Critics say the laws will be open to abuse, and give too much power to the ministry
Many sections of society raised their voices to urge the government to revisit the bills and allow all stakeholders who will be affected by the laws, including businesses, the public, state enterprises and independent organisations, to scrutinise them before they become law.
Paiboon Amornpinyokait, an expert on cyber and computer law, said the concept of the bills was okay to support and encourage the digital economy policy, but they gave too much power to the new Ministry of Digital Economy and Society by allowing it to oversee too many areas.They include areas currently under the jurisdiction of the National Broadcasting and Telecommunications Commission (NBTC) Bill, the Cyber Security Bill, the New Computer Crime Bill, the Personal Data Protection Bill, the Digital Economy Promotion Bill, and the Digital Economy Development Fund Bill.
Paiboon said the bills would result in too much centralised power and will give too much authority to officials or authorities, which could easily lead to abuse of power.
He said the solution was to adjust the content of the bills and to decentralise power and set up independent organisations or committees to oversee areas under the legislation.
For example, the NBTC should be independent and oversee areas earmarked by the NBTC Bill, and an independent committee should oversee areas under the Personal Data Protection Bill.
Areas under the digital economy bills and the fund bill should be covered by the Commerce and Finance ministries, while the Ministry of Digital Economy and Society should only oversee areas under the Computer Crime Bill and Cyber Security Bill.
Paiboon said parts of the bills gave too much power to competent officials or competent authorities, including Article 4 of the Computer Crime Bill on spam.
He said the bill stated that service providers or online users in general who did not give people the choice to reject a message, which could be considered spam, via an “op-in, op-out” function would be fined Bt100,000 per message.
All social media users would be affected because social media platforms did not allow users to have “op-in, op-out” functions to allow their friends or followers to reject or accept a message.
Paiboon said enacting Article 6 of the Computer Crime Bill would result in the existing Article 14 (1) no longer covering identity fraud and hate speech, while Article 14 (4) would no longer cover pornographic material relating to people aged over 18 and Article 14 (5) would no longer cover people who forward an illegal message.
He said Article 20 of the Computer Crime Bill that allows authorities to block websites are in violation of human rights and freedom.
The Cyber Security Bill and Computer Crime Bill give too much power to the authorities. For instance, in the past the bill was aimed at allowing a competent official to block a website found to be violating the Computer Crime Law. But the Computer Crime Bill’s Articles 10 and 20, will now allow a competent official to directly block a website deemed to be violating any laws, without permission from the ministry.
Govt officials wield power
The problem with this is that there were currently around 100 competent officials and they were not experts in investigations, computer forensics and technology, but they were government officials who passed a threeday rapidtraining course and had become competent officials under the Computer Crime Law and might be competent officials the Cyber Security Bill.
Paiboon said Article 35 (3) of the Cyber Security Bill empowered competent officials appointed (under Article 6) by the National Cyber Security Committee (NCSC) chaired by the Digital Economy and Society Minister, to access any in-
formation on any platform without
court orders. This meant they could always monitor [the Internet and cyber] gateways. This will have a negative impact on investment in the digital economy.
Cyber Security Bill’s Article 31 and 34, gives power to the NCSC to order any government organisations under other ministries.
“The Computer Crime Bill and Cyber Security Bill are the most worrisome. These bills can be used to perform Internet surveillance of businesses and people without a code of conduct and without balance of power. They give absolute power,” said Paiboon.
Prinya Hom-anek, a cyber-security specialist, said the bills give too much power to the Ministry of Digital Economy and Society. For example, according to the Cyber Security Bill, the National Cyber Security Committee (NCSC) will be chaired by the Digital Economy and Society Minister. The NCSC should be chaired by the prime minister and should be a government agency rather than a private one, he said.
Prinya added that there were concerns about the Cyber Security Bill’s Article 35 about the power of competent officials. He said there should be a clear, solid and transparent measures for the use of power by the NCSC.
“The Cyber Security and Computer Crime bills are necessary. The concept of the bills is good but the content needs to be adjusted,” said Prinya.
He added that the 10 bills overall seemed to vest too much power in the Ministry of Digital Economy and Society. He said other ministries should also be involved in implementing these laws.
Another important point, Paiboon noted, was the Personal Data Protection Bill cuts the right of journalists to use personal data of ‘sources’ without their permission. This means, under this bill, journalists cannot do investigative reports on any public persons [government, business persons, or celebrities].
The new Electronics Transaction Bill [Article 34/1] empowers officials to investigate and confiscate. The principle of the law is to support and facilitate electronic transactions the [Electronics Transaction Development Agency] officials should play role as facilitator.
The new Electronics Transaction Bill also gives too much power to the National Electronics Transaction Development Agency (the new name of the Electronics Transaction Development Agency) to be able to do joint investment with the private sector or other organisations without determining the amount and ceiling, while this agency is protected from being responsible for its operations.
“The resolution is to adjust all concerned content. It can benefit development of the digital economy but if these bills come without any revisions they might hurt development of the digital economy. It would be better to delay these bills and address the issues of concern, rather than rushing them in the current form,” said Paiboon.