Homepage
 
 (Thai)
ҵðҹҡ㹡äͧǹؤ: šзͻ1 (͹ 2)

ѡ2


(ͨҡѺ Ҥ 2563)

äͧǹؤŵͺѧѺҾû (European Union Directive 95/46/EC)3


äͧǹؤͺѧѺҾû 95/46/EC Ѻ繺ѭѵԷռźѧѺҧȩѺáͧǹؤ ١ҧ»ҪԡҾû ͺѧѺѺäͧǹؤҾ㹡͹Ǣͧ ѧѺͧҢŨѺäͧҧѹʹ駵Ҵû բͺࢵúѧѺ ҵ 2 ӨӡѴͧǹؤ (personal data) ¶֧Ţ (information) ੾еǺؤ ö觪ѡɳ੾зǢͧѺǺؤ ¶֧ؤŸ (natural person) Ңͧ (data subject) ê੾еǺؤҨµç ҧԧ֧ǹؤ ŢШӵ ѡɳӤѭҧ Ե ʶҹзҧԹ ѧ Ѳ 繢ŷö੾еǺؤ 㹢ͺࢵͧúѧѺ㹡ûŢԸաû (manual) СûżŢԸա÷ҧ硷͹ԡ Ըաѵѵ (electronic or automatic) ѧ ЪҪءҾû ء˹§ҹҪ 㹷ءѷҧҹ ͧøáԨ͡ء觵ͧöաùӡࡳäͧ任ԺѵԨԧҵðҹǡѹǷҾû ѵػʧѡ 2 С ҪԡͧҾû Ƿҧúѭѵԡ¤ͧŷʹͧѹ ҵðҹ㹡ûԺѵ㹡觢ǹؤ㹻Ҫԡ

ͺѧѺѺ¡ͧաúѭѵԡ¤ͧл äͧЪҪҡ ѺäͧǹؤǹǡѺҤ͡ ੾㹺ѷ͡СͺáԨä ִͧѡ÷Ӥѭѧ

  1. ѡҤسҾͧ
  2. ҵáâͧûżŢŷͺ¡
  3. ͡˹㹡ûżŢŪԴ ǹ੾͢͹ (sensitive data)
  4. Է㹡Ѻ駡红ŵҧ ͧҢͧ
  5. Է㹡Ҷ֧ŢͧҢͧ
  6. Է㹡äѴҹûżŢͧҢͧ
  7. ѡҤʹ㹡ûżŢ
  8. 觼ҹǹؤѧȷ


͡ҡäǺ觢㹻Ҫԡ ѺȷҪԡҾû ҡзӡõԴѺ-觢šѺҪԡҾû ͧҵááäͧŷ繷Ҿû蹡ѹ ҵá÷Ҿû з觻ѰԡҷաäСŧعѺҪԡҾûҡش ա͹ǢͧŢҡش ѧٻẺäͧ͹ѺҾû ѰԡкǺͧ(self-regulation) Ҥ͡˹äǺŢҴµͧ 觷ͧաþԸաûйջй繷ҧ͡䢻ѭҤѴ駢ͧͧ

ҡüҹҧ硷͹ԡաԺҧǴ ֧ա¡͡ͺѧѺ Directive 2002/58/EC ǡѺûżŢͧǹؤСäͧǹҤ硷͹ԡ ռźѧѺ㹻 2002 ա͡͡˹ Regulation (EU) 611/2013 繡º㹡͹Դǹؤ¼ԡá硷͹ԡ㹡óշǹؤŢͧ١Ѻ٭ ١ ͡ó ١ءա

͡ҡ СҸԡûѧ͡ҵðҹѺö͹ǹؤѧȷͤͧö͹ǹؤŨҡҾûѧȷ 觻ҪԡöҺѷ˹§ҹҵðҹҹ 㹡÷ѭҷǢͧѺö͹ǹؤѧȷ дѺäͧǹؤŷѺѺͧҵðҹ

äͧǹؤŵ General Data Protection Regulation (GDPR)4

GDPR 繡ºͧ EU ͤͧ͡ЪҪ㹡 EU ҡ÷ǹТǹؤŶ١ǧԴҡšؤѺ͹¢ 繡ûѺاҵáѺʶҹóᵡҧ仨ҡͤ͡ EU Directive ͻ 1995

¹ŧҡ͡˹ GDPR ӤѭѺʹ ͵˹㨡ѹҡ Ҩ繺ŧɷ˹ɻѺ٧ҡкҡлżŢǹؤŢͧЪҪ EU 軮ԺѵԵ GDPR ж١Ѻ繨ӹǹԹ֧ 20 ҹ 2-4% ͧͻշš ѺǧԹҡ ºռѧѺѺ˹§ҹ EU 件֧˹§ҹ͡ EU

