Despite threats that the Personal Data Protection Act (PDPA) would be coming into force in June 2022, Thailand’s Personal Data Protection Committee had changed its mind and has given a grace period to small-to-medium-sized enterprises (SMEs) to comply with the Act’s requirements.

This comes as a relief for smaller businesses which, since the Act was legislated in 2020, have continuously expressed their concerns about complying with its provisions pleading financial hardship and economic difficulties caused by the COVID-19 pandemic. As discussed in our infographic, PDPA means significant investments in technology, systems, and staff – all of which are out of reach of many SMEs struggling with Covid travel restrictions, and in an economy where the timing of recovery is uncertain.