Negative impacts of European General Personal Data Protection Regulation (GDPR) and Personal Data Protection Act B.E. 2562 on stakeholders
Main Article Content
Abstract
The research aimed to study 1) Negative impact in several aspects caused by the principles, elements, and conditions of European General Personal Data Protection Regulation (GDPR) 2) Negative impact in several aspects caused by the principles, elements, and conditions of Thailand’s Personal Data Protection Act B.E. 2562 by comparative analysis with GDPR 3) proposal to reduce the negative impact. The methodology of this research is qualitative research by conducting content analysis and comparative analysis of Thai and European Union law. The research results were found as follows On the one hand, The General Data Protection Regulation (GDPR) of the European Union has provisions to protect the personal data of people such as requiring business sectors who are deemed as “data controller” to provide a measure for protecting personal data and granting several rights to the data subject. On the other hand, this law causes a negative impact in several dimensions for various stakeholders such as causing unfair trade competition, the prohibitive cost of compliance for small and medium business, limiting certain human rights especially freedom of speech, providing an opportunity for abuses and cybercrimes. As for Thailand, “The Personal Data Protection Act” has been enacted and take effect in May B.E. 2563. The comparative analysis indicates that this Act has similar content and element to GDPR. Consequently, the research indicates the tendency of negative impacts from this law as those caused by GDPR.
Article Details
Views and opinions appearing in the Journal it is the responsibility of the author of the article, and does not constitute the view and responsibility of the editorial team.
References
Arendt, H. (1973). The Human Condition. Chicago: University of Chicago Press.
Björn, G. (2018). Study: Google Is the Biggest Beneficiary of the GDPR. Retrieved March 22, 2020, from https://cliqz.com/en/magazine/study-google-is-the-biggest-beneficiary-of-the-gdpr
Bloustein, E. J. (1984). Privacy as an Aspect of Human Dignity, in Philosophical Dimensions of privacy: An Anthology, Schoeman, F. D. (ed.). Cambridge University Press, 156-202. https://doi.org/10.1017/CBO9780511625138.007
Campbell, J., Goldfarb, A., & Tucker, C. (2015). Privacy regulation and market structure. Journal of Economics & Management Strategy, 24(1), 47-73.
Cate, F. H. (1995). The EU Data Protection Directive, Information Privacy, and the Public Interest. IOWA Law Review, 80, 431-443.
Cooke, K. (2018). Data Shows Awareness of GDPR Is Low amongst Consumers. Retrieved March 5, 2020, from https://uk.kantar.com/public-opinion/policy/2018/data-shows-awareness-of-gdpr-is-low-amongst-consumers/
Curtice, J. (2016). How Deeply Does Britain’s Euroscepticism Run?. Retrieved February 5, 2020, from https://www.bsa.natcen.ac.uk/media/39024/euroscepticism.pdf
Donnelly, J. (1982). Human Rights and Human Dignity. The American Political Science Review, 76(2), 303-316.
Epstein, A. R. (2018). A Not Quite Contemporary View of Privacy. Harvard Journal of Public Policy, 41(1), 94-116.
European Parliament. (2018). Results of the 2014 European elections. Retrieved March 12, 2020, from http://www.europarl.europa.eu/elections2014-results/en/turnout.html
Fromholz, J. M. (2000). The European Union data privacy directive. Berkeley technology law journal, 15(1), 460-484.
Good, O. S. (2018). Super Monday Night Combat will close down, citing EU’s new digital privacy law. Retrieved February, 18, 2020, from https://www.polygon.com/2018/4/28/17295498/super-monday-night-combat-shutting-down-gdpr
Henderson, L. (2018). GDPR is being abused by cyber-criminals to breach complacent Businesses. Retrieved March 15, 2020, from https://gdpr.report/news/2018/07/04/gdpr-is-being-abused-by-cyber-criminals-to-breach-complacent-businesses/
Kollmeyer, B. (2018). Chicago Tribune, Los Angeles Times go dark in Europe after GDPR fail. Retrieved February 18, 2020, from, https://www.marketwatch.com/story/chicago-tribune-la-times-go-dark-in-europe-after-gdpr-fail-2018-05-25#
Layton, R., & Celant, S. (2017). How the GDPR Compares to Best Practices for Privacy, Accountability and Trust. SSRN, 1-23. http://dx.doi.org/10.2139/ssrn.2944358
Layton, R. (2019). The 10 Problems of the GDPR The US can learn from the EU’s mistakes and leapfrog its policy. Washington, D.C.: American Enterprize Institute.