ѡäͧѧ仵ҵðҹͧ EU Directive դ¹ŧӤѭҡ͡˹ GDPR ѧ

1.ͺࢵúѧѺԧ鹷
GDPR ѧѺ㹷ء˹§ҹաûżŢǹؤžͧ EU Һѷе˹ 蹤 GDPR ѧѺѺǺмżŢ EU ҡûżŨз EU ¨кѧѺѺءԨ繡è˹Թкԡͧ EU зءԨѡɳСõԴĵԡͧͧԴ EU ҡ繸áԨͧ蹷Ҫԡ EU (Non-EU Business) ͧԹ觵駼᷹ EU

2.ŧ
㹡óշԴ͡Ţͧ (Data Breach) ˹§ҹ軮ԺѵԵ͡˹ж١Ѻ繨ӹǹԹ֧ 20 ҹ 2-4% ͧͻբѺǧԹ٧ ɻѺ٧ش㹡óç ͤԹ§㹡ûżŢ ͡ûԺѵԢѴѡ Privacy by Design ҧóɻѺ 2% 蹡óաաúѹ֡ҧк Supervising Authority ҢͧԴ˵ ͡Ѵ Privacy Impact Assessment

3.Թ
ѡԹѺ׹ѹҡ кҡâͤԹͧԹٻẺöҶ֧дǡ (Intelligible and easily access) ͧѵػʧͧûżŢ㹡âͤԹ ¡âͤԹͧդѴਹ ҷµ͡ ͡ҡ¡ԡԹͧͧԹ¤дǡ

GDPR աá˹ԷԢͧҢͧŷѴਹҡ鹴ѧ
1.ԷԷѺԴ (Breach Notification)
GDPR ҡ˹ҷͧԺѵ Դ͡Ţͧ Դšзդ§ԷҾͧҢͧ 駹駵ͧԹ 72 ¼żŵͧ駵١мǺѡѧҡԴ

2.ԷԷҶ֧ (Right to Access)
ҢͧԷԷѺ駨ҡǺ աûżŢ ûżŴԹ÷˹ ѵػʧ ͧ ǺŨеͧѴҢŴѧҢͧٻẺ硷͹ԡԴ ͡˹繡¹ŧӤѭͧʢͧ繡׹ѹ秢ͧҢͧ

3.ԷԷТź (Right to be Forgotten/Right to erase)
ҢͧԷ (1) 㹡ź ЧѺ شûżºؤŷ (2) Է㹡źŷǹǢͧѵػʧ㹡èѴ纤á (3) Է㹡źŷҢͧ¡ԡԹ 駹 ǺͧžԹԨ㹡þԨóººԷԢͧҢͧšѺªҸó㹡ͧŹ

4.ԷԷѺǡѺͧ (Data Portability)
ԷԷѺǡѺͧ ٻẺöҹٻẺҹͧ/ػó (machine-readable format)

5.ԷԷѺͧ (Privacy by Design/Privacy by Default)
˹աҧкͧ(Protection) ͡áͧ͡Ẻк ҡҡôԹѧ ¡˹ҵͧաҵá÷ҧ෤ԤСú÷ ִѡԷҾ 仵͡˹繡äͧԷҢͧ

ǺŨлżŢ§ҷáԨ (data minimization) еͧաèӡѴҶ֧¼դǢͧѺûż

6.ԷԷѺäͧ˹ҷͧ (Data Protection Officers: DPO)
к纺ѹ֡ͧ (Internal Record Keeping) ᷹к§ҹ Data Protection Authorities (DPA) С˹ա觵˹ҷѺԴͺ (DPO) ѺǺмżŢŢҴ˭ áԨѡ㹡õԴлżŢ繻Шк (Regularly and Systematic monitoring Data Subjects)

觵 DPO ͧӹ֧֧سѵԴҹԪҪվФǪҭҹҤԺѵ Ҩ觵˹ҷͧͼԡ¹͡ ͧ駢šõԴ͡Ѻҧ DPA еͧշѾҡѺûԺѵáԨоѲҤǪҭͧ DPO 駹 DPO к§ҹͼдѺ٧ еͧ˹ҷ蹷Ҩ繡óռŻªѺ͹

