( June 19, 2026, 03:46 GMT | Official Statement) -- MLex Summary: Thailand’s Personal Data Protection Committee has issued criteria for certification and certification marks for personal data protection standards, establishing a voluntary framework for public and private organizations seeking formal recognition of compliance with the Personal Data Protection Act. Published in the Royal Gazette on Thursday and effective immediately, the framework sets out 128 assessment requirements across governance, human resource development, operational procedures, risk management and technology security. Organizations seeking certification will be assessed on measures including data governance policies, privacy notices, data subject rights procedures, records of processing activities, cross-border data transfer safeguards, data processing agreements, breach-response mechanisms and data security controls. Organizations scoring 80–89.9 percent will receive a Compliance Certificate, while those scoring 90 percent or above will receive a Certificate with a Certification Mark.The statement and framework are attached (in Thai)....
Prepare for tomorrow’s regulatory change, today
MLex identifies risk to business wherever it emerges, with specialist reporters across the globe providing exclusive news and deep-dive analysis on the proposals, probes, enforcement actions and rulings that matter to your organization and clients, now and in the longer term.
Know what others in the room don’t, with features including:
- Daily newsletters for Antitrust, M&A, Trade, Data Privacy & Security, Technology, AI and more
- Custom alerts on specific filters including geographies, industries, topics and companies to suit your practice needs
- Predictive analysis from expert journalists across North America, the UK and Europe, Latin America and Asia-Pacific
- Curated case files bringing together news, analysis and source documents in a single timeline
Experience MLex today with a 14-day free trial.