Normative legal mechanism for ensuring cyberspace security of Thailand

Abstract

The object of this research is the legal relations that emerge in the context of implementation of measures for ensuring cybersecurity. Characteristic is given to the provisions of the normative legal acts of Thailand in the sphere of cybersecurity. The article author explores the peculiarities of such policy and regulatory documents as Thai National Cybersecurity Strategy for 2017–2021, Policy and Plan for National Security (2019–2022), Cyber Crime Act of 2007 (revised in 2017), Criminal Code of 1956 (revised in 2019), Personal Data Protection Act of 2017, and Cybersecurity Act of 2019. The author reveals the peculiarities of normative legal mechanism for ensuring cyberspace security in Thailand. In its policy documents, Thailand does not determine the major information threats in domestic and foreign spheres or the priorities in the development of cybersecurity system, but rather outlines the range of national interests and sets the tasks may propel it to the regional leadership. The laws are elaborated with consideration of the latest trends in the sphere of information technologies,, and include in the scope of regulation such questions as the protection of personal data, computer and information systems, and critical information infrastructure. The vertical framework of state administration and monitoring, as well as the range of powers of the competent bodies are established on the legislative level. In the sphere of protection of personal data, Thai legislation extensively duplicates the provisions of the General Data Protection Regulation of the European Union. A distinctive feature of the normative legal acts consists in legal substantiation of restriction of human rights and freedoms in the context of implementation of such provisions.