GDPR Ѻ¢ǹؤŢͧ

㹡͡͡äͧǹؤ㹻ըش㹻 2540 ʹ»շҹ աèѴҧ¶֧ 5 Ѻ ҹѰ¤ ҧ ...ͧǹؤũѺáѧѰҤͩѺѴӹѡ¡ѰիѰ¹Է ǪҪ ѧҹԵԺѭѵ觪ҵ͹Ҥ 2552 ѧѺúè;ԨóҢͧѰ աغ͹Ҥ 2554 ҧѰ¹ҧѡɳ Թѵ ʹѧѰա͹Ҿѹ 2556 ԴѰ¡͹

ѧѰѹ 22 Ҥ 2557 Ѱ㹹ѡҤʧ觪ҵ (ʪ.) СȨ͡¤ͧǹؤ繡Ӥѭդ觴ǹ͡кǹûٻ Ѱ ͡ط ѹͪҧ©ѺѧҹԵԺѭѵ觪ҵ͹Ҥ 2557 ѧҡ֧͹ ѧ¶١Ѻʹҡ鹴¡÷ѰŪشǡѹʹҧ¤ͧǹؤաѺ㹪ش¢Ѻ͹ºɰԨԨԷ 觨Ѵ¡зǧ෤ʹС 5

ҧ ...ͧǹؤ .. . ѧ աûѺ¤駨ҧش 觼ҹ繪ͺͧҹԵԺѭѵ觪ҵѹ 28 Ҿѹ 2562 лСҪԨҹມ 27 Ҥ 2562 6

繷ͧ١ѹ令 äͧǹؤŵ¹ҵðҹдѺҹһ駷ҧ EU Ѻ ;Ԩóǻ繡觢ŢᴹͧӤѭش С觢ŢͧҧҵԵҵðҹҡТ͵ŧҧȨ觢ѧȷҵáäͧǹؤ ӡҵðҹͧȼ ·躷ѭѵԢͧ ... ͧǹؤ .. 2562 ˹餳Сäͧǹؤ˹ҷӹҨ˹ѡࡳͧǹؤŷ͹ѧҧ 觡͡ºлСȵ¹Թ˹觻 觢йѧաôԹͧҧ

·͡Сȡࡳҧ Ҩͧաҹ 7 ֧ҡФҴѡࡳ͡Ҩҧ 繵ҵðҹҡТ͵ŧҧȵҧ 㹪鹹һҵáäͧǹؤ ҵðҹ繷ѺҾ§ ͵ӡҵðҹͧ 駻ҪԡҾû ҧ 1-2 8 ѧѡࡳҹ Դóաš¹աѺ-觢ҧ¡Ѻҹһ͡ѺҪԡҾû ҧҾûҵðҹͧ顮©Ѻҵðҹº GDPR §

͡ҵáäǺôԹǡѺǹؤ

Ѩغѹҵá÷ҧ·Ѵਹ㹡äͧǹؤºѭѵԢͧ ... ͧǹؤ .. 2562 觵´ѧѭѵԡ˹餳Сäͧǹؤ˹ҷӹҨ˹ҵáǷҧôԹǡѺäͧǹؤ仵¹ ӹҨ㹡͡Сȡ˹ͻԺѵ㹡äͧǹؤǷҧǺǹؤмżŢǹؤŻԺѵ ѧҡաèѴӹѡҹСäͧǹؤ ա觵駤Сäͧǹؤ ҴҤСèԹ͡Сȡ˹ͤйӵҧ ͡ҵ 觹Ҩա˹

ǡѹ 㹡þԨóҨѴӡͺǷҧûԺѵԧҹͧ˹§ҹҧ 㹡ôԹ÷ǢͧѺǹؤ աá˹ѡɳǷҧԺѵͤй㹡äͧǹؤ ͧþѲҤ͡ ǫŹ (Privacy Thailand) ͢¾ͧ (Thai Netizen Network) ʶҺѹº֡ ֡ШѴӢʹ ǷҧԺѵѺäͧ (Data Privacy Guideline) ʹ͵˹§ҹҤѰ͡ á˹ǷҧԺѵѺäͧҤѰӹѡ¡Ѱ 9 ѡôѧ仵ѡҵðҹҡǡѺäͧǹؤ ѧ

