Back Thailand

    Status regarding Budapest Convention

Status regarding Budapest Convention

Status : NA Declarations and reservations : N/A See legal profile

Cybercrime policies/strategies

Thailand’s National Cybersecurity Strategy 2017-2021 recognized that cyber-threats do not affect just one country. The Strategy further argues that combatting cyber-threats and providing cybersecurity requires international cooperation, support for norms and international best practices, as well as the development of strong policies and measures at the national level. One of the key goals listed in the Strategy is preventing and suppressing cybercrime, through a number of approaches (e.g. the development of relevant regulations and laws; promoting cooperation for information exchange, sharing of experiences and best practices with other countries, both bilaterally and with relevant international organizations – e.g. INTERPOL; promoting law enforcement capacity building especially with respect to investigations).

The Office of the National Security Council identifies the following goals when it comes to cybersecurity:

  • Defense: get the means and tools to protect the State from cyber-threats to ensure the networks and data within the country are protected and flexible;
  • Address threats: strengthen State security, and investigate attacks by arresting and prosecuting offenders;
  • Development: the State must support research and development in science and technology, cyber security, and relevant capacity building.

The Ministry of Digital Economy and Society/MDES was established in 2016 (formerly the Ministry of Information and Communication Technology). Its Minister is a member of the National Security Council. The ministry’s mission includes (key points): (1) proposing national policies and laws on digital development, including cybersecurity; (2) managing the country’s statistics system to support decision making (including on cybersecurity). The ministry’s strategic five year plan (2020-2024) can be found here (Thai).

Specialised institutions

  • Ministry of Digital Economy and Society (established in 2016; formerly the Ministry of Information and Communication Technology) has a Crime Prevention and Suppression Technology Division. The Minister is a member of the National Security Council;
  • ICT Law Center: part of the Electronic Transactions Development Agency. One of its goals is to train criminal justice authorities in IT law. Provides a database of the many ICT-related laws;
  • Thai CERT (formerly the Computer Security Coordination Center of Thailand) was under the jurisdiction of the Electronic Transactions Development Agency but is being/was moved under the National Cybersecurity Agency as a result of the Cybersecurity Act B.E. 2562 (2019). ThaiCERT has established international cooperation through the Forum of Incident Response and Security Teams (FIRST) and is a member of the Asia Pacific CERT (APCERT);
  • National Cybersecurity Committee – which includes the PM, Ministers of defence and MDES, police chief, SG of the National Security Council, permanent secretaries for justice and finance. Among its functions: it determines the characteristics of organisations that are included under the classification of Critical Information Infrastructure. There are three levels of cybersecurity threats listed under the Cybersecurity Act B.E. 2562 (2019): non-severe, critical and crisis levels. In the case of a critical threat, the act allows seizure of the computer system or assets without a court order (2020);
  • National Cybersecurity Agency (NCSA): currently the Electronic Transactions Development Agency acts as the NCSA;
  • High Tech Crime Unit of the Royal Thai Police: functions – checking and analyzing electronic data; supporting the collection of evidence relating to commissioned offenses; support in-depth computer technical inspection; investigations; crime prevention; knowledge sharing; maintaining evidence in technology crimes by storing in accordance with international standards; collaborating with other relevant agencies both domestically and abroad; personnel development;
  • Department of Special Investigation (DSI): established in 2002, part of the Ministry of Justice, and one of the few institutions that has the power to initiate criminal investigations other than the police (possibly with the exception of the National Counter Corruption Commission). The DSI can request a Court to issue a warrant to access the accounts, computer, communication instruments or equipment, electric mail, data, or any electronic telecommunications of the suspects for no longer than a 90-days period. The DSI can also operate a sting operation or set up a mobile unit or commando unit if necessary. Jurisdiction (Special Case Investigation Act B.E. 2547): crime prevention, suppression and investigation of specific crimes (e.g. in the areas of Finance and Banking, Intellectual Property Rights, Taxation, Consumer Protection and Environmental, Technology, Cyber or Computer crimes, Corruption in Government Procurement, and other serious crimes that have a seriously negative effect on public peace and order, morale of the people, national security, international relations, and the economic or financial system). The DSI also does investigations involving Transnational and Organized Crimes and other white-collar crimes. Its Bureau of Technology and Cyber Crime is responsible for preventing, suppressing and investigating special crimes; prosecuting offenders for computer and technology-related crimes; collecting, analyzing and providing evidence for case prosecution; planning, managing and coordinating for preventing, suppressing and investigating special cases under responsibility; retaining case evidence and exhibits; and jointly performing/supporting the operation of other related agencies;
  • Technology Crime Suppression Division (Central Investigation Bureau): established in 2009 through a Royal Decree. It has the power and duty to maintain order, prevent and suppress crimes related to technology and carry out investigations under the Criminal Code, Criminal Procedure and other laws relating to computer systems. Organisation: Subdivision 1: Offences with computer systems as targets; Subdivision 2: Use of computers as a criminal tool; Subdivision 3: Importing and distributing false computer data; and the Technology Case Support Group: immediate response and support for computer-related cases;
  • Computer Data Screening Committee: established by the CCA (2017) with the power to permit officials to request a court order to block or destroy any data which is contrary to the public order or good morals of the Thai people. To determine that, the Computer Data Screening Committee must take into account precedent established by prior Supreme Court judgments and the Thai social context. Under the Ministerial Notification on the Appointment of the Settlement Committee under the CCA, the Computer Data Screening Committee will consist of a Chairman and seven committee members, three of whom shall come from relevant private sector in the fields of human rights, public communication, information technology, or other related field (Law Plus 2017);
  • Settlement Committee: has the power to settle a case through the payment of fines for some criminal offenses under the amended CCA (2017) (e.g. the unauthorized access of a computer system; disclosure of preventive measures for accessing a computer system; bringing false information into a computer system). Under this Ministerial Notification on the Appointment of the Settlement Committee under the CCA in case where an offender confesses of a crime against a person and if the injured person agrees to have the case settled by payment of a fine, the Settlement Committee will set the amount of the fine to be paid by the offender considering the severity of the offense, the circumstances of the offense, the damage to society and/or other users of a computer system, behavior of the offender, occupation, size of business and other factors (Law Plus 2017);
  • Action Taskforce for Information Technology Crime Suppression (TACTICS), and 11 operation centres across the country (Bangkok Post, 1 Jan 2019).

