Thai Police Get Tough Net Laws

[sillyfools]

Overall the law isn't such a bad thing.

Don't forget also that 10s of thousands of websites got unblocked last week. (They started being blocked under Thaksin). A website can now only be blocked after a court order.

Two things seem quite ludicrous. It can be part of the translation or it may be intentional. I hope at least that they will correct their mistakes:

1) - Taking possession of your pc just by providing their ID's. I think a lot of offices will find this to be a new profitable business. Confiscate a pc... Sell it later. No proof. No problems.

2) - Confiscating a pc for porn. I think they better start building some HUGE warehouses. They will be BUSY. School and university pc's are literally infested with porn. Does that mean no more pc's at school? Does that mean the end of the OLPC (one laptop per child) program... Oh God.. Does that even mean the end of Thailand the IT Hub????

Also what happens if you visit a site and there's a porn banner. It's stored on your pc... Big delemma. + The same argument as in number 1). Enforcement OUT of the bedroom please. Private life is private life but if that's the way they wanna go then they better outlaw sex unless you're married!

Apart from that it's a good start. Too bad it's not clear enough and it allows for exploitation.

Apart from that also... don't be so paranoid. Nothing is always about 'getting the farang'.

As a last note.. I remember reading that police does not have a well-trained team to tackle these computer related crimes and basically just forwards all of these things to the MICT. Since 50,000 sites have been unblocked the people at MICT need some things on hand. This is it. The problem is though.. are these trained and unbiased officials as the police should be?

I think what Thailand needs now is some clear internal policies, guidelines and training on how to cope with this new law and how to use (not abuse) it.

Cheers

[sh4d0wman]

For the general part it seems ok, they show they might do some about cybercrime in TH now. The alarming things are mentioned by other users already so I will not discuss that.

My main interest is if they have any people with enough knowledge to perform these tasks. Over the years I did chat with various IT graduates from Thailand and their knowledge was at points pretty disappointing considered to knowledge here in Europe. This makes me wonder in how far the police is able to track any of your pc.

Will they just come in, flip the switch of ur pc and take it with them?

Will they by stuck by a simple directory/file encryption? (Where they might can find the data still in temporary files, swap, etc)

Or is it necessary to employ full disk encryption?

Do they need to have a chain of custody? Or is there a big change they can tamper with evidence?

So many questions, so few answers

Ps sorry for any bad spelling, grammar etc.

[joskydive]

Nectec director Pansak Siriruchatapong said the Act, in theory, would provide benefits to the country as a whole. However, he expressed concern about the capability of officials, who are required to have knowledge of computers.

Sorry, but this bit worries me.

Why would they pass an act when they already have doubts about their officials abilities and knowledge to follow it up?

How many private homes are they going to visit, confiscate computers and fine before they realise they may have made a mistake and then would they admit it?

[Leonarddd]

I think it's going a bit far. Since the block many websites, they can record your IP address (your fingerprint on the net) , know who had that IP at any time (your username/password) and raid your premise any time they want.

To get around that, you could always VPN (encrypt) your data go a remote location (another country would work) and then browse the net through there. There are companies that sell this service.

I wouldn't trust companies too much since you don't know who is behind them.

Read about how you can cought at :

http://www.theconsigliere.com

[Hurricane51]

I would guess that the Thai government needed a law to specifically prosecute those users who employ the computer to further their "undefined" illegal activities. Let's be realistic -- there is no way this could signal a massive invasion of homes to seize personal computers. There is no manpower to support it. However it does provide a law under which the government can specifically prosecute users for gross misuse of their computers to further their other illegal activities. As one poster suggested, pedophiles come to mind. And I think the circumstances under which it can be applied are deliberately vague enough to provide prosecuters with leeway in applying it.

Is it a good law? It depends on how it is used. Can it be misused? Certainly. Will mistakes be made? Absolutely. But I think that it's a bit early to get feathers ruffled yet. Yes it's one more law that can be misapplied, but until it sees widespread application I don't think we can make any generalities. I think there are other threats to civil liberties that are more pressing.

