- Introduction
The Computer-Related Crime Act of 2017 (the 'CCA') in Thailand is a significant law dealing with computer-related offenses, whether committed using computers or against computer systems. The CCA is a set of rules and a crucial tool in regulating the increasingly complex world of computer-related crimes. Online commentary usually refers to the CCA as written broadly to give authorities broad interpretation and enforcement powers.
The impact of the CCA can be severe and material, directly affecting our everyday experiences and interactions. Virtually all communications are via apps, email, etc. Data and files are stored on computer systems, whether on the cloud or on-premises. Thus, it is understandable that online commentary concerns the 'broad' language in the statutory text. The potential impact of the CCA is significant, given the widespread use of computer systems in our daily lives. Indeed, defamation is a crime in Thailand (see https://fosrlaw.com/criminal-defamation-litigation-in-thailand/). The CCA was often invoked as an added charge in defamation cases, as many defamation charges were based on internet postings or comments.
"Broad" is a word itself that is subjective. Indeed, organizations such as Human Rights Watch have said that "The new CCA is also likely to increase censorship due to its ambiguity" (See
https://www.hrw.org/news/2016/12/21/thailand-cyber-crime-act-tightens-internet-control)
While the criticism of the CCA is understandable based on the statute itself, it's crucial to remember that the Supreme Court of Thailand has the authority to interpret it. This interpretation, which tends to be narrow, significantly influences the law's application. Thus, on the surface, the statute is broad, but with some exceptions, the Supreme Court tends to interpret it narrowly, which is a key factor in understanding the law's application and potential limitations.
We will not delve into the specifics of the CCA statute, as many online sources explain its structure. Here, we will look at some (not all) of the Supreme Court of Thailand's rulings based on the CCA.
The term 'computer' here encompasses a wide range of devices, all controlled by computers, from desktop computers to smartphones. The CCA was set up to prevent and control offenses that may occur using these devices. These offenses, which include actions that disrupt the functioning of computer systems or cause errors in the execution of commands, any unauthorized access, modification, or destruction of others' data within computer systems, or using computer systems to disseminate false information or engage in cyberbullying, can lead to significant harm and disruption.
- Samples of the Thai Judiciary's Position
Supreme Court decision number 2600/2563: The defendant is a former employee of the plaintiff's company. After the termination of his employment, the defendant tried to access the plaintiff's email system, which the defendant used as an employee, to transfer the plaintiff's documents and data into the defendant's personal email account. In this regard, the Supreme Court considered email computer data under the CCA. Therefore, the defendant's action is deemed illegal to access computer data. In other words, the defendant violated Section 7 of the CCA.
Section 7 of the CCA makes it illegal for anyone to access computer data for which a specific access prevention measure is not intended for their use. The person shall be subject to imprisonment not exceeding two years or a fine not exceeding forty thousand baht or both.
The above decision is a straightforward application of the CCA based on the fact pattern.
Supreme Court's decision number 7616/2560: The defendant copied photos and content from the plaintiff's website to the defendant's website and Facebook account for commercial use. In this regard, the Supreme Court considered that the defendant's action did not violate Section 9 of the CCA, as copying photos and content doesn't harm, alter, or destroy the image and contents of the plaintiff.
Section 9 of the CCA makes it illegal for any person to illegitimately damage, destroy, alter, change, or amend computer data of other people, either in whole or in part.
Although the defendant may be liable for intellectual property infringement or other criminal statutes, the above decision exemplifies a narrow and focused interpretation of the CCA.
As with legal proceedings, the plaintiff in the above case may have included the CCA in an overall strategy against the defendant, and the court ruled explicitly on the application of the CCA under the circumstances of the case.
Under the facts of the above case, the plaintiff certainly would have other legal tools to claim compensation for commercial damages.
We believe the court would penalize the defendant under Section 9 of the CCA if the damages were to computer data rather than commercial damages.
Another case that may be uncomfortable for readers is Supreme Court's decision number 1188/2561: The defendant was accused of sending obscene photos and videos to the plaintiff's daughter's email address. In this regard, the Supreme Court considered that the defendant's action did not violate Section 14(4) of the CCA as the email address is inaccessible to the public. Although the defendant's behavior is questionable (to say the least), the court narrowly focused on the terms of the CCA.
Although the act under the above court decision is reprehensible, the court closely followed the wording of Section 14(4) of the CCA. Under Section 14 (4), any person who perpetrates the following shall be subject to imprisonment up to five years and a fine not exceeding one hundred thousand baht, or both:
(4) put into a computer system any computer data that is obscene and may be accessible by the public.
The conjunction in Section 14 (4) ("and") joining the two qualifications for guilt was not well enough established for the court to find a violation of Section 14(4), even though the first part of Section 14(4) was proven, being the input of obscene data, the later part of Section 14(4) was not proven to the court's satisfaction.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.