Asia Business Law Journal reports:
Thailand’s major data privacy law is the Personal Data Protection Act (PDPA), which was passed as a law in 2019 and became fully effective in June 2022.
It sets out the key principles on personal data processing and the appointment of the Personal Data Protection Committee (PDPC) as the regulatory authority in charge. The PDPC is empowered to: implement and enforce the PDPA; issue its implementation rules and regulations; establish policies and directions for personal data protection; conduct investigations in response to complaints; and issue enforcement orders against data controllers and data processors violating the PDPA.
As of November 2023, the PDPC had issued 21 implementation rules, regulations and guidelines under the PDPA.
Read more at Asia Business Law Journal. The journal has similar helpful write-ups on Japan and Philippines.