New Internet Law

[sabaijai]

Net Use Record Becomes a Must for Business And Government Sectors

Beginning from August 23, all businesses and government agencies that provide computers and other related services must keep records of computer and Internet use and Internet traffic for the last 90 days.

This is a part of the 2007 Computer Crimes Act, which took effect on July 18 last year. Granted a grace period of one year, only local Internet Service Providers have so far compiled to the law. Now it is time for the remaining entities, designated as the so-called "third and last group", follow the law.

This includes all government agencies, private and government schools, apartments and residential complexes, online game shops and Internet cafes. Those who fail to comply with the law will face a Bt500,000 fine.

The Act indeed applies to operators of both mobile and fixed line telephone services, who have built data storage facilities to record their clients' usage.

Only household computer users are exempt.

Under this law, businesses, schools and government organizations have to provide data storage facilities to collect users' identification details such as names and addresses of people registered with websites or online applications, logs of Internet use and Internet Protocol addresses and URLs to websites surfed by those users.

Pol Colonel Yannaphol Yangyuen, a senior Department of Special Investigation official, said it would be a priority for organisations to prevent employees from harassing people by sending insulting or defamatory messages on web boards or forwarding pornographic material via email by setting up recording procedures for internal computer use. (Report by The Nation)

They must make the stored information available every 90 days.

The 2007 Computer Crimes Act is the first Thai law that aims to tackle all types of electronic crime committed through the use of computers and information technology.

Source: tivarati.com

[CCCP]

This is just the start. The UK has already banned a number of alternative media sites. Get ready for your privacy to dissapear. A so called conspiricy theorist warned that this will happen and be the start of bigger things to come. Of course there will be those who believe this is for the protection against terrosrism.

The 4th ammendment in the US has gone belly up, and likewise in the UK too. I geuss we just gotta get used to it.

[Phil Conners]

^ is the situation in CCCP better?

[sabaijai]

Soon they'll have the Eastern European problem - how do you maintain surveillance on everyone?

[Guest Reimar]

Maybe better not to known how (many) other countries already running such recording!

There was in the last year and federal meeting of the German Federal Police in Berlin with was mainly held for one reason only: How to capture the data of Skype?!

The German Federal Police (Bundes Kriminalamt) isn't able to capture the data of Skype users, not the calls and not the chat! And that is against the wish of that police because all other they do!

Cheers.

[JetsetBkk]

Soon they'll have the Eastern European problem - how do you maintain surveillance on everyone?

Simple - have half the people working for the state, the other half being watched.

Trust no one. The truth is out there.

Edited August 20, 2008 by JetsetBkk

[endure]

Now is the time to invest in hard disk manufacturers...

[froggshw]

Pretty soon we'll all have a bar code...without this bar code you wont be able to work,buy anything,travel or get money.

Froggs

[niller74]

I know many people say this isn't a big deal and that there will be no way to enforce this rule.

Under this law, businesses, schools and government organizations have to provide data storage facilities to collect users' identification details such as names and addresses of people registered with websites or online applications, logs of Internet use and Internet Protocol addresses and URLs to websites surfed by those users.

Is this a translation from the actual law? Storing this information for 90 days isn't really a big deal, BUT in the unlikely event that they would knock on someones door, would this be likely to satisfy them?

[RKASA]

Pretty soon we'll all have a bar code...without this bar code you wont be able to work,buy anything,travel or get money.

Froggs

Yap, and still the trains won't run on time.  Gov. is not a solution if its the problem, and its more like you will be told where and when to work, when and if you can travel, and you don't need money here's a bowl of rice for the day.

[Phil Conners]

Pretty soon we'll all have a bar code...without this bar code you wont be able to work,buy anything,travel or get money.

Froggs

There was a movie about this some years ago. Don't recall the name but it was about a society with everything based on like a credit card. Woman protagonist did something to piss off somebody in charge and got her card revoked, after that she became a non-entity, no card = no existence. Scary at the time, probably near reality today.

[froggshw]

I believe it's coming...I just hope not in my life time.

Froggs

[Prasert]

Net Use Record Becomes a Must for Business And Government Sectors

...

