Nonthaburi, “Prasert” stated that 1,158 agencies had data leaks and 21 agencies had high-risk cyber systems. Confirm that this government is serious about data theft. Buying and selling personal information They must be caught and punished.

Mr. Prasert Chandraruangthong, Minister of Digital Economy and Society (Minister of DE), said that in the past there has been a problem of leaking public information. as well as buying and selling public information as reported in the news Therefore, we expedite the implementation of 6 measures to solve this problem. Divided into an urgent period of 30 days, a period of 6 months, and a period of 12 months as follows: Urgent period in 30 days

1. Have the Office of the Personal Data Protection Commission (PDC) establish a Personal Data Violation Surveillance Center or PDPC Eagle Eye to expedite the inspection of information disclosed to the public. along with searching Watch out for personal information leaks. During the period 9-20 Nov. 2023, operations were carried out and had the following results

: – 3,119 agencies (government/private sector) were inspected

– 1,158 data leaks were detected/agencies were notified.

-The agency has solved 781 matters.

In addition, 3 cases of personal data trading were found and are being investigated and prosecuted together with the Technology Crime Investigation Bureau (SOT). The PDPC Eagle Eye Center has been ordered to expedite inspections of 9,000 agencies in 30 days.

2. Have the Office of the National Cyber Security Commission (NCMC) investigate vulnerabilities in the cybersecurity system. or information security system Especially government agencies that are critical information infrastructure (CII) agencies such as energy and public health. Government services and finance and banking, etc. by checking for system vulnerabilities cybersecurity during 9-20 Nov. 2023

– Cybersecurity systems of 91 agencies have been inspected

– 21 agencies have been found to have high levels of risk and the NBTC has notified them to make corrections.

In addition, 3 cases of trading of Thai people’s information on the darkweb (an illegal website commonly used by criminals or online thieves) were found. They are being investigated and prosecuted together with the Royal Thai Police.

3. Let the NCPO and NBTC cooperate with relevant agencies such as the Thai Chamber of Commerce. Federation of Thai Industries Thai Bankers Association Thai Life Assurance Association Thai Hotel Association Including the media sector network Raise awareness about personal data protection Prevention of various risks That may occur if the agency’s security procedures are not followed. Knowledge about cyber security (Cybersecurity Awareness Training) such as preventing intrusion from outsiders Secure system settings and strict enforcement of the law according to authority

4. Let the DE and the DEA expedite the blocking of illegal trading of personal information. and prosecute and arrest offenders

for a period of 6 months

5. Promote the use of a reliable government central cloud system. Security according to international academic principles Supports the use of personnel of various agencies. safely To prevent and reduce the problem of personal information leakage. From the reason that government agencies send information to outside agencies or lack of personnel to supervise cyber security work for a period of 12 months.

6. Update relevant laws to keep up with the changing social context and circumstances. and to increase the efficiency of law enforcement of officials in better detecting and preventing cyber crimes, such as

– Computer Crime Act B.E. 2007 and its amendments. To cover the trading of personal information

-The Personal Data Protection Act 2019 increases criminal penalties for buying and selling personal data and gives the Office of the Prosecution Commission the authority to prosecute on its own. without waiting for victims to complain

-The Cyber Security Act 2019 increases penalties for government agencies.

that does not comply with cyber security measures

For 6 measures to protect personal information and solve data trading problems. DE Minister has also reported to the Cabinet meeting on the 21st.

Mr. Prasert said at the end that “I would like to confirm that this government is serious. Information theft Buying and selling personal information They must be caught and punished. As for the matter of the agency neglecting to leak information He has ordered to expedite investigation of improper disclosure of information and cybersecurity systems. of various agencies Especially government agencies that have a lot of citizen information. It was also found that there was leaked information. and has given orders to expedite corrections If any agency repeats the same mistake, it will be strictly punished in accordance with the law.”

Source: Thai News Agency