On 13th November 2019, the Microfinance Supervisory Committee of the Ministry of Planning and Finance issued its Directive No. 2/2019 on Customer Due Diligence for Anti-Money Laundering and Combatting Financing of Terrorism (“Directive”) for microfinance institutions (“MFIs”) operating in Myanmar to comply. The MFIs are required to conduct customer due diligence (“CDD”) and they are… Read More
On 3rd December 2019, the Consumer Protection Committee issued its Directive No. 2/2019 on the labeling requirements of the 8 groups of products listed below effective from 16th March 2020. – Group A: Food products; – Group B: Household products; – Group C: Kids products; – Group D: Telecommunication products; – Group E: Pharmaceutical and… Read More
The Personal Data Protection Act B.E. 2562 (“PDPA”) requires data portability so that data subjects can obtain their personal data from a Controller in a format usable by another Controller. This is to enhance competition amongst Controllers and to reduce the impact of customer lock-in effects created by non-portable data. Non-rivalrous Nature of Personal DataPersonal… Read More
Actions based on inaccurate personal data may result in bad business decisions and may cause harm to consumers. Data is the fuel which drives business decision making. This is particularly true in the social media, advertising, healthcare, banking and insurance sectors. The importance of data accuracy is set to skyrocket. 5G networks and the Internet… Read More
The Personal Data Protection Act B.E. 2562 (2019) (“PDPA”) requires the Controller to comply with the three limitations on collecting, using and disclosing personal data, which are (1) the purpose limitation under Section 21 of the PDPA; (2) the source limitation under Section 25 PDPA; and (3) the proportionality limitation under Section 22 of the… Read More
Under the Personal Data Protection Act B.E. 2562 (2019) (“PDPA”) notice and consent are two separate but related matters required for any collection, use or disclosure of personal data. Notice RequirementThe PDPA requires the Controller to notify each data subject of the purpose of any collection, use or disclosure of personal data prior to or… Read More