Under this law, businesses, schools and government organizations have to provide data storage facilities to collect users' identification details such as names and addresses of people registered with websites or online applications, logs of Internet use and Internet Protocol addresses and URLs to websites surfed by those users.

...

I understand that most people will be concerned about what is recorded.

I myself wonder how smaller companies ever want to achieve this. Take the average internet cafe: the owner usually runs a couple of computers plugged into a switch with an adsl connection to the internet. Besides being able to install a new Windows on the computer, the owner has absolutely no clue how things work.

And all of a sudden the government decides that this shop has to keep track of

-identification - passport copy of the customer?

-visited websites - How is the owner ever gonna manage to track which user went to which website?

-logs of internet use - This is a very wide definition. What needs to be logged?

So who is gonna make all this logging actually happen???

No, it's gonna be way easier then everybody thinks.

Everytime an adsl line reconnects, you get a new IP address. If you have a shitty line (which the majority seems to have), you get a new IP address several times a day. Add that to the mess most ISPs have and it's almost impossible to ever trace anything back.

[onethailand]

Everytime you log into an ISP, the ISP also records the IP address - so no matter how many times a day you get a new IP, the ISP knows its you.

Now if you run a cafe, the ISP fingers your address, then at your cafe you will need to produce additional logs to narrow it down to a particular customer - otherwise you take the blame and pay 500K in fines.

[marcus]

Everytime you log into an ISP, the ISP also records the IP address - so no matter how many times a day you get a new IP, the ISP knows its you.

Now if you run a cafe, the ISP fingers your address, then at your cafe you will need to produce additional logs to narrow it down to a particular customer - otherwise you take the blame and pay 500K in fines.

Anyone knows software which can do the job ?

[Veazer]

What about the average coffee shop or restaurant offering free wi-fi access? Are they supposed to ask every customer who opens a laptop to provide ID?

I just don't think this law can ever achieve it's goals. Anyone wishing to do the offending acts can obviously find another point of access to do it. It simply creates an unnecessary burden on businesses.

[onethailand]

What about the average coffee shop or restaurant offering free wi-fi access? Are they supposed to ask every customer who opens a laptop to provide ID?

I just don't think this law can ever achieve it's goals. Anyone wishing to do the offending acts can obviously find another point of access to do it. It simply creates an unnecessary burden on businesses.

Yes, they are required to do so - which means you will no longer be able to walk in, sit down, turn on your computer and surf, unless you have been given a user ID and password by the cafe. At which time they should ask for your ID and log it if they do not want to fall foul of the law.

Doesn't mean they'll do it. And the logging requirement is pretty silly too but I think that part can be safely left to the ISPs to take care of - as long as you can identify who was on at what time on what computer, you should be fine.

[Phil Conners]

TiT again

Imagine all those who has wifi at home. To prevent war driving they'd now have to setup user authentication in their own home network.

Another crazy stupid law that will be very selectable enforced.

[Jingthing]

This law SMELLS to high heaven.

A 500K baht fine for a small internet cafe operator is ruinous and yet to comply with these draconian rules, the owner will have to spend alot of time and money that will of course have to be passed on.

What is the real story behind this?

Is Thailand gearing up to be as non-free as China?

Is it a way to make everyone a criminal, so the state can arrest almost anyone at anytime?

Is it a scheme to generate bribes to avoid following the law and paying the 500KB fine?

[Crushdepth]

I doubt that it will ever be enforced in practice, although that may depend on how badly the boys in brown decide to hassle business owners to get tea money. 500k will be an irresistable target in all likelihood. If they do that it is quite likely that cafes will simply stop offering free wireless.

As for why, it seems to me that Thai government(s) frequently passes legislation that is hopelessly unenforceable. It's part of their 'control complex' ie. that we, the government, are in control of this situation. We have passed legislation you know, now we can make pathetic statements in the media that the problem is solved and everyone can stop worrying about it (eg. 'there are no more drugs in Thailand', or 'the traffic problem will be easy to solve' or 'solving of the poor will be easy' (the last two were Thaksinisms).

