Personal Data Protection Act Postpone Decree
A royal decree drafted to postpone the enforcement of most sections in Personal Data Protection Act (PDPA) by a year will be tabled before the cabinet for approval next week, in order to lessen an impact due to Covid-19 pandemic.
The PDPA was published in the Royal Gazette in May last year, but comes into force on May 27 after a one-year grace period.
Putchapong Nodthaisong, deputy permanent secretary for DES, said the ministry will ask the cabinet on Tuesday to approve the decree.
The legislation will defer most of the chapters in the PDPA act, except for chapters 1 and 4, which involve the appointment of the members sitting in the Personal Data Protection Committee and the establishment of the Office of the Personal Data Protection Committee.
Members for the PDPA Committee have been appointed, but they still require cabinet approval. The first meeting of the PDPA committee is expected to be by this June.
The committee will have to set up a sub-panel to iron out related standards and other regulations, expected to be wrapped up one year after the PDPA committee is formed.
Meanwhile, the DES Ministry has been allocated some 40 million baht for working on the related drafts and regulations within one year. The urgent issue will be the regulations that impact the private sector so that it can be a framework prior to the enforcement of the law.
He said the deferral would lessen burden of entrepreneurs, especially among small and medium-sized enterprises that might not be prepared for the legislation. Major enterprises and SET-listed companies are mostly aware of the law.
SMEs should get ready because the act is involved with people, process and technology and every single step is time consuming including a consent platform, data protection security, access control, data protection officer and workforce in legislation, IT and human resource.
Pan-Arj Chairatana, Executive Director of National Innovation Agency (Public Organization) said the deferral of the royal decree drafted enforcement is highly recommended otherwise it will cause a great impact to startup and SMEs.