3. Law and Technology
Laws directly relating to technologies
- applies generally
Example
• Electronic Transaction Act
• Cybersecurity Act
• Computer Crime Act
• Personal Data Protection Act
Laws supervising businesses relating to
technologies or specific business models
- applies to specific businesses
Example
• Royal Decree on Digital Asset Businesses
• Payment Systems Act
Laws relating to technology
ภาพรวมของกฎหมายกับเทคโนโลยี
Role of laws in the digital era
“Protecting and Promoting”
Technology = Fast and ease
in doing business
Laws = Supervise and safeguard
the interests of the public
4. AIMC
New law on digital
verification of identity
Equity/Debt crowdfunding
Equity/Debt crowdfunding
Equity/Debt crowdfunding
regulations
Equity/Debt
crowdfunding
regulations
FinTech Regulatory
Development in
Thailand 2018-2019
July 2019
Data privacy law
ตัวอย่างพัฒนาการด้านกฎหมายใน FinTech
10. การทาสัญญาในรูปแบบอิเล็กทรอนิกส์
พ.ร.บ. ว่าด้วยธุรกรรมทางอิเล็กทรอนิกส์ พ.ศ. 2544 และ ฉบับที่มีการแก้ไขเพิ่มเติม
Case law 1:
คาพิพากษาศาลฏีกาที่ 8089/2556
(บริการสินเชื่อควิกแคช)
Case law 2:
คาพิพากษาศาลชั้นต้น
(กู้ยืมโดยส่งข้อความทางไลน์)
Case law 3:
คาพิพากษาศาลฏีกาที่ 6757/2560
(ส่งข้อความสนทนาทางเฟสบุ๊คเพื่อปลดหนี้)
เพื่อนรัก
******
11. Blockchain projects in Thailand
• Wholesale Central Bank Digital Currency (โครงการอินทนนท์)
• National Digital ID (ระบบพิสูจน์และยืนยันตัวตนทางดิจิทัล)
• Thailand Blockchain Community Initiative: e-LG (หนังสือค้า
ประกันอิเล็กทรอนิกส์)
13. Smart Contract
Legal concerns
• What contractual terms should be automated? How should these terms be
expressed via code?
Not every clauses are desirable for automation and self-execution —>
Assessment of the efficiency and operational benefits (instead of just being
effective).
Adapted from Figure 4 in "Whitepaper Smart Derivatives Contracts: From Concept to Construction" by ISDA and King & Wood Mallesons, October 2018.
Form a single
contract
14. Smart Contract
Issues in practice
o The parties cannot know whether the code written in smart contract or
the effect of the self-execution terms will be as intended because they
do not understand the code?
o The equivalence of the legal effect between the smart contract and the
traditional written contract?
o greater standardization and automation of smart contract?
17. Regulated
underlying
Non–regulated
underlying
Traditional
securities
offering
STO /
Asset Tokenization
Existing
securities
To be announced
by the SEC
Regulated Exempted
Digital token Cryptocurrency
Regulated Exempted
Securities
• The Securities and Exchange Act
• The Emergency Decree on the
Specific Purpose Juristic Person for
Securitization
• The Trust for Transactions
in Capital Market Act
E-money / E-payment
The Payment Systems Act
Derivatives
The Derivatives Act
Digital assets
The Emergency Decree on Digital
Asset Businesses
Investment
token
Utility
token
Not ready-to-use
(B1)
Regulated
Ready-to-use
(B2)
Exempted
Others to be
announced by
the SEC
Investment
token
Utility
token
Asset
Tokenization
Digital tokens and laws
29. พ.ร.บ. การรักษาความมั่นคงไซเบอร์ และ พ.ร.บ. ว่าด้วยการกระทาความผิดเกี่ยวกับคอมพิวเตอร์
Cybersecurity Act B.E. 2562 (2019) vs Computer Crime Act, B.E. 2550 (2007), as amended
Cybersecurity
Act Computer
Crime Act
Private entities may have obligations under the
Cybersecurity Act under two scenarios, as follows:
(1) In an occurrence of cyber threats
(2) In the event the organization fits
the criteria of a Critical Information
Infrastructure Organization
("CII Organization")
Cyber threats are classed at
three levels, with varying
compliance obligations
for each level.
Subject to the sub regulations, the
following services may be deemed
a CII Organization:
1. National security;
2. Material public service;
3. Banking and finance;
4. Information technology and telecommunications;
5. Transportation and logistics;
6. Energy and public utilities;
7. Public health; and
8. Others as prescribed by the National Cybersecurity Committee (NCSC).
The Computer Crime Act applies to any person who
commits offences that derive or relate to computer
system and computer data
(e.g. illegally accessing a
computer system or obtaining
computer data; illegally
damaging, destroying, correcting,
changing or amending another
person’s computer data;
sending computer data and
creating spam, phishing )
Case law: Hollywood
hospital hit with
ransomware: Hackers
demand $3.6 million
(9,000 bitcoin) as
ransom.
spyware, adware,
botnets, identity theft