(Unofficial Translation)
No. 136 Chapter 69 Kor

Government Gazette

27 May 2019

[Official Emblem of Royal Command]
Cybersecurity Act,
B.E. 2562 (2019)
---------His Majesty King Phra Poramenthra Ramathibodi Sisin Maha Vajiralongkorn
Phra Vajira Klao Chao Yu Hua
Given on the 24th Day of May B.E. 2562;
Being the 4th Year of the Present Reign.
His Majesty King Phra Poramenthra Ramathibodi Sisin Maha Vajiralongkorn Phra Vajira
Klao Chao Yu Hua is graciously pleased to proclaim that:
Whereas it is expedient to have an enabling act on the law concerning maintaining
cybersecurity.
This Act contains certain provisions in relation to the restriction of rights and freedom of
a person, which section 26 in conjunction with section 28, section 32, section 33, section 34,
section 36, and section 37 of the Constitution of the Kingdom of Thailand so permit by virtue of
the law.
The rationale and necessity to restrict the rights and freedom of a person in accordance
with this Act are to efficiently protect cybersecurity and to establish approaches to protect, cope
with, and mitigate the risk of Cyber Threats which affect the national security and public order.
The enactment of this Act is consistent with the criteria prescribed under section 26 of the
Constitution of the Kingdom of Thailand.
Be it, therefore, enacted by the King, by and with the advice and consent of the National
Legislative Assembly acting as the parliament, as follows:
Section 1

This Act is called the " Cybersecurity Act, B.E. 2562 (2019)"

Section 2
This Act shall come into force on the day following the date of its
publication in the Government Gazette.
Section 3

Under this Act,

"Maintaining Cybersecurity" shall mean any measure or procedure established to prevent,
cope with, and mitigate the risk of Cyber Threats from both inside and outside the country which
affect national security, economic security, martial security, and public order in the country;
"Cyber Threats" shall mean any action or unlawful undertaking by using the computer,
computer system, or undesirable program with an intention to cause any harm to the computer
system, computer data, or other relevant data, and be an imminent threat to damage or affect
operation of the computer, computer system, or other relevant data;
“Cyber” shall include data and communication from the service providing or application
of the computer networks, internet system, or telecommunication networks including the usual
service provision of satellite and other similar network systems which are generally connected;
"Government Agency" shall mean the central government, regional government, local

1

Select target paragraph3