Currently cloud computing is playing a significant role in all kinds of businesses. The adoption and significance of cloud computing has made it necessary for the Government of Thailand to promote cloud services, Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS). Cloud computing is one of cost-cutting measures. It is obvious that cloud computing can significantly reduce overall IT expenses, increase information management and utilization efficiency and help companies to focus on their core businesses. This note highlights the law and investment promotion applicable to cloud computing services in Thailand.

Laws on Cloud Computing 

Thailand does not have a law that specifically governs cloud services. But cloud services can fall under the jurisdiction of the National Broadcasting and Telecommunications Commission (NBTC) if such services are typically provided by a leased line network that connects users to the cloud system. They could be a telecommunications business whereby cloud providers would need to hold a Type 1 license issued by the NBTC.

Investment Incentives for Cloud Computing 

On 3rd December 2014, the Board of Investment (BOI) of Thailand launched an investment promotion package to encourage service providers to supply cloud-based computing services. The promotion package includes tax and non-tax incentives. Cloud providers who meet the BOI requirements are eligible to apply for the highest incentives that include 8-year corporate income tax exemption without a cap on the amount of the tax exempted and, exemption of import duty on import of machinery. The BOI requirements include:

1. The service provider’s project must be located in at least 2 data centers in Thailand which are certified with ISO/IEC 27001 (data center).
2. Each of the connections of all the related data centers must have a speed of at least 10 Gbps and there must be backup connections of the same speed.
3. The services must be certified with ISO/IEC 27001 (cloud security) and ISO/IEC 20000-1 (cloud services).

Security Risk and Increased Demand 

Thailand has laws that are supportive to cloud service providers. But cloud deployment is still not easy. It comes with its own set of challenges. Adoption of could potentially put companies to high security risk. Cloud users will accept and use cloud computing services only if they are confident that their information can be safely stored in the cloud. An increased demand from cloud users is possible if the cloud can be more secured.

The information provided in this document is general in nature and may not apply to any specific situation. Specific advice should be sought before taking any action based on the information provided. Under no circumstances shall the authors or LawPlus Ltd. be liable for any direct or indirect, incidental or consequential loss or damage that results from the use of or the reliance upon the information contained in this document. Copyright © 2015 LawPlus Ltd.