1.ͧҢͧҧѴਹҨա红ǹؤ ѵػʧ ؤͧ÷ǹؤҨѺԴ ͧԷԢͧҢͧҵá÷㹡èӡѴ Դ Ҷ֧ С 駹ͧ駡͹㹢з ǷشѧèѴ

2.ͧաèѴҧӡѴҷ仵ѵػʧͧ 纵ͧԸշ١ дԸշ繸 駵ͤԹҡҢͧ

3.ŷ੾еѵػʧͧҹ ѺԹҡҢͧ

4.ҢͧԷ͡ҨԹա Դ¢ǹؤŢͧ

5.ŷѴ纵ͧդ١ͧ ó 繻Ѩغѹ еѵػʧ

6.ͧҵáäͧҧͻͧѹѹ·ҨԴ Ҩ繡٭--Ҷ֧ǹؤѺ͹حҵ ÷Ѻ͹حҵ -Ѻ¹-Դ Ԫͺ

7.ҢͧԷѺա红ǹؤŢͧ ԷҶ֧Ţͧͧ ԷԢǨͺ١ͧТѺا ͷ Ţͧ

8.红ŨеͧѺԴͺѴҵáõҧ 仵ѡࡳѧ 觢ǹؤѧؤͧ 㹻ѧҧ еͧѺԹҡҢͧ Шеͧҵá÷СѹҺؤͧ÷ѺǨѡҢ仵ѡࡳ

9.㹡óշ繡ôԹ÷ǡѺŢͧ Ǫ ͼѧعԵ еͧӹ֧֧Թ Ҩ繡ôԹµǼͧ ¼黡ͧͺ¡ 駡¾ԹԨͧ黡ͧ¾ĵԹ ʶҺѹҹ֡

10.㹡óշеͧաҨҧͺؤ˹§ҹ (Third party) ѡɳ˹ԡ (Service provider) ˹ҷͨѴ÷ǢͧѺǹؤ ؤ˹§ҹѧǨеͧкäͧŷҵðҹ ШеͧաèѴӢ͵ŧѴਹҺؤͧôѧ ѺФͺͧǨѡҢ仵ѡࡳ

ǷҧԺѵѺäͧŪش Ӥѭ͡ѡҼŻªͧͧͧԷԤǹ ͻͧѹǹؤԪͺ лͧѹ·Դ Ҩ繤·Դҡ ûż ª СԴ觵͢ (collect-process-use-disclosure/transfer) ǷҧԺѵѺäͧŹ ֧繷ҧ͡˹Ѻ˹§ҹǢͧѺôԹͧ͹Ҥ

ҵðҹҡ, GDPR: šзͻ

ҵðҹҡ㹡äͧǹؤ㹡ҧТ͵ŧҧ ҧաͺѧѺǡѺѺҧ ѡӤѭС˹觷ҡ㹢͵ŧҹ ͡á˹ҡš¹ŨдԹ੾ҧȷաҵá㹡ͧǹؤŷҵðҹ§

¤ա§ҵáҡҹ੾ GDPR ҡ СäҧŤҷҧɰԨ٧ҡ 㹡ôԹáԨ觷Թúк硷͹ԡաš¹ҧСͺõʹ ҳѺ-觢 㹺ôҢҹ֧ǹؤŷǢͧӹǹҡ 駢žͧͧȼлȼԹкԡ ԨóҨҡҤͧкԡ§ǹ ѡͧǨҡû繡˭شѺҤ÷ͧǢͧ ͹ҢǹؤŢͧѡͧҹеͧաѺ--š¹Ѻԡ㹻ҧա§

ѷ˹§ҹ㹻Ҩ֧Ҩռšзҡº GDPR ӹǹҡ 红šԹҧ͡ áԨ¡úԹ ѷͧ çѡ çҺʶҹԡآҾ ʶҺѹԹ áԨԹøҤ š¹Թ ѵôԵ ûСѹԵ ûСѹ ѷäҤ ѷԹáԨá͹Ź E-commerce

͡ҡҹǹؤ㹼СͺôҹèѴâСõԴäҤ ੾иáԨǢͧѺúèѴâǡµç Ҩ繼СͺôҹûżŢ èѴкŢҴ˭ (Big Data) áԨúԡкѴ (Server and Cloud) 駸áԨǢͧѺѧ͹Źҧ ǹѴ红ǹؤŻҳ 觷ء˹§ҹ˹ҷ Data Controller Data Processor лżŢŢͧͧҡ㹡 EU ֧觵ͧӹ֧֧ûԺѵʹͧѺҵá GDPR ¤Ѵѧ

͡ҡ ѧդѧŨҡ½·˹ѡ֧Ӥѭͧ GDPR ͧҶ֧СͺҨⴹԹշҧ¨ҡ軯ԺѵԵͻԺѵԢѴѺѡ GDPR ·ҵԢͧõԴ͸áԨҧȵͧաš¹ҧѹ ҡ¼Сͺ÷ҧûҺѷҢͧöԺѵԵ GDPR ѷҧҾûöš¹šѺѷ 觡觼öӸáԨáѹ㹷ش

