Thai digital identity bill faces cybersecurity and privacy scrutiny
Reactions to the likely passage of a new digital identification law has been mixed, English-language Thai news publication The Nation reports.
The bill will result in the establishment of a National Digital Identification (NDID) company which will operate the technology platform and issue licenses to identification providers (IDP). The system supports a range of authentication methods for digital identity, including PIN codes, e-signatures, fingerprints, and usernames and passwords. In addition to providing an easy and secure way to authenticate identity for digital transactions, the system would enable the government to more effectively prosecute people who commit offenses or pose a threat to the government according to the report.
Paiboon Amonpinyokeat, a cyber-law expert with P&P Law Firm said the bill would establish needed rules and could increase cybersecurity, but he also cautioned that it could create a risk of privacy violations if not handled carefully. “The principle of taking care of people’s digital ID should be tied up with the Personal Data Protection Bill,” he said.
Cybersecurity expert Prinya Hom-Anek asked how reliable and secure the system would be, and noted that government organizations already have digital ID databases.
Thai Hosting Club President Poomjit Sirawongprasert suggested that stronger digital ID could also reduce offline fraud, but expressed concern about the accuracy of authentication, and the ability of misidentified individuals to correct their record.
The Digital Identification Bill was recently approved by Thailand’s cabinet, and is expected to soon be passed by the National Legislative Assembly. The Nation reports that the bill is anticipated to take effect in the middle of 2019.