TMT

Thailand’s PDPA: Enforcement in Action and Cross-Border Data Transfers

Thailand’s Personal Data Protection Act (PDPA), enforced since June 2022, demands robust compliance to avoid fines exceeding THB 21.5 million. The PDPC penalizes weak governance, inadequate security, and delayed breach responses. Key steps include appointing Data Protection Officers, implementing encryption, and ensuring 72-hour breach reporting. The PDPA’s cross-border data transfer rules, clarified in 2023, require Standard Contractual Clauses or Binding Corporate Rules for compliance. Adhering to PDPA not only mitigates penalties but boosts consumer trust by 15% and market access by 10%, offering strategic business advantages.
Read More

Read More »

Partner-Market Partnerships: Foreign Telcos and Type I Licensing in Thailand

Thailand’s Type 1 license regime presents two contrasting stories: on one hand, the fall of many domestic retail MVNOs (see https://fosrlaw.com/2025/thailand-mvno-type-1-license-challenges/); on the other, the steady, behind-the-scenes activity of foreign operators working through partner-market agreements. Our accompanying articles help explain these different paths, showing why local MVNOs faced challenges while foreign carriers continue to use Type 1 licensing to support enterprises. … Read More

Read More »