Published on July 8, 2007
Thai authorities need to strike a delicate balance when they enforce the country's first-ever computer crime law later this month.
That's the message from Prithayuth "Mike" Nivasabutr, managing director of Pacific Internet (Thailand), a Thai who, prior to taking on his position, spent 25 years studying and working in the US.
An MBA graduate from the University of Maryland, Mike joined Pacific Internet, a regional Internet service provider operating in seven markets, in 2000 following a stint with global payment firm MasterCard International.
"In my view, democracy is not about total freedom," he noted, referring to the government's recent shutdown of thousands of websites for social, political and other reasons.
Yet he warned that it's also rather difficult to make value judgements when it comes
to what constitutes a cyber-crime.
"In cyberspace, there's no geographic boundary either so the extra challenge is to also deal with what's coming from abroad that we can't do much about. An obvious example is web-based pornography. It's not possible
to shut off everything," said Mike.
In January of this year, the Information and Communications Technology (ICT) Ministry blocked local access to more than 13,000 websites, especially those carrying content deemed indecent,
anti-government or in violation of the country's lese majeste laws.
The crackdown was sweeping, and resulted in the closure of many innocent sites that had nothing to do with these topics.
For Mike, any site closure should be more discerning. Closing sites that are politically biased or against human rights is fine because there are certain limits on freedom of expression, but a sweeping crackdown could be counterproductive, he said.
He also warned that the country's international competitiveness would be adversely affected if the government mishandled its ICT policy.
"Policy missteps could have significant impact on businesses, as the world is now narrower, with nations competing on management as well as the manipulation of information.
"Perception of a country or a national image could, for example, be heavily influenced by the way one manages or manipulates information," he said.
Later this month, the Computer-Related Offences Commission Act will become effective.
It defines 12 Internet crimes, with punishments ranging from a six-month jail term and a Bt10,000 fine to a 20-year sentence and a Bt300,000 fine.
It also defines the authority of state officials and the legal responsibility of Internet service providers (ISPs).
Among the forms of online fraud specified by the act are various forms of theft such as stealing domain names or hacking into other people's computer systems.
In addition, the drafters of the law expect it to protect young people from "bad" websites, especially those offering pornography or those involving fraud.
Their rationale is that all websites offering such content should be banned, since that's the only way to prevent underage youth from accessing them.
As the head of one of the ISPs regulated under this computer crime law, Mike said his firm is ready to cooperate.
For instance, all ISPs would be required to store data for at least 90 days, during which time law-enforcement officials may ask for a copy of the data for investigative purposes.
The legal requirement could also be extended to cover the storing of users' names and login information for a certain time period by service providers such as Internet cafes, which are among the clients of ISPs.
"Some critics may suggest that such a requirement could infringe upon the privacy of individuals, but in cyberspace everything has a footprint that is useful for investigators.
"For instance, the Department of Special Investigation may be able to trace the original sender of, say, information on how to make a crude bomb, if it has all the footprints. Or it could go after anyone who started malicious or fraudulent chain emails," he said.