Provision of real-time lawful interception assistance

Constitution of the Kingdom of Thailand (Interim) B.E. 2557 (2014) (the “Interim Constitution”)

Following the coup d’état, the National Council for Peace and Order issued the Interim Constitution and repealed the Constitution of the Kingdom of Thailand 2007 (the “2007 Constitution“).  The 2007 Constitution protected communications from access, interception and disclosure, but provided certain exceptions for government authorities, for example, in relation to national security or public order.  As the 2007 Constitution has now been repealed, these protections are no longer guaranteed.

Section 4 of the Interim Constitution recognises that any human rights and freedoms customarily recognised in Thailand and any rights recognised under international obligations are protected under the Interim Constitution. The Interim Constitution does not explain what those rights “customarily recognised in Thailand” include.

Computer Crimes Act B.E. 2550 (2007) (the “CCA”)

The scope of the CCA deals with offences committed against computer systems or computer data, and content offences which are already crimes under the Thailand Penal Code (the “Penal Code“) and are committed via a computer.  The CCA applies to service providers and is overseen by the Ministry of Information and Communication Technology (“MICT”).

The scope of the CCA extends to those committing an offence under the CCA outside of Thailand, both Thai citizens and foreign citizens (Section 17 CCA). Such offenders may be penalised within Thailand.

Under section 18(4)-(8) CCA, a competent official (one appointed by the MICT), is empowered to:

  • copy computer data or traffic data from a computer system which is reasonably suspected of being used for an offence,
  • inspect or access a computer system, computer data, computer traffic data or computer data storage equipment,
  • order the person in possession or control of such data equipment to deliver it to him; and
  • to seize or attach any computer system for the purposes of gathering evidence in an investigation.

Section 18(7) CCA also authorises a competent officer to decrypt encrypted computer data, to order concerned persons to decrypt encrypted computer data, and/or to order concerned persons to cooperate with a competent officer in decrypting computer data.

“Computer data” means data, statements, or sets of instructions contained in a computer system, the output of which may be processed by a computer system including electronic data.

“Computer traffic data” means data related to computer system-based communications showing sources of origin, starting points, destinations, routes, time, dates, volumes, time periods, types of services or others related to that computer system’s communications.

Although section 18 CCA does not refer expressly to “interception” there is no judicial or statutory guidance on the MICT’s powers under this section. It may be interpreted widely to include, for example, the ability to conduct direct interception, to require interception assistance or to gain direct access to a network operator or service provider’s system.

Under section 19 CCA, the powers under section 18(4)(8) may only be applied if the competent official first makes an application to the competent court.

The application must identify the grounds on which it is believed that an offender is committing or is going to commit an offence under the CCA, the reason for requesting the authority, the characteristics of the alleged offence, a description of the equipment used to commit the alleged offence and details of the offender, to the extent that this is possible.

If the court approves the application, and before taking any further action, the official must send a memorandum explaining the grounds on which the application has been granted to the owner or person in possession of the computer system. Within 48 hours of starting the operation in question, the official must also submit a copy of the memorandum and an explanation of the rationale of the operation to a court with jurisdiction.

The use of section 18(4) (copying of computer data) must not excessively interfere with or obstruct the business operation of the owner or person in possession of the computer data.

Furthermore, in relation to seizure or attachment under section 18(8), the official must issue a letter of seizure or attachment to the person who owns or possesses that computer system as evidence. The seizure or attachment must not last longer than thirty days. If a longer time period is required, a petition must be filed at a court with jurisdiction for permission to extend the time period. The court may allow several extensions, but together they must not exceed sixty days.

When that seizure or attachment is no longer necessary, or upon its expiry date, the competent official must immediately return the computer system that was seized or withdraw the attachment.

Although intercept powers may be inferred from other pieces of legislation (outlined below), the relatively simple process provided for under the CCA means that it is likely to be the legislation under which an interception is most often conducted.

Proposed Amendment to the CCA (the “Proposed Amendment“)

On 7 January 2015, the Cabinet approved eight digital and computer-related draft laws aimed at creating a conducive environment for building the digital economy, controlling radio spectrum frequency allocation, and conducting surveillance on people.

The draft bills will be lodged with the National Legislative Assembly for further consideration and may be subject to amendment.

Organisation to Assign Radio Frequency and to Regulate the Broadcasting and Telecommunication Services Act, B.E. 2543 (2000) (the “NBTCA“)

Under the NBTCA, on the grounds of public order, or public security, the National Broadcasting and Telecommunications Commission  is empowered to issue a provisional order to the competent authority to seize, put to use, prohibit the use of, or prohibit the removal of, radio communication equipment, or part thereof, within the period and under the conditions specified in the order.

