Thailand's Internet Law Begins Aug. 23 Requires User Tracking

[sriracha john]

I agree it's a stupid law, but it doesn't apply to home usage as I understand it from the television news that discussed it at length. I'll see if I can find an additional article that clarifies that it is for businesses.

It WILL later if the PAD and/or other advocates of Confucian philosophical "morals" have anything to say/rally regarding the issue.

PAD?

PAD didn't come up with this law. This bananarama is the government's plan to implement the Big Brother program. That's the same government that the PAD has been protesting against.

[jfchandler]

I love Thailand... I love everyone and everything in Thailand... And I never have a bad word to say about anyone anywhere in Thailand.

And don't anyone ever say I said anything different...

In fact, maybe, I love a few too many "everyone's" in Thailand... But that's a different subject...

In any event... I feel safe and protected now... Mods... please save a good copy of this "Internet data" for the required 90 days...

[whatsoever]

I love Thailand... I love everyone and everything in Thailand... And I never have a bad word to say about anyone anywhere in Thailand.

And don't anyone ever say I said anything different...

In fact, maybe, I love a few too many "everyone's" in Thailand... But that's a different subject...

In any event... I feel safe and protected now... Mods... please save a good copy of this "Internet data" for the required 90 days...

Listen up, dim witted mothers - the (powers that be) know exactly where you are according to your IP address - FACT. Your IP address is the same as your telephone number. Thats why i always post from a proxy acount

[gunnyd]

Cyber offences, ranging from email forwarding of pornographic pictures to posting libellous messages on forums, are on the rise, Pol Col Yannapol said, but police agencies find it hard to gather the evidence to bring the perpetrators to justice.

I thought 99% of the purpose of posting on forums was so you could leave LIBELLOUS MESSAGES

What are they gonna do jail most of the TV members that live in LOS? Most of what we do here is complain about things and flame one another.

[ourmaninbangers]

Interesting to see suggestions of using secondhand sims etc.

One of the methods used recently by the security agency in a certain country to track and catch hundreds of deviants aka terrorists was to allow a batch of unregistered sim cards to be sold under the counter. Each sim was then location tracked and all communication recorded.

Hiding isn't as easy as we think.

..or as hard. One has to study- most crooks do not. To trace and track all those sim would take immense manhours.

One could switch , and change, call neutral numbers.

One idea I had to prevent all this big bother nonsense is to advocate a policy where all people who wish to derail this sort of thing include key words such as heroin, al- qaeda, osaman bin latley- in all mails/communcation to everyone, even to their mother in law.

This would totally overload the listening in systems, if they,re as advanced as some books say, they just could,nt handle it.

They would have to think about new ways off conducting their business without the indiscrimitory listening in on private calls, emails

[Crushdepth]

Cyber offences, ranging from email forwarding of pornographic pictures to posting libellous messages on forums, are on the rise, Pol Col Yannapol said, but police agencies find it hard to gather the evidence to bring the perpetrators to justice.

Apparently the police have solved every other crime in Thailand and now need something to do. If this is their idea of 'computer crime' then Thailand must be like Hacker Heaven.

Have we still got time for a crackdown this morning?

[12DrinkMore]

Apparently the police have solved every other crime in Thailand and now need something to do. If this is their idea of 'computer crime' then Thailand must be like Hacker Heaven.

They haven't found the thief who nicked my dvd player, amongst other assorted household items. Maybe he didn't organised it through the internet or use a mobile phone, otherwise they could have traced his ip-address.

Have we still got time for a crackdown this morning?

Hey bro, you wanna keep those habbits quiet. Never know who's looking through dem der logs.

[Tung_Thaid]

Bangkok Post 15th August. Business Section. http://www.bangkokpost.net/150808_Business...g2008_biz51.php

Cyber crime: Big Brother is watching

TILLEKE & GIBBINS

On July 19, 2007, Thailand's new Computer Crimes Act (CCA) took effect. CCA Section 26 made data retention mandatory for all service providers, who would be required to keep records of their users' e-mail, chat, internet usage and personal identification for a minimum of 90 days. The details of this mandatory data retention were left to the Information and Communication Technology (ICT) Ministry.

On Aug 23, 2007, the ICT Ministry issued a Notification detailing the data records to be retained as well as explaining which service providers are affected. The requirements will become universally effective on Aug 24, 2008.

