Bangkok (VNA) – The Personal Data Protection Committee (PDPC) of Thailand has announced a new cybercrime law that helps manage cybercrime issues at their source by preventing personal data from being used in criminal activities.
PDPC Secretary-General Pol Col Surapong Plengkham said on April 21 that the Royal Decree on Measures for the Prevention and Suppression of Cybercrime (2025) has been published in the Royal Gazette and took effect on April 13. The new decree reinforces the existing Personal Data Protection Act (PDPA), which is designed to prevent the malicious use of personal data.
One of its key components focuses on protecting personal data, with harsh penalties for violators, including up to one year in prison and a fine of up to 100,000 THB (over 3,000 USD) for those who share data without permission. Those involved in buying or selling such data will face up to five years' imprisonment or a fine of 500,000 THB or both.
The law also covers data belonging to deceased individuals, he said. Those who use or allow others to use information about deceased individuals to commit criminal or technological crimes will also face legal punishment.
The PDPC has established the Eagle Eye Centre, which works along with Thai law enforcement forces to monitor personal data breaches around the clock.
Pol Col Surapong Plengkham also urged the public to avoid sharing sensitive information and to notify authorities if they suspected their personal information had been compromised or misused./.