Special Case Investigation Act B.E. 2547 (2004) (the “SCIA”)

Under section 21, powers under the SCIA may be invoked in relation to criminal cases which involve the violation of specified laws and which have particular characteristics, including those which are particularly complex, those with relevance to national interests,  those with involvement of influential people, or cases otherwise selected by the Special Case Board (the “SCB“).  Such cases are referred to as Special Case Offences. The relevant laws set out in the Annex to the SCIA include violation of the Law on Loans Amounting to Public Cheating and Fraud, the Competition Act, the Public Company Act, and the Copyright Act.

The SCB is constituted under section 5 SCIA and consists of a number of government ministers and Cabinet-appointed experts chaired by the Prime Minister.  Its duties are found under section 10 SCIA and include: the duty to advise the Cabinet regarding the determination of special cases, determining the details of a special offence, and the monitoring and assessment of results of compliance with the SCIA.

Under section 25 SCIA, Special Case Inquiry Officials (“SCIO“) (officials working directly for the Department of Special Investigation under the Ministry of Justice) may access and acquire any documents or information sent by a means of communication or any IT media which has been or may be used to commit a Special Case Offence.

The SCIA may therefore apply to network operators and service providers if there is cause to believe that an individual being investigated for a crime under the SCIA has used their services to commit a Special Case Offence.

The SCIO must obtain a court order from the Chief Justice of the Criminal Court (the “Chief Justice“) prior to the use of the powers under SCIA.

When granting a court order, the Chief Justice will consider the effect on the rights of the different parties involved and the application overall in light of the following conditions:

  • there are reasonable grounds to believe that a Special Case Offence is or will be committed;
  • there are reasonable grounds to believe that access to the information will result in gathering relevant information in relation to a Special Case Offence; and
  • there are no more appropriate or efficient methods.

The Chief Justice may grant permission for use of the powers for a period of up to 90 days. The network operator or service provider can be required to assist with any decryption of acquired encrypted data under the terms of the court order.

Cyber Security Bill (the “Bill“)

The Bill is currently pending approval from the National Legislative Assembly. It proposes to establish a National Cyber Security Committee charged with detecting and countering online threats to national security, stability, the military and economy.

Under section 35 of the Bill, the Committee would be authorised to access information on personal and other electronic devices without requiring a court order for the purpose of fulfilling its cyber security duties.

Disclosure of communications data

Computer Crimes Act B.E. 2550 (2007) (the “CCA”)

Under section 18(1)-(3), for the purpose of an investigation and the gathering of evidence in relation to an offence under the CCA, a competent official (one appointed by the Minister of Information and Communication Technology) is given a range of powers including the powers to summon any person related to the offence to give a statement, to procure computer traffic data relating to the relevant communications from a service provider or from other relevant persons, and to request documents and other evidence from the person(s) concerned.

There is no requirement of a court order for use of these powers.

Under section 26 CCA, a service provider must store computer traffic data (described in section 1 above) for at least 90 days from the date on which the data is input into a computer system. However, if necessary, a relevant competent official may, on a case by case basis, instruct a service provider to store data for a period longer than 90 days but not exceeding one year.

Section 17 CCA makes it clear that the provisions of the CCA apply to offences committed outside Thailand.

Proposed amendment to the CCA (the “Proposed Amendment“)

The Proposed Amendment, currently sitting with the National Assembly, may see the approval of  eight digital and computer-related draft laws.

Section 27(4) of the Proposed Amendment provides that disclosure of personal data without prior consent from the person to which the personal data relates can be made if the public official has a reasonable ground of suspicion that such personal data would concern national security or the security of international affairs.

The Proposed Amendment also seeks to extend the time limit for retention of data provided under section 26 CCA from 90 days (or a maximum of one year) to two years.

Telecommunications Business Act B.E. 2544 (the “Telecommunications Business Act”)

The TBA is applicable to telecommunications operators.  Under section 50 TBA, telecommunications licensees must keep personal data of their service users for the last three months and, in the event that the service is terminated, to retain this data for three months following the date of termination of the service.

Special Case Investigation Act B.E. 2547 (2004) (the “SCIA”)

Disclosure of data, including disclosure of metadata relating to customer communications, may be provided in accordance with section 25 SCIA (as described in section 1.5 above), provided that a court order is obtained first.

National security and emergency powers

The legislation provided above describes Thai law in ordinary times.  Thailand is currently governed by the interim Government under the peacekeeping power of the NCPO.  As a result, NCPO Order No. 3/2558 (3/2015) re: Maintaining Public Order and National Security issued by the Head of the National Council for Peace and Order  (the “NCPO“) under Section 44 of the Interim Constitution and the Interim Constitution 2014 (both described below) currently supersedes the legislation described above.

