The Experience of Singapore’s Personal Data Protection Act 2012: A Lesson Learned for Thailand

Abstract

                  The Personal Data Protection Act B.E. 2562 (2019) is a significant new law recently announced in Thailand. Several government agencies are required to prepare communications with the general public and the private sector about law-abiding requirements. Successful experiences in foreign nations may assist in Thailand’s preparation process. Among Asia’s leading precedents, Singapore promulgated the Personal Data Protection Act 2012 (The Act), passed by the Parliament of Singapore on 15 October 2012 and originally published on 20 November 2012, but all sections of which became effective only on 2 July 2014. The preparation period extended to 18 months, featuring many innovative activities including seminars for target groups, networking collaborations with trade and industry organizations, as well as publication in different types of public and private sector media about the Act.

                  Lessons learned from Singapore include that passing The Act regulated beneficial legal results as well as providing sufficient preparation time before the effective legal enforcement date occurred. Therefore, Thailand’s Office of the Personal Data Protection Commission (PDPC), with supervisory responsibility, must prepare plans in advance to support national enforcement of the Personal Data Protection Act B.E. 2562 (2019). These plans should include spreading accurate knowledge and understanding of the act, creating mutual acknowledgements in Thai society for the private and public sectors as well as the general public, that following these significant legal regulations is essential, along with building awareness of the importance of personal data through different communication channels.