[Jai Dee]

New law takes aim at cyber-criminals

The Computer Crime Act will finally enable authorities to protect 'netizens' and enhance e-commerce.

The long-awaited Computer Crime Act, which comes into effect today, will have a positive impact on both avid "netizens" and non-computer users alike by protecting online privacy and ensuring Internet security. The new law was also designed to enhance electronic commerce and national security, and should as a result encourage online transactions by creating a safer cyber-environment that is more conducive to business for all. The Computer Crime Act is Thailand's first serious attempt at dealing with crimes in cyberspace. The goal of the act is to plug the loopholes in existing laws in order to empower law-enforcement agencies to more effectively deal with crimes committed via the computer or Internet. Such crimes include hacking, unlawfully accessing computers or network resources, and the unauthorised interception of e-mails or data transmission with the aim to commit theft or do harm to others. Without this law, law-enforcement officials would be unable to apply the Criminal Code and criminal procedures in order to go after cyber-criminals.

Computer crimes have had a negative impact on businesses, particularly those that rely heavily on electronic transactions. However, these cyber-crimes have usually been kept secret out of the fear companies had that publicising them would weaken consumers' confidence in doing business online.

It is a well-known fact that Internet service providers (ISPs) and commercial banks have been spending millions of baht each year just to keep hackers at bay and secure their information technology systems against malicious virus attacks.

Contrary to the fears expressed by some-civil liberty advocates, the law is not intended to give authorities too much power to impose censorship, restrict freedom of expression, or infringe on individual rights and privacy. Indeed, the law seeks to enhance individual privacy: under the Computer Crime Act, employers are forbidden from screening or monitoring employees' e-mails without prior notice.

The Act also does not give the Information and Communications Technology (ICT) minister too much power as it relates to blocking websites. The minister is required to seek a court order in order to block any website, with such decisions to be made on a case-by-base basis.

The law also bolsters the capability of law-enforcement agencies to go after international criminals as well. The law specifies that any criminal act targeting or negatively affecting a person in Thailand will fall into the jurisdiction of Thai law enforcers, who will be able to prosecute wrongdoers regardless of where in the world they committed the crime.

There had been debate about the possible liability of ISPs in cases of criminals using their resources to commit crimes. But the law makes it clear that ISPs who operate their businesses in good faith have nothing to fear. For example, ISPs that take prompt and appropriate action against criminals to stop them from using their networks to commit crimes or take remedial measures will not be prosecuted as accessories to criminal actions.

Specialised law-enforcement officials will be trained to conduct investigations of computer-related crimes. The Royal Thai Police force meanwhile will be developing its capacity to investigation computer crimes. Since there are currently too few officers who specialise and are well versed in computer crime investigation and evidence-gathering techniques, police will refer cases of computer crime to the ICT Ministry for investigation.

Now that the law is in effect, people will have to think twice about such innocuous activities as forwarding e-mails containing information or pictures of other people in compromising positions, or circulating URLs of websites that offer content such as pornography. Senders will now have to consider the impact of this material on others because those forwarding such material can also be prosecuted for infringing on others' rights to privacy.

The law will require ISPs to back up information, such as IP addresses and user logs, which would increase their cost of doing business. However, this would improve security on all sides and create an environment in which more people are encouraged to do business online, which would benefit all parties, including ISPs.

Editorial Opinion from The Nation - 18 July 2007

[nikster]

Overall the law isn't such a bad thing.

Don't forget also that 10s of thousands of websites got unblocked last week. (They started being blocked under Thaksin). A website can now only be blocked after a court order.

Two things seem quite ludicrous. It can be part of the translation or it may be intentional. I hope at least that they will correct their mistakes:

1) - Taking possession of your pc just by providing their ID's. I think a lot of offices will find this to be a new profitable business. Confiscate a pc... Sell it later. No proof. No problems.

Much easier: You pay a very reasonable fee, you keep your PC. See - everyone's happy....

2) - Confiscating a pc for porn. I think they better start building some HUGE warehouses. They will be BUSY. School and university pc's are literally infested with porn. Does that mean no more pc's at school? Does that mean the end of the OLPC (one laptop per child) program... Oh God.. Does that even mean the end of Thailand the IT Hub????