Or to put it simply, I suspect it was more a case of incompetence than conspiracy, though it certainly opens up some new channels for abuse by the creative.

[niller74]

I don't think logging this is as hard as many may think.

Internet cafes will ask for IDs and take a photocopy.

The router will store all connection requests (incl. IP and Mac address)

The problem as someone stated is that how are they going to configure it, since most of the people running an internet cafe is clueless to setting up a log machine and forward router logs to it.

How many of the Thais even know about this law? I have asked a few people that have businesses and none of them were aware of the law until I mentioned it.

I think this law will be used like so many other Thai laws to hit the ones they are already looking at with as many claims as possible. But since the fine is 500k it might be used to get 'tea-money'.

It would still be very nice with an exact description of which log files would please them.

Unfortunately this will be the end of free wifi spots, since I find it hard to believe that anyone will go through the hazzle of copying IDs and making notes, unless its your main business.

[deeveloper]

Ominous.

Seen George Orwell's movie '1984'?

While it's still accessible, worth a read...

http://www.infowars.com

--

STOP TERRORISM.

STOP TERRORISING

Edited August 24, 2008 by deeveloper

[niller74]

How many are actually storing logs now?

And what are you storing?

[tartempion]

Only household computer users are exempt.

ISP's will track you down

[deeveloper]

Only household computer users are exempt.

ISP's will track you down

If IT techs want to compromise systems... they will... no secrets here...

they will find ways around it...

The enemies of free-speech want to bring the internet down.

IPs are changed easy enough Data can be encryped and tunnelled.

Free MAC address changer..

http://tmac.technitium.com/tmac/index.html

--

STOP TERRORISM.

STOP TERRORISING.

"I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say 'Daddy, where were you when they took freedom of the press away from the Internet?'"

--Mike Godwin, Electronic Frontier Foundation

http://freenetproject.org/

http://www.infowars.com

Edited August 24, 2008 by deeveloper

[Crushdepth]

How many are actually storing logs now?

And what are you storing?

Nothing. I still don't know how. Wireshark? Also, does thailand have any privacy laws where we might get our <deleted> sued by members of the public for attempting to comply with other (conflicting) legilsative requirements?

[Phil Conners]

Privacy laws? Thailand?

[RKASA]

In the interrest of knowing things about the MAC address, try running all your internet connection from a vertual install, you have the option to random gen a MAC address before each start up.  After testing this myself, it must look like I have 10 differant PC's by now.  Having said that, all thin client's will now be outlawed.   PS you can give the host a MAC that matchs a router, but it should not be required because they only share the NIC and should not be seeing the host in the connection information that the share would make. This MAC changing is the only way a PC can share its NIC with the guest OS as they would have the local IP in commen to each other.

[mgjackson69]

Do you suppose that it is just coincidence that my TT&T ADSL, which has been rock-solid since my service was activated, has been a POS since yesterday (23 August) morning? This with no changes whatsoever to my home network.

The line stays up anywhere from 1 minute to 15 minutes, looking at the modem/router I can see that the address given the modem via DHCP is bouncing all over the place...sometimes is in the 117.nnn.nnn.nnn network, sometimes in 114.nnn.nnn.nnn network, sometimes in 222.nnn.nnn.nnn network. And when the line is up it is slow.

It seemed to get a bit better after midnight last night, it had been up for over an hour when I went to sleep.

This morning it was bouncing again, not as frequently though.

As of this post, the line has been up on the same IP address for 1 hour, 35 minutes.

Shit, spoke too soon...it just dropped again.

Somying at TT&T tells me it must be a problem at my end, because they already "fix something" at their end...and they will send someone around in 2-3 days.

[RKASA]

ISP's have been logging for 3 to 6 months now.  Yours may have started when they used the changing of IP's for some with good connection as an effort to improve service, it was not, it did not, and never has had a thing to do with improve.  Record yes everything to do with that.  I don't care I just wish my web pages would load faster then .5KB/s again. but I am moving to Reno so that won't be a problem anymore.  I ll just put up with 3 minute web page loading for a few more days.