Thailand Issues New Law To Regulate Digital ID Services – Corporate and Company Law
To print this article, all you need is to be registered or login on Mondaq.com.
Thailand has issued a Royal Decree on the Supervision of
Regulated Digital Identification Authentication and Verification
Service Businesses B.E. 2565 (2022) (the “Royal Decree”),
aimed at regulating business operators that provide digital
identification authentication and verification services
(“Digital ID Services”). The Royal Decree was published
in the Government Gazette in December 2022, and will take effect
180 days from the publication date, i.e., on June 21, 2023.
The key details and requirements of the Royal Decree are as
follows:
Regulated Digital ID Services
Under the Royal Decree, the provision of the following Digital
ID Services requires prior approval from the Electronic Transaction
Development Agency:
- Identity verification service – Services for
collecting and identifying information relating to the identity of
a person, and verifying the connections between the person and the
identity. - Authenticator issuance and management service
– Services relating to the connection
between a person who has passed the identification process with an
authenticator, and managing actions which are used to identify a
person. - Authentication service – A
process to authenticate a person by inspecting his/her
authenticator. - Digital ID networks/systems –
Provision of networks or systems used to exchange information for
digital identification purposes, excluding services provided by an
intermediary.
Exempted Digital ID Services
The Royal Decree also specifies a list of Digital ID Services
that are exempted from supervision under the Royal Decree, as
follows:
- Issuance of certificates to support the use of electronic
signatures in accordance with the Electronic Transaction Act. - Digital ID Services conducted for use within the operator’s
own business only, and which do not involve the provision of such
services to third parties. - Other Digital ID Services as prescribed by the Electronic
Transaction Committee.
Qualifications of Business Operators
The types of business operators qualified to operate Digital ID
Services include (i) private limited companies; (ii) public limited
companies; and (iii) other juristic persons as prescribed by the
Electronic Transaction Committee.
The Royal Decree also prescribes the qualifications and
prohibited characteristics for directors, management, and
responsible persons; e.g., they shall not be bankrupt, incompetent,
quasi-incompetent, etc.
The Electronic Transaction Committee may, as it deems
appropriate, impose minimum capital requirements at a later stage,
and may also stipulate rules and requirements on other related
matters such as risk management measures, security measures, and
consumer protection.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Corporate/Commercial Law from Thailand
link