Maybe but Thailand will never lose its status as the world #1 hub of hubs. No one can take that away.

No law that's throwing the door wide open for new Police revenue streams like this is good.

[marquess]

This is just another idiotic law by those who seem to be serverly intellectually challenged when it comes to common sense. This is what will happen, it will be used selectively to nab and deport. Headlines: Thai girlfriend reports that foreign boyfriend had porn on his computer, boyfriend fined and subsequently deported. Remember once these stupid laws come in, now matter who stupid they are, they are never revoked, just left to there to be dusted off at the appropriate time!

[LA Don]

Everybody Jai Yen, this is standard practice throughout the Western World Thailand is just following suit and unless you are doing something very naughty in Thailand on your PC then theres absolutely no need for any concern.

Yep! Just like driving a motorcycle or automobile in Thailand. Not to worry, as long as you are following the traffic laws and have an adequate supply of 100 baht notes. Wonder what the rate for making the IT police go away will be?

[s.pylos]

New law takes aim at cyber-criminals

Now that the law is in effect, people will have to think twice about such innocuous activities as forwarding e-mails containing information or pictures of other people in compromising positions, or circulating URLs of websites that offer content such as pornography. Senders will now have to consider the impact of this material on others because those forwarding such material can also be prosecuted for infringing on others' rights to privacy.

Editorial Opinion from The Nation - 18 July 2007

Another fantastic editorial from The Nation...

If such activity are innocuous, why would people have to think twice...

Obviously the editorialist did not think twice...

[sandy]

[IAMSOBAD]

If a policeman comes to your door and shows his I.D. and says he wants to see your laptop computer...tell him its being repaierd...on a business trip...at a cafe...on a vacation with some other person....ANYTHING! He can look all over...just dont give it to him. If you have a desktop...Dont answer the door to people looking for it. I doubt they will shoot you. They couldnt catch a cold in the FLU ward.

p.s. Was that farang bank hold up man in Phuket ever caught? NOPE!

Edited July 18, 2007 by IAMSOBAD

[s.pylos]

For the general part it seems ok, they show they might do some about cybercrime in TH now. The alarming things are mentioned by other users already so I will not discuss that.

My main interest is if they have any people with enough knowledge to perform these tasks. Over the years I did chat with various IT graduates from Thailand and their knowledge was at points pretty disappointing considered to knowledge here in Europe. This makes me wonder in how far the police is able to track any of your pc.

Will they just come in, flip the switch of ur pc and take it with them?

Will they by stuck by a simple directory/file encryption? (Where they might can find the data still in temporary files, swap, etc)

Or is it necessary to employ full disk encryption?

Do they need to have a chain of custody? Or is there a big change they can tamper with evidence?

So many questions, so few answers

Ps sorry for any bad spelling, grammar etc.

Thai Visa should implement a bad grammar policy similar to THAI TV Ratings:

According to The Nation Poll, 60 per cent of the 606 respondents believe it "good" to have airtime restrictions for television programmes containing sex, violence and bad grammar.

Bad grammar on Thai Visa allowed after 8PM...

[sandy]

[ksamuiguy]

Who is "an Officer" surly not the local police!

What ever happened to the requirement for a warrant from the court to enter your home?

Just wondering, as this is a license fro abuse and blackmail.

[Mr_Pedantic]

Most countries have laws allowing the police to seize computers as evidence when they are suspected to have been used to commit a crime.

Oh really ? Without a warrant ?

Warrants in the UK are given out like candy anyway

[bkk_mike]

Most countries have laws allowing the police to seize computers as evidence when they are suspected to have been used to commit a crime.

Oh really ? Without a warrant ?

You've obviously never read the story of the beginning of the EFF.

The computer programmer in the States who was writing a game about hacking, had his PCs effectively stolen by the police (they were returned several years later). The games company he worked for ran into problems because the game had been mainly on the principal developer's PCs, and by the time the PCs were returned, the game was no longer exactly cutting-edge, and the PCs were so out of date, the police may as well have kept them.

