Thailand Issues New Law To Regulate Digital ID Services – Corporate and Company Law

To print this article, all you need is to be registered or login on

Thailand has issued a Royal Decree on the Supervision of
Regulated Digital Identification Authentication and Verification
Service Businesses B.E. 2565 (2022) (the “Royal Decree”),
aimed at regulating business operators that provide digital
identification authentication and verification services
(“Digital ID Services”). The Royal Decree was published
in the Government Gazette in December 2022, and will take effect
180 days from the publication date, i.e., on June 21, 2023.

The key details and requirements of the Royal Decree are as

Regulated Digital ID Services

Under the Royal Decree, the provision of the following Digital
ID Services requires prior approval from the Electronic Transaction
Development Agency:

  1. Identity verification service – Services for
    collecting and identifying information relating to the identity of
    a person, and verifying the connections between the person and the

  2. Authenticator issuance and management service
    Services relating to the connection
    between a person who has passed the identification process with an
    authenticator, and managing actions which are used to identify a

  3. Authentication service A
    process to authenticate a person by inspecting his/her

  4. Digital ID networks/systems
    Provision of networks or systems used to exchange information for
    digital identification purposes, excluding services provided by an

Exempted Digital ID Services

The Royal Decree also specifies a list of Digital ID Services
that are exempted from supervision under the Royal Decree, as

  1. Issuance of certificates to support the use of electronic
    signatures in accordance with the Electronic Transaction Act.

  2. Digital ID Services conducted for use within the operator’s
    own business only, and which do not involve the provision of such
    services to third parties.

  3. Other Digital ID Services as prescribed by the Electronic
    Transaction Committee.

Qualifications of Business Operators

The types of business operators qualified to operate Digital ID
Services include (i) private limited companies; (ii) public limited
companies; and (iii) other juristic persons as prescribed by the
Electronic Transaction Committee.

The Royal Decree also prescribes the qualifications and
prohibited characteristics for directors, management, and
responsible persons; e.g., they shall not be bankrupt, incompetent,
quasi-incompetent, etc.

The Electronic Transaction Committee may, as it deems
appropriate, impose minimum capital requirements at a later stage,
and may also stipulate rules and requirements on other related
matters such as risk management measures, security measures, and
consumer protection.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

POPULAR ARTICLES ON: Corporate/Commercial Law from Thailand