Jurisprudence/case law

Office of the Special Prosecutor v. Nopawan (Bento) (2013): defendant (Nopawan) was arrested in 2009 and accused of disseminating a message that defamed and insulted the Queen and the Heir Apparent on a webboard under the pseudonym 'Bento'. The defendant denied all charges. The Court of the First Instance dismissed the charge given that there was no eye witness to see the defendant posting the message. The Court decided that the IP Address was not sufficient to identify the real user. Later, the Court of Appeal reversed the judgement of the lower court, giving the defendant 5 years in prison based on the Constitution Ch. II: The King, Section 6, Article 112 of the Criminal Code (lèse-majesté) and Section 14.5 of Computer Crime Act of 2550 BE (dissemination of problematic information via computer systems).

Ministry of Information and Communication Technology v Katha (2014): Mr. Katha (broker) posted some messages on a webboard that caused stock prices to fall. He was charged on two counts of posting false statements that caused panic among the public and compromised national security under the Computer Crime Act Section 14(2) and was sentenced to two years and eight months prison time by the Court of Appeal.

Military prosecution: Tara (2017): defendant created a website and uploaded links to audio files that were deemed as constituting lèse-majesté. He was arrested in 2015, charged and tried by a military court (country was under direct military rule 2014-2019) under the Criminal Code Section 112 and Computer-related Crimes Act Section 14(1), (3) and (5). He initially denied all charges and stated that he created a website about health issues to earn advertising revenue. He uploaded the links on his website because there was content about healthcare in the audio clips and he did not listen to all the audio clips before uploading them. The defendant confessed to the charges to get a reduced sentence of 20 years.

Technology Crime Suppression Division v Pruetnarin (2014): was accused for posting 9 messages via 3 Facebook accounts in violation of Article 112 of the Criminal Code. The defense claimed entrapment in that intelligence services tried to ‘friend’ the defendant online and incite him to post lèse-majesté messages. The Court sentenced him to 3 years for each count and under Computer Crime Act of 2550 BE Section 14(3) for 4 months for each count. His sentence was later mitigated to 15 years following his guilty plea. In other cases, the court considered Article 112 and Computer Crime Act as one act, so the court would punish the defendant only under Article 112 which carries the severest penalty. In this case, the court sentenced using Article 112 separate from Computer Crime Act, causing the defendant to receive a more severe penalty.

Thai Phuketwan Journalists Acquitted of Defaming Navy (2015): A court in the southern Thai island of Phuket acquitted two journalists of accused of defaming the navy and breaching the Computer Crimes Act. The journalists faced possible jail time for a line in a 2013 article on human trafficking. The excerpt, from the Reuters news agency, quoted an unnamed smuggler saying Thai naval forces made money from turning a blind eye to trafficking.

Thai court to hear first royal insult case under new king (2017): A Thai court agreed on 10 February 2017 to put a prominent activist on trial for insulting the monarchy after he shared a BBC Thai-language profile of the new king (which some said was offensive) on Facebook.

Operation Blackwrist (2019): this child exploitation operation was launched by INTERPOL in 2017 following the discovery of material depicting the abuse of 11 boys, all under 13 years old. The material, first identified on the Darkweb, originated from a subscription-based website with nearly 63,000 users worldwide. For years the site had published new material weekly, with the abuser taking great care to avoid detection, often masking the children and leaving very few visual or audio clues. Homeland Security Investigations (HSI) Bangkok and HSI Indianapolis partnered with INTERPOL, DSI and other law enforcement agencies to pursue any investigative leads with a potential nexus to the United States. On January 16, 2018, HSI Bangkok assisted Thai authorities with the execution of search and arrest warrants leading to an arrest and the rescue of 5 victims.

Rex Mundi Operation: A 25-year-old FR coder was arrested on 18 May 2018 by the Royal Thai Police based on a French international arrest warrant for the implementation of a cyber-attack with ransom against a British-based company. The arrest was the eighth in an international operation supported by Europol and the Joint Cybercrime Action Taskforce (J-CAT) which was established in 2017.

Sources and links


Reports and research

Tools on Cybercrime & Electronic Evidence Empowering You!

These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe. 


  Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?

  Share this information with us helping to keep this platform up to date.

Useful links