Constitution of the Kingdom of Thailand (Interim) B.E. 2557 (2014) (the “Interim Constitution”)

Section 44 of the Interim Constitution provides the NCPO with wide powers to take any extrajudicial action it deems necessary against any act which undermines public peace and order or national security.  Under section 44, it may suspend or take action, regardless of its effect on the legislative or executive arms of the government or the judiciary, in situations where it is necessary for the benefit or reform in any field and to strengthen public unity and harmony, or for the prevention, disruption or suppression of any act which undermines public peace and order, national security, the monarchy, national economics or the administration of state affairs.

NCPO Order No. 3/2558 Re: Maintaining Public Order and National Security (“Order No. 3/2558”)

Following the termination of martial law on 1 April 2015, the NCPO issued NCPO Order No. 3/2558 under Section 44 of the Interim Constitution. It implements measures to deal with actions intended to undermine or destroy peace and national security, violate notifications or orders issued by the NCPO.

NCPO Order No. 3/2558 deals primarily with the maintenance of public order and national security. In particular it gives extensive legal powers to certain categories of military officers that it refers to as  “Peacekeeping Officers”.  The breadth of its provisions and the exact manner in which such provisions may be exercised remains unclear.

NCPO Order No.3/2558 provides Peacekeeping Officers with broad legal authority to prevent and suppress offences related to (i) lèse majesté; (ii) internal security of the Kingdom; (iii) the laws on firearms; and (iv) any violation of any other orders issued by the NCPO. The order also empowers Peacekeeping Officers to issue orders prohibiting the propagation of any item of news or the sale or distribution of any book or publication or any material likely to cause public alarm to the detriment of national security or public order.

Any actions done by Peacekeeping Officers in good faith, without discrimination, in a proportionate manner, and without undue severity, shall not be subject to judicial review, either by an administrative court, civil court, or criminal court.

On April 16, 2015, NCPO Order No. 5/2558 (2015) was issued to amend  Order No. 3/2558. Its provisions can be summarised as enabling additional categories and ranks of military officer to become Peacekeeping Officers.

Martial Law Act B.E. 2457 (1914) (the “MLA”)

Following the imposition of martial law on Thailand in 20 May 2014, the NCPO were vested with extensive powers of government. While martial law has been revoked under Order 3/2558, it remains in force in Thailand’s southern border provinces of Pattani, Yala, Narathiwat and Songkhla. In relation to surveillance and censorship of communications data specifically, the following provisions may provide the NCPO with wide powers. However, the exact manner in which such provisions may be exercised remains unclear.

Under section 10, the military authority may require from any person or company any conveyance, beast of burden, provisions, arms, instruments and tools for use in military service at that time.

Section 12 states that the military authority may, if it deems appropriate, cause provisional seizure of all things so as to prevent the enemy from using them or for the benefit of military service.

The below legislation also provides for special powers in times of national security or emergencies.

Internal Security Act B.E. 2551 (2008) (the “Internal Security Act”)

Under the Internal Security Act, arrests and prosecutions must follow legal procedures. However, the definition of “threat” under the Internal Security Act is vague, and the NCPO therefore have wide discretion to determine what is and is not a “threat” and what activities to monitor. It gives officials of the Internal Security Operations Command (a unit of the Thai military dedicated to national security issues) a wide range of police powers normally exercised by civilian authorities, including powers to use both lethal and non-lethal force, to arrest and detain individuals, to conduct searches, to enter premises overtly and covertly, and to lay criminal charges.

Telecommunications Business Act B.E. 2544 (the “TBA“)

Under section 63 TBA, the National Broadcasting and Telecommunications Commission  is given wide powers in the event of an emergency, or where necessary to maintain public order, national security or economic stability or to protect public interests.  It may take possession of and use the devices and equipment of the licensed telecommunications provider, or authorise a state agency to temporarily take charge of a telecommunications provider’s services, or order the telecommunications business or his/her employees to take a specific action until the end of such emergency or necessity.

Radio Communications Act B.E. 2544 (the “RCA)

Under section 14 RCA, for the purpose of maintaining the public order or defending the realm, the Minister of MICT is empowered to issue a provisional order to the competent authority to seize, put to use, prohibit the use of, or prohibit the removal of radio communication equipment, or part thereof, within the period and under the conditions specified in the order.