Under the CCA, Section 3 and the Notification, a service provider is defined as either (a) a person who provides internet access or computer communications to other persons, or ( a person who provides data storage services to another person.

At first blush, the definition of service provider appears intended to apply to operators of internet or e-mail services to third parties. However, the ministry is taking a very broad interpretation of the phrase "other persons" to include services rendered by an operator to its own staff/representatives.

Based on such interpretation, the ministry is stating that all entities within Thailand that offer internet access, computer communication, or data storage to their staff fall within the CCA's data retention requirements. This is to say that nearly any party that uses a computer is required to log all data traffic and maintain personal data identifying users for 90 days or be subject to a criminal fine of up to 500,000 baht. Yet there is no similar requirement under Thai law for private operators to maintain logs of telephone or facsimile usage.

Due to the ministry's expanded interpretation of service providers, many people may still believe that the data retention requirements apply only to public service providers. This may prove to be a costly error.

Section 29 of the Constitution requires that any newly enacted laws that restrict the rights and liberties of persons must be of general application and contain a reference to the relevant provision of the Constitution. By way of example, the recently enacted Life Insurance Act No. 2 (2008) clearly provides in its introduction that it limits personal rights and freedoms allowed by Sections 29, 34, 41, 43 and 45 of the Constitution of Thailand. The CCA has no such provision.

In the Constitution Court Ruling No. 13-14/2541 (1998), a proposed draft of the State Enterprises Labour Relations Act was determined to be invalid because it failed to provide a similar reference in limiting personal rights protected by the Constitution. Here, a legal question exists whether the CCA also limits the privacy rights of persons under the Constitution. However, the broad interpretation assigned to it by the ICT Ministry makes the potential intrusion into personal privacy significant and thus more likely to be subject to allegations of being unconstitutional.

Under US, UK and EU laws, there is no enforcement of data retention to the extent suggested by the ICT Ministry's new Notification. Current US law only provides for data preservation as opposed to data retention. This means that ISPs need only preserve data once they have been formally requested to do so by government enforcement authorities in a particular investigation. The US has no universal requirement for all operators to maintain such records. Attempts to introduce mandatory data retention laws in the US have been opposed by public advocates who fear government invasion of privacy.

Even under EU and UK laws where data retention is mandated, such laws are limited to public service providers only, i.e. entities that provide services to the general public, and not to every entity that uses the internet or provides e-mail in its business operations.

It is also noteworthy that the CCA provides expressly in Section 17 that the law has extraterritorial application to (a) any Thai citizen operating outside Thailand, and ( any non-Thai citizen who operates outside of Thailand but whose conduct affects either the Thai government or any person within Thailand. By implication therefore, even foreign operators that are subject to the CCA by virtue of its extraterritorial application are equally liable to the ICT Ministry's expansive data retention requirements.

In sum, if the ministry enforces the data retention requirements as it intends, Thailand will have one of the most expansive mandatory data retention requirements in the entire world.

Written by John Fotiadis, Consultant, and Yingyong Karnchanapayap, Attorney, Commercial Department, Tilleke & Gibbins International Ltd. Please send comments or suggestions to Marilyn Tinnakul at (email address removed from this post)

Edited August 15, 2008 by Tung_Thaid

[sriracha john]

Cyber crime: Big Brother is watching

In sum, if the ministry enforces the data retention requirements as it intends, Thailand will have one of the most expansive mandatory data retention requirements in the entire world.

Thailand... the hub of privacy rights....

btw, thank you for posting. It helps to clear up a number of misunderstandings.

[Crushdepth]

Leaving aside the abjectly hopeless prospects of this legislation ever being implemented, who has a right to ask for the 'internet traffic data'? Can the regular police just walk in and demand a copy anytime they like, or do they need some kind of court order? Can other government officials (eg. ICT ministry people) just wander in and demand it?

Anyone has some practical advice on how to capture and store all of the traffic? (Purely out of academic interest).

[Thai at Heart]

Leaving aside the abjectly hopeless prospects of this legislation ever being implemented, who has a right to ask for the 'internet traffic data'? Can the regular police just walk in and demand a copy anytime they like, or do they need some kind of court order? Can other government officials (eg. ICT ministry people) just wander in and demand it?

Anyone has some practical advice on how to capture and store all of the traffic? (Purely out of academic interest).

