A new cybercrime law, which took effect on Sunday, will help manage cybercrime issues at their source by preventing personal data from being used in criminal activities, according to the Personal Data Protection Committee (PDPC).
PDPC secretary-general Pol Col Surapong Plengkham on Monday said that the Royal Decree on Measures for the Prevention and Suppression of Cybercrime BE 2568 (2025) has been published in the Royal Gazette.
One of its key components focuses on protecting personal data, both directly and indirectly, with harsh penalties for violators, including up to one year in prison and a fine of up to 100,000 baht for those who share data without permission.
Individuals engaged in purchasing or trading such information could be sentenced to up to five years in prison or fined 500,000 baht, or receive both penalties.
Police Colonel Surapong stated that this regulation represents a significant move to enhance and reinforce measures against cybercrimes at their origin by stopping personal information from being misused, especially by internet fraudsters and telemarketing criminal groups.
He added that the legislation extends to data related to deceased persons as well. Individuals engaging in or permitting the misuse of such data for criminal or tech-related offenses will be subject to legal consequences.
Police Colonel Surapong stated that the recent order strengthens the current Personal Data Protection Act (PDPA). This legislation aims to stop the abusive utilization of individual information.
He urged the public to avoid sharing sensitive information and to notify authorities if they suspected their personal information had been compromised or misused.
The commission has also established the PDPC Eagle Eye centre, which works alongside the Cyber Police’s Cyber Eye Centre, to monitor personal data breaches around the clock and swiftly enforce the law, he said.
Provided by SyndiGate Media Inc.
).
