Thailand: Announced Regulation on Digital Identity Proofing and Authentication System business operations regarding criteria, conditions, and time periods for ceasing business operations

On 15 September 2023, the Electronic Transactions Commission of Thailand announced the implementation of regulations under the authority of the Royal Decree on Supervision of Businesses Related to Digital Identity Proofing and Authentication Systems Requiring a License, B.E. 2505 (2022). This regulation mandates that businesses operating digital identity proofing and authentication systems requiring a license must adhere to specific criteria, procedures, conditions, and timeframes when terminating their operations. Key requirements include conducting an impact assessment, preparing a cessation plan, suspending services for new and existing users within specified timeframes, and making public announcements about the cessation at least 180 days in advance. Licensees must also manage personal data appropriately during the cessation process, including notifying users about data handling and providing support channels for user inquiries.