The sheer volume of data that TOT would have to provide would be frightening. The original issue was about tracking down people who had put statements that could be construed as lese majeste on the net. However, this may also spread to libel (a crimminal offence in Thailand) which will inevitable lead to a complete inundation of libel cases. Wait for the crackdown on blogs coming up soon.

According to the press, these are some of the most draconian internet supervisory laws in the world, which would tend to suggest that they are completely impractical to enforce, but indeed represent a massive hindrance to civil liberties. There is no anonymity left.

[Crushdepth]

According to the press, these are some of the most draconian internet supervisory laws in the world, which would tend to suggest that they are completely impractical to enforce, but indeed represent a massive hindrance to civil liberties. There is no anonymity left.

Yes I can just imagine the reaction at work...by the way I am going to record ALL of your email and chat sessions including to your many and varied mistresses (no shortage of those) and I will give them over to any government body that cares to ask because they are now a matter of public record as far as the government is concerned. I humbly recommend that either you cease communicating with said mistresses via work facilities or that you simply stop shagging your colleagues altogether in order to avoid embarrassment and suspicion when you promote them for excellent...performance. And you better stop bagging out the boss...

[12DrinkMore]

A thought has just flashed into mind, this could be a really good one

Spread the information to all the bar girls scamming their numerous boyfriends for cash that the Thai Government is now logging all their emails, sms messages and telephone calls. Might stop that scamming nonsense in an instant. :D

[Spee]

I think we are getting there:

Judge Orders YouTube to Give All User Histories to Viacom

By Ryan Singel EmailJuly 02, 2008 | 7:16:54 PMCategories: Copyrights and Patents

Google will have to turn over every record of every video watched by YouTube users, including users' names and IP addresses, to Viacom, which is suing Google for allowing clips of its copyright videos to appear on YouTube, a judge ruled Wednesday.

IMHO, you are making an apples to oranges comparison.

In the YouTube case, Viacom and other companies have a right to protect their property, copyrights, etc. They charge people to broadcast their productions. YouTube is essentially giving it away for free. It's not all that different from criminals hijacking truckloads of products and either giving them away or selling them for a fraction of their cost.

The proposed Thai law is simply another unwarranted attempt at government intervention in free trade for purposes which at this point remain unclear and vague. Higher courts in many western countries typically invalidate legislation like this for being too broad and vague.

[mommysboy]

The following I cut and pasted from a well known weekly column published every Sunday:

And Immigration is not the only government department cracking down on things. In this ever tightening world where authorities want you to leave a trace everywhere you go and of everything you do, visitors to Thailand might like to know that from 23rd of this month they will need to show their passport or other ID if they wish to access the net at an internet cafe. Not only that, but a record will be kept of every website visited. A new cyber law is being introduced, and as well as all internet cafes, every company and organisation, including banks and government offices, must retain records of every user's online activities for 90 days. Exactly what the boys in tight brown uniforms will make of the pile of paperwork this creates I have no idea.

Hope it's not true.

Come to think of it what a laugh if it is true.

Just think of the paperwork.

What one wonders is the motive ?

[lifeisrandom]

who the hel_l uses internet cafes? english teachers?

[12DrinkMore]

Been discussed at great length already

http://www.thaivisa.com/forum/Thailand-s-I...ug-t206147.html

[mommysboy]

who the hel_l uses internet cafes? english teachers?

Visitors.

Businessman.

Long term expats.

People who just like internet cafes.

People whose internet/computer is broken.

In fact just about any farang could in bangkok.

It's a bit like asking who the he-l eats out really?

take it you didn't have a very good weekend then?

[brackmagic]

I always use the cafes and I am not an English teacher. I prefer not to lug a laptop around on my travels (nor have hassles with it crossing borders). If/when I return for another vacation to LOS, my internet use will be much less than before. I can't be bothered to carry a passport around all day on the off chance I might want to pop in and check the internet. This is going to hurt the cafes.

[mommysboy]

Been discussed at great length already

http://www.thaivisa.com/forum/Thailand-s-I...ug-t206147.html

Yes thank you.

Not a very good conversation though, kind of went off track don't you think.

Nobody really takes a stab at WHY?

I mean what are they hoping to achieve - is this anti-terrorist? kiddy fiddlers? porn rings? scammers? or just anti farangs using internet cafes.

Bizarre.