And nobody was ever charged with anything... (although, I think the police got sued).

The 2007 Computer-related Crimes Act also prevents unauthorised applications and access made to other people's computers, as well as alteration, deletion or destruction of the information of others.

This is hilarious - no law can PREVENT this. - It can criminalise it, but if legislators honestly think laws prevent things, they are delusional. (or am I the only person in the world that still receives SPAM and phishing emails from the US after the CAN-SPAM went into law - admittedly gmail means they all go straight into my Spam directory, but I still get them).

Does it mean that Record Companies installing root-kits on people's PCs is now illegal in Thailand? - Can I sue Grammy now?

Personally - the only way to stop spam is to sue the company that produces the goods that the spam is selling. - i.e. Every Viagra spam you get - you should be able to sue Pfizer - then they'd stop (although you'd still have phishing emails).

I belief that most computers which will be seized are breaking some sort of law, illegal software, outside Thailand proxy server setting and …..etc.

I connect to my office with VPN software. That effectively means I'm using a proxy server outside Thailand when accessing the internet. I'm not breaking any laws as far as I know, (so long as I don't use it to access banned websites).

It does beg the question, of how I would know if a site is banned when I'm using a PC through a VPN outside Thailand? Not an issue for porn sites, as obviously I wouldn't access those through the office, but if they start banning news sites.

[astral]

Nectec director Pansak Siriruchatapong said the Act, in theory, would provide benefits to the country as a whole. However, he expressed concern about the capability of officials, who are required to have knowledge of computers.

Sorry, but this bit worries me.

Why would they pass an act when they already have doubts about their officials abilities and knowledge to follow it up?

How many private homes are they going to visit, confiscate computers and fine before they realise they may have made a mistake and then would they admit it?

Looking at the local police station, PC Plod is still using a typewriter..............

Do the judges who should be issuing the warrant have any greater knowledge?

Some how I doubt it.

[Mid]

The Cyber Crime Act comes into effect today, affecting the future "forwarding mail" habits of Thailand's internet users.

One of the academics responsible for passing the bill, Dr. Jate Chantarung, said: "From now on, any forward mail deemed as propaganda, contains sexual content or is considered defamatory will be dealt with."

Internet service providers are now required to keep all cyber information for at least 90 days in case it is requested by government authorities.

bangkokrecorder.com

[weatherbureau]

"Impostors using others' identities (or false identities) to send slanderous messages, or those who flood information on discussion forums are also subject to criminal penalties under the law."

This is the best news I heard in years. Maybe it will discourage some of you delussional know it all jackasses who post thousands of times and behave like you are the all knowing and final authority on every subject. We all pray that you give up your computers and take up another form of masterbation.

Okay, now go ahead and prove me right with all of your anal responses.

[guyshown]

Probable cause gives the police the authority to request and obtain a search warrant that is obtain from a judge. Evidence of a crime gives him authority to affect arrest.

I am all for legit laws being passed that protect citiizens from horrible crimes especially ones that might involve some freak that has a hang up about kiddy porn!

[dude007]

Gentlemen,

Here is THE solution: www.truecrypt.org

Bring all of your secret files and porno in this "hidden" volume which is encrypted by the best methods ever known. It takes a very fast computer several years to uncrypt the files that are saved in the (double) hidden volume (folder). And the software is free! (version 4.3a released May 3, 2007)

Try it out and print out the manual first! You will need it before you install!

[sh4d0wman]

Truecrypt is very nice indeed! Combine it with (Securstar) Drivecrypt's boot authentication and you will drive law enforcement crazy. Drivecrypt can emulate a harddisk malfunction. So upon booting you see a message like "Bootfailure Hd0"

However if you type in the correct passhrase (without any prompt appearing whatsoever) the system will magically boot to your OS of choice Only downside is that you must have your computer confiscated when it is off. Otherwise you still might get f#ckd depending on ur setup.

