Hunton Andrews Kurth writes:
On February 28, 2019, Thailand’s National Legislative Assembly finally approved and endorsed the draft Personal Data Protection Act (the “PDPA”), which will now be submitted for royal endorsement and subsequent publication in the Government Gazette. Publication is anticipated to occur within the next few weeks.
The PDPA provides for a one-year grace period, such that the operative provisions concerning personal data protection, rights of data subjects, complaints, civil liabilities and penalties will take force one year after publication in the Government Gazette. The aim is to allow sufficient time for business operators to prepare and implement internal controls and systems for PDPA compliance.
Read more on Privacy & Information Security Law Blog.