[brackmagic]

It is a mystery to me as to the WHYs involved in this. I am no tech expert, but I believe anyone with any sinister intent need simply only use an anonymous proxy to hide the specific sites they visit. Not a good option for casual use due to the sacrifice in speed.

[lazeeboy]

if you've got nothing to hide whats the problem

[LaoPo]

The following I cut and pasted from a well known weekly column published every Sunday:

And Immigration is not the only government department cracking down on things. In this ever tightening world where authorities want you to leave a trace everywhere you go and of everything you do, visitors to Thailand might like to know that from 23rd of this month they will need to show their passport or other ID if they wish to access the net at an internet cafe. Not only that, but a record will be kept of every website visited. A new cyber law is being introduced, and as well as all internet cafes, every company and organisation, including banks and government offices, must retain records of every user's online activities for 90 days. Exactly what the boys in tight brown uniforms will make of the pile of paperwork this creates I have no idea.

Hope it's not true.

Come to think of it what a laugh if it is true.

Just think of the paperwork.

What one wonders is the motive ?

Interesting....

Let's see: 14,4 million tourists to Thailand/year.

Let's assume that just 10 or 20% use internet once in a while during their holidays. Thats 1,44 Million to 2,88 Million internet visits.

If everyone check their mail just 3 times per holiday that's between 4,32 and 8,64 millions times. Assuming they also visit 3 different websites, like banks, travel agent or other that's between 12,96 and 25,92 million visits.

Now, WHO is going thru all these visits and check them, apart from the fact if they (the webpolice) can read the dozens of languages those millions of websites are written in.....?

All in all, my view:

BULL... from a government which is totally paranoid and becoming to look like a police state; a banana-republic runned country.

Amazing Thailand: the land with the Million faces; bring us your money but beware we'll watch you 24 hours...

LaoPo

[Jingthing]

if you've got nothing to hide whats the problem

That is what apologists of totalitarianism always say.

[britmaveric]

wifi hotspots

[Jingthing]

I am wondering what ID they will accept. Most people wisely do not carry their passports around. Sounds like a business opportunity? Fake IDs for internet cafes? Just asking, not suggesting, ha ha.

[brackmagic]

Also, don't think you aren't being watched now! The last time I was in BKK I did some research in a cafe about a hotel called the Pinnacle, running and jogging in Lumpini park and some other thing. While I was paying my bill, the old gentleman running the place asked me if I was staying at the Pinnacle, did I like to run, and some other reference he would have only known if he had been monitoring my usage!

As to the comment about "if youve got nothing to hide whats the problem". There is no problem. I obey all of the laws and if the new law of the land is to track my internet usage, I will see that there is less of it while I am there. I intend to shield my privacy as much as possible from any government intrusion, especially in countries that have reputations for corrupt policing.

[mommysboy]

if you've got nothing to hide whats the problem

That is what apologists of totalitarianism always say.

Nice one.

I've just spoken with one owner. He's aware of the rule but is just watching what other internet cafes do, and they are in turn watching what others are doing no doubt.

He's aware of the need to keep records on a 90 day rolling basis, but hasn't got a clue how to do it.

Needless to say he's had no instruction at all from the powers that be.

He feels it's a general security measure aimed at defending the central firewall from attack, but at that point I'm lost - I assume the national grid or whatever it is has some major firewall prog. rather like our home computers.

It smacks of another fiasco.

What worries me about big orgs. is that they generally beat down on us for doing things that they themselves are more guilty of doing. Hmm I wonder what they are up to this time?

[JetsetBkk]

Also, don't think you aren't being watched now! The last time I was in BKK I did some research in a cafe about a hotel called the Pinnacle, running and jogging in Lumpini park and some other thing. While I was paying my bill, the old gentleman running the place asked me if I was staying at the Pinnacle, did I like to run, and some other reference he would have only known if he had been monitoring my usage!...

Perhaps he looked over your shoulder...

[Jingthing]

Also, don't think you aren't being watched now! The last time I was in BKK I did some research in a cafe about a hotel called the Pinnacle, running and jogging in Lumpini park and some other thing. While I was paying my bill, the old gentleman running the place asked me if I was staying at the Pinnacle, did I like to run, and some other reference he would have only known if he had been monitoring my usage!...

Perhaps he looked over your shoulder...

Most likely. Its called the sneakernet or in Thailand, the flipflopnet.