Hmm, with this new law, I might consider becoming a consultant for all concerned, privacy loving, wealthy Thai hehe

[FormasianPaul]

What bothers me most is that this is just another revenue stream for Jo Plod as he gets to the end of the month on is 6000baht a month salary and wants a night out with the "boys"

Whats to stop him just popping round to the local internet cafe and telling them he is going to confiscate all thier machines... obviously with his shirt pocket open and a crafty look in his eyes.... knowing that they are gonna "donate" rather than loose thier businesses?

And if they don't pay? He will be loading the booty into the back of his pick up and delivering them straight to his brother in Pantip - that is of course if he hasn't already opened his own store with the proceeds of previous hauls....

And forwarding mail of sexual content? sheesh the majority of my hotmail is just that.. what happens if I open it? Can I no longer send it on?

Edited July 18, 2007 by FormasianPaul

[teddy_bare]

Stories on this forum seem to follow the same format:

Initial story followed by shock, horror, indignation, criticism, flaming, etc

A couple more posts report further facts, more analysis, more horror, goofy lighthearted followed by key expert

Facts then distorted further and more flaming of individual's lack of educational abilities.

MODs step in with threats and heavenly advice.

Same old, same old

Shame, as I used to enjoy the articles on this forum.

Love Thailand, now indifferent to Thaivisa.

""""(@

[Mid]

Thailand's anti-computer crime law takes effect

BANGKOK, July 18 (TNA)

snip

Controversial content may be logged in files for future probing by the authorities during a 90-day timeframe. Penalties for individuals who may have committed such offenses, including those who live overseas, will be severe, according to the ICT minister.

snip

MCOT Public Company Limited

[SNGLIFE]

I hope the cops catch ALL the damned child pornographers and put them in the kook where, hopefully, they will quickly and violently "disappear".

[briagc]

The most worrying one is

Article 11: Those who send data or electronic mails to others without revealing their identity, or by posing as someone else, in an act that disrupts the others' normal computer use: subject to a Bt100,000 fine.

Most of us here do not reveal our identity and de facto we pose as someone else (our pseudo).

So now we should have a registered ID and an email with our own name?

[sandy]

People obviously tend to read over the most crucial part:

... IN AN ACT THAT DISRUPTS THE OTHERS NORMAL COMPUTER USE. Simply translating "misuse" to harm third parties.

In short, spammers, identity thieves, virus spreaders and other virtual crooks. Nothing wrong with a law to get those busted and should be in the interest of any legitimate user of the internet.

Cheers,

Richard

[anon467367354]

Article 11: Those who send data or electronic mails to others without revealing their identity, or by posing as someone else, in an act that disrupts the others' normal computer use: subject to a Bt100,000 fine.

does this pertain to those that write editorials to the newspaper? does one have to give a real name and address or something. I have two friends with the name Porn, do I have to delete their e-mail addresses from my computer now? So many questions, so little brains, or is it fewer brains?

[bingobongo]

welcome to your police state.....

LOS truly has become a magical place in the last year.....disapperaing democracy, disapperaing political parties, disapperaing civil rights, disappering freedom of speech...... an illusion of improvement, .....the boys in green must have consulted the magician David Copperfield for this wonderful magic show........the only thing i wonder is that for the last act, what will appear?

[bruceboy]

Stories on this forum seem to follow the same format:

Initial story followed by shock, horror, indignation, criticism, flaming, etc

A couple more posts report further facts, more analysis, more horror, goofy lighthearted followed by key expert

Facts then distorted further and more flaming of individual's lack of educational abilities.

MODs step in with threats and heavenly advice.

Same old, same old

Shame, as I used to enjoy the articles on this forum.

Love Thailand, now indifferent to Thaivisa.

""""(@

^

excellent analysis.

I really don't know why I bother to open these scaremongering threads.

[markokang]

Its also another great way for the police to access peoples premises for ANY reason! Just say you think they have something on their computer! Basically now police can enter your home without a warrant anytime they want, who hasn't got a porn picture or nickname on the net!?

Almost ALL my students at University have porn and xxx videos on their cell phones! never mind computers! And what Thai doesn't have a nickname!? 555 oh dear..... a sad day for Thailand (again)