lots in the map under the project establish the developed estate juristic person while the land developer still has the responsibility of maintenance of public facilities. In case that the purchasers of developed land represent less than half of the sub-lots, they do not have the right to establish the developed juristic person in any event.

    The purchasers should be aware that their right to establish the developed juristic person will permanently expire if they do not establish the developed juristic person on time. But it is highly recommended that the purchasers establish the developed juristic person to maintain the public facilities by themselves as it is very helpful and beneficial for their community.

    The establishment of the developed juristic person by the purchasers has following legal effect:

     

    1. For the land developer:
    • Release from the duty to maintain the public facilities
    • He becomes a member of the juristic person for the unsold plots
    1. For the purchasers (both the agreeing and disagreeing voters):
    • They become members of the juristic person
    1. For the juristic person:
    • It has the legal status of a ‘juristic person’
    • It has ‘the juristic person committee’ to act on its behalf according to the law;
    • The ‘juristic person committee’ represents the juristic person in dealings with third parties.
    1. Mandatory terms and conditions of purchase contracts

    The LDA interestingly stipulates very strict requirements for land and house purchase agreements between the land developer and purchasers. A house purchase agreement must be in accordance with the standard contract prescribed by the LDA in order to protect purchasers. There are two versions of this standard contract:

    1. For purchase of land with building and
    2. For purchase of only land.

     

    Any terms and conditions of the contract that has actually been entered into between land developer and purchaser are deemed invalid if they are in contravention to the standard contract.

    As part of the standard due diligence prior to the property acquisition, we further recommend a thorough review of the land title deed (and the title history according to the registry at the land office), building permit, construction agreement and invoices / receipts for payments to the land developer or contractor. In a professionally managed development all such documents should be in line with pertinent laws and available for review to the purchaser.

    1. Legal framework for property purchaser protection in Thailand

    It is important to note that the aforementioned protection by the LDA applies fully only in the case of outright purchases of property, not in the cases of long term leases, such as 30 year leases, which are frequently used to legally structure property acquisitions by foreigners.

    However, further to the LDA there are various laws and procedures in place in Thailand that aim to protect the rights of real estate purchasers. For instance, according to the Consumer Protection Law B.E. 2541 (1998), a land developer may be held accountable for the information provided in marketing material. Furthermore, the Condominium Act, 1979, B.E. 2522 provides a standard condominium unit sale and purchase agreement which is comparable to the aforementioned standard contracts under the Land Development Act. And an Announcement of the Consumer Protection Board regarding Section 35 (2) Consumer Protection Act, dated as of 15 September 2000, stipulates detailed contract terms for condominium unit purchases.

    This article is intended for general guidance only. It should not be relied upon as legal advice. 

  6. Islands get ecozone protection

    Kommentare deaktiviert für Islands get ecozone protection

    New ‚green‘ rules to limit Samui projects

    The Office of Natural Resources and Environmental Policy and Planning (Onep) has declared Koh Samui, Koh Tao and Koh Phangan districts in Surat Thani province part of an environmentally protected zone…

    Source : Bangkok Post (See more…

  7. Purchaser Protection under the Land Development Act

    Kommentare deaktiviert für Purchaser Protection under the Land Development Act

    It is a rather unknown fact among foreign property purchasers, in particular in tourist resort destinations in southern Thailand, that Thai property law sets forth a strict regime for development of real estate projects.

    (mehr …)

© 2020 FRANK Legal & Tax - Alle Rechte vorbehalten | Datenschutz |