NCPO notification no. 26/2557 on supervision and surveillance on the use of online social media (the “NCPO Notification No. 26/2557”)

NCPO Notification No. 26/2557 was issued on 24 May 2557 (2014). Under this notification, the permanent secretary of the ICT ministry shall establish an online social media committee which has the power to examine, inspect, and access “online information”. It has broad powers to suspend or close online publications, websites and social media platforms on a number of grounds, including for engaging in incitement or agitation, for undermining the credibility or integrity of the law, or resisting or opposing the performance of the NCPO’s duties. The notification does not provide any guidance as to how such powers shall be exercised by the committee.

Please note that since the abolition of martial law, the Peacekeeping Officers under Section 4(4) of Order No. 3/2558 are empowered to police any violations of this Notification.

Censorship Related Powers

The Cyber-Inspector Group (the “CIG“)

The Ministry of Information and Communication Technology (the “MICT”) was created in Thailand in 2002.  One of the MICT’s main priorities has been internet regulation, implemented through an MICT unit originally known as CIG.  This unit monitors websites for harmful content, facilitates the enactment of legislation governing electronic transactions, and conducts training for personnel to combat cyber terrorism.

Computer Crimes Act B.E. 2550 (2007) (the “CCA”)

Under section 20, where information is deemed to negatively affect national security (including lèse majesté, explained below) or may violate public order or good morals (such as pornography), the authorised officials may, with the approval of the Minister of the MICT, petition the relevant court with jurisdiction to halt the dissemination of information directly, or to order a service provider to do so.

Lèse majesté is an offence against the dignity of the reigning sovereign of Thailand.  Lèse majesté provisions under Thai law are included in section 2 of the Interim Constitution which stipulates that “the King shall be enthroned in a position of revered worship and shall not be violated. No person shall expose the King to any sort of accusation or action”.

Lèse majesté is also classified under section 112 of the Penal Code, (Offences Relating to the Security of the Kingdom).

Section 14 CCA, also provides for a variety of offences which may be relevant to censorship, including:

  • inputting into a computer system forged or false data in a manner likely to cause injury to another person or to the public;
  • inputting false data in a manner likely to damage national security or to cause public panic;
  • inputting data constituting an offence against national security under the Penal Code;
  • inputting any data of pornographic or obscene nature which is publicly accessible; or
  • disseminating or forwarding any of the above types of data in the knowledge that the inputting of such data constitutes an offence.

Section 15 CCA, allows the authorities to censure any service provider which intentionally supports or consents to the commission of an offence under section 14 by imposing a jail term not exceeding five years and/or a fine not exceeding 100,000 Thai baht.

Proposed amendment to the CCA (the “Proposed Amendment“)

In the Proposed Amendment, the liability of a service provider under section 15 CCA may be reduced.  The Proposed Amendment provides for the Minister of MICT to provide regulations on actions which service providers should take to prevent the dissemination of certain computer data and for the Minister to order the destruction of such computer data.  Under the amended section 14 CCA, if the service provider can prove that it acted in accordance with the Minister’s instructions, it will not be liable under section 15 CCA.

Oversight of the use of these powers

As, at the time of this report, Thailand is under an indefinite state of emergency, and thus the applicable oversight functions set out below may not be followed.

The expansive powers given to the authorities by the Internal Security Act, the Martial Law Act, and the NCPO Order No. 3/2558 are subject to almost no independent oversight mechanisms (save for actions which are not in good faith, discrimination, and that are not in proportion could be subject to the judicial review). The Prime Minister is required, under the Internal Security Act, to report to the parliament when the ‘threat to internal security’ has subsided or can be addressed within the normal powers of the government agencies.

Administrative Court Procedure Act B.E. 2542 (the “ACP“)

Decisions of the National Broadcasting and Telecommunications Commission can be appealed within the organisation itself, but may also be appealed to the ACP.

An administrative case is generally initiated in the Administrative Court of First Instance, unless provisions of a specific act specifically state the dispute be filed directly at the Supreme Administrative Court.

When a dispute is to be filed at the Administrative Court, the procedure follows an inquisitorial system and any decision made by the Administrative Courts of First Instance may be appealed to the Supreme Administrative Court.

Publication of laws and aggregate data relating to lawful intercept and communications data requests

Restrictions on network operators and service providers

Ordinarily there is no legislation which prevents the publication of aggregate data relating to the use by the government of the powers described in this report. However under the expansive extrajudicial powers vested in the government under NCPO Order No. 3/2558 issued under Section 44 of the Interim Constitution, it has the authority to restrict publishing of any types of data which are not in the national interest.

Aggregate data published by government agencies

As far as we are aware, the government does not publish aggregate data relating to its use of the powers described in this report.

Law stated as at 16 April 2015.

This information was originally published in the Legal Overview to the Telenor Group report on Authority Requests for Access to Electronic Communication in May of 2015.


Follow us on Twitter @IndustryDialog