No, sharing passwords in Thailand is prohibited under the Computer Crime Act B.E. 2560 (2017) and Personal Data Protection Act B.E. 2562 (2019), with penalties including imprisonment and fines. Unauthorized access or sharing of credentials—even among employees—violates cybersecurity and data protection laws, particularly when it risks exposing sensitive information. The Electronic Transactions Development Agency (ETDA) enforces these rules, and recent 2026 amendments tighten penalties for negligent or intentional breaches.
Key Regulations for Sharing Passwords in Thailand
- Computer Crime Act (CCA) 2017: Section 5(1) criminalizes unauthorized access to computer systems, including password sharing. Violators face up to 5 years’ imprisonment and fines up to 100,000 THB (amended in 2026 to 8 years and 200,000 THB for aggravated offenses).
- Personal Data Protection Act (PDPA) 2019: Sharing passwords that grant access to personal data breaches data controller obligations, exposing organizations to administrative fines up to 5 million THB and civil liability under the Office of the Personal Data Protection Commission (PDPC).
- ETDA Guidelines (2024): Explicitly prohibit password sharing in corporate environments, requiring multi-factor authentication (MFA) and role-based access controls to mitigate risks. Non-compliance may trigger mandatory audits and suspension of digital certifications.
Organizations must implement strict access policies, document user agreements, and conduct quarterly security training to align with ETDA’s 2026 cybersecurity framework. Individual users sharing passwords—even with colleagues—risk criminal prosecution under joint liability provisions.