͡˹ͨҡͨӡѴػäСз͡ôԹáԨҧдѺСͺõͼСͺ ͧҨ繻ѭдѺдѺҹҪҵ ҾûҨҵáá᫧ҧä ѡɳǡѺ ͧ ¨ҡóջѭ Illegal, Unreported and Unregulated (IUU) Fishing ͹¹ 2558 10 к繻ȷ㹡õ͵ҹ÷ӻԴ EU ҵáäӺҵáù÷Ũҡȷԡµ͡䢻ѭ IUU Fishing 觨Сз͡ôԹáԨҧ㹷ش

GDPR ռźѧѺͧ 11 㹢з衮¤ͧǹؤŢͧռźѧѺ͹Ҥ 2562 12 繷ʹ GDPR оҪѭѵԤͧǹؤ .. 2562 繷ѡѺͧСͺáԨ㹻ҡ§ йǡѺûԺѵԵѡࡳաôԹҡ§ ੾оͧդѡࡳ졮ºҹ ͧ㹰ҹм㹰ҹҢͧդ˹ѡͧӤѭͧǹؤŢͧ§ ҧ˹ѡҸóͧԷԤǹǨ֧ͧͧԹ ੾ѺѹʶҹóäءǹСǧԴªǹؤŷѧԴҧǴعç㹢ͺࢵᴹͧšԨԷ㹻Ѩغѹ


------------------------------------------------------------------------------------------------------
1 ͡ùѴӢ㹡ûЪҷҧԪҡç äͧǹؤŢͧͧ ͧʶҺѹº֡ ¡ʹѺʹعͧŹԸԤ͹Ҵ ഹ ¾ѲҨҡ͡ûСͺǹҷҧԪҡͧ äͧǹ Big data GDPR 㹡þѲɰԨԨԷŔ (Ҥ觻, 22 ԧҤ 2561), աûѺا㹡ûЪ¤駤 ûЪͧ ͢ǹؤ͹ŹⴹԴ: ʹ¹ҡó֡һѨغѹ (31 ԧҤ 2561, ŧóԷ) ûЪͧ ԷԤǹ: ǤԴСûͧ¡” (ʶҺѹº֡, 28 չҤ 2562) ûЪͧ ǹ GDPR иԺŢ 㹡þѲɰԨԨԷŔ (Էǧ, 10 Ҥ 2562) СԧԺѵԡͧ Էǹؤ㹧ҹͧشШ˵ؔ (ӹѡҹСԷª觪ҵ, 25 áҤ 2562)

2 ҨШԷ¡ûͧͧ Է¢͹, ͵мӹ¡ Privacy Thailand

3 ѡ, ҧ, ԧö 4

4 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

5 Ѱ㹡ûЪѹ 6 .. 2558 繪ͺѡҧ㹪ش͡âѺ͹ºɰԨԨԷŢͧзǧ෤ʹС ӹǹ 8 Ѻ ҧ ... ͧǹؤ .. . աѺ˹ʹ еҤѰ㹡ûЪѹ 8 ѹ¹ 2558 繪ͺ͹ҧ ... ͧǹؤ .. .... ӹѡҹѴӹѡ¡Ѱ繼ʹ ҡ ʹ. зǧ෤ʹСùԨóҷǹѺҧзǧ෤ʹС繼ʹա˹

6 ҪѭѵԤͧǹؤ .. 2562 СҪԨҹມ 136/͹ 69 /˹ 52 ѹ 27 Ҥ 2562.

7 ҵ 96 ôԹ͡ºлСȵҪѭѵԹ Թ˹觻չѺѹҪѭѵԹѧѺ ҡöԹѰ§ҹ˵ؼŷҨԹͤѰͷҺ

8 ҵ 2 (1) ҪѭѵԹѧѺѹѴҡѹСҪԨҹມ繵 躷ѭѵǴ 2 Ǵ 3 Ǵ 5 Ǵ 6 Ǵ 7 Фҵ 95 ҵ 96 ѧѺ;鹡˹˹觻չѺѹСҪԨҹມ繵

9 ˹ѧӹѡҹѴӹѡ¡Ѱշ 0108/ 319 ŧѹ 14 Ҥ 2562

10 ҵ , º EU ͧ GDPR (General Data Protection Regulation) ѺҪҢͧ˹§ҹ Ҩͫ IUU Fishing, https://tinyurl.com/y9bf6329

11 GDPR ռźѧѺ 25 Ҥ 2561

12 ҪѭѵԤͧǹؤ .. 2562 ռźѧѺ 28 Ҥ 2562
 


Print Version