Lyons, D. (2018). GDPR: Privacy as Europe’s Tariff by other means?. Retrieved January 17, 2020, from http://www.aei.org/publication/gdpr-privacy-as-europes-tariff-by-other-means/
Martino, M. D., Robyns, P., Weyts, W., Quax, P., Lamotte, W., & Andries, K. (2019), Personal Information Leakage by Abusing the GDPR “Right of Access”. Proceedings of the Fifteenth Symposium on Usable Privacy and Security, August 12–13, 2019 - Santa Clara, CA, USA, 371-386.
Rubenfield, J. (1989). The Right of Privacy. Harvard Law Review, 102(4), 737-807.
Russel, J. (2018). RIP Klout. Retrieved January 25, 2020, from https://techcrunch.com/2018/05/10/rip-klout/
Schoeman, F. D. (1984). Philosophical Dimensions of privacy: An Anthology. UK: Cambridge University Press.
Scott, M., Cerulus, L., & Kayali, L. (2018). Six months in, Europe’s Privacy revolution favors Google, Facebook. Retrieved February 15, 2020, from https://www.politico.eu/article/gdpr-facebook-google-privacy-data-6-months-in-europes-privacy-revolution-favors-google-facebook/
Shields, R. (2018). Verve to focus on US growth as It plans closure of European offices ahead of GDPR. Retrieved March 18, 2020, from https://www.thedrum.com/news/2018/04/18/ verve-focus-us-growth-it-plans-closure-european-offices-ahead-gdpr
Solove, D. J. (2006). A Taxonomy of Privacy. University of Pennsylvania Law Review, 154(3), 477-560.
South, J. (2018). More than 1,000 U.S. news sites are still unavailable in Europe, two months after GDPR took effect. Retrieved March 5, 2020, from https://www.niemanlab.org/2018/08 /more-than-1000-u-s-news-sites-are-still-unavailable-in-europe-two-months-after-gdpr-took-effect/
Spalter, J. (2018). Broadband CapEx Investment Looking Up in 2017. Retrieved March, 15, 2020, from https://www.ustelecom.org/broadband-capex-investment-looking-up-in-2017/
Tews, S. (2018). How European Data Protection Law Is Upending the Domain Name System. Retrieved February 22, 2020, from https://www.aei.org/publication/how-european- data-protection-law-is-upending-the-domain-name-system/
The International Association of Privacy Professionals (IAPP). (2018a). European Commission sides with Google in RTBF Case. Retrieved March 15, 2020, from https://iapp.org/news/a/ec-sides-with-google-in-rtbf-case/
The International Association of Privacy Professionals (IAPP). (2018b). Global 500 companies to spend $7.8B on GDPR compliance. Retrieved February 22, 2020, from https://iapp.org/ news/a/survey
The Internet Corporation for Assigned Names and Numbers (ICANN). (2018). Temporary Specification for gTLD Registration Data. Retrieved March, 15, 2020, from https://www.icann.org/resources/pages/gtld-registration-data-specs-en
Thongraweewong, K. (2016). Reform of Thai Personal Data Protection Law to enter the ASEAN Community. Bangkok: The Secretariat of the House of Representatives.
Warren, D. S., & Brandies, L. D. (1890). The Right to Privacy. Harvard Law Review, 4(5), 193-220.
Westin, A. F. (1967). Privacy and Freedom. New York: Atheneum.
www.warportal.com. (2018). Important Notice Regarding European Region Access. Retrieved March 20, 2020, from http://blog.warpportal.com/?p=10892