According to Art. 26 of the Commission of Computer-Related Offences Act (commonly known as the Computer Crimes Act or CCA), all service providers are required to record users' computer traffic data and store it for 90 days, with the possibility of extending the retention period up to a year if ordered by authorities. In 2019, it was reported that the Thai government requested all coffee shops, including small operators, to retain traffic data of customers using their Wifi for 90 days and to provide that information upon request. This request includes keeping a 'log file' of customers' computer traffic data, including their IP address, full name, ID card number, or passport details. As defined in Art. 3 of the CCA, "Computer Traffic Data", encompasses information related to the communication of a computer system, such as the origin, source, terminal, route, time, date, size, duration, type of service, and other relevant communication details.

According to the National Council of Peace and Order (NCPO) Notification No. 18/2557 (2014), all types of media services, including both public and private providers in satellite, cable TV, digital TV, and community radio, service providers, newspapers, must monitor their content to prohibit broadcasting or disseminating the following information:
- A criticism of the performance of the NCPO and related persons;
- A confidential information of the state agency;
- An information that creates misunderstanding and inciting conflicts in the Kingdom;
- Threatening to harm any person that could create fear among the public.

In October 2020, the Ministry of Digital Economy and Society (MDES) issued an order requiring internet service providers (ISPs) and mobile service providers to block four internet protocol (IP) addresses associated with Telegram, a messaging app widely used by protesters. Although the government has not publicly disclosed the total number of URLs blocked through court orders, the MDES reported that during the first nine months of 2022, it obtained court orders to block approximately 4,735 URLs, including 1,816 URLs containing allegedly offensive content about the monarchy.
Websites have also been blocked on grounds of national security, for gambling content, for alleged violations of intellectual property rights, and for hosting unauthorised virtual private network (VPN) services. In addition to blocking and filtering, content removal reportedly continues under tight government control.

List 3 of the Foreign Business Act includes industries in which "Thai nationals are not yet ready to compete with foreigners". These are open to foreign investors provided they receive a licence from the Director-General of the Department of Business Development of the Ministry of Commerce and approval from the Foreign Business Committee. A wide range of businesses are covered under List 3, including advertising businesses. A foreign company can engage in List 3 activities if Thai nationals hold a majority of the limited company’s shares. Any company with a majority of foreign shareholders (more than 50%) cannot engage in List 3 activities unless it receives an exception from the Ministry of Commerce under its Foreign Business License application.

According to the Notification of the National Broadcasting and Telecommunications Commission regarding Criteria, Procedures, and Conditions for Digital Television Services Licensing 2013, any person who wishes to operate a digital television program must obtain a digital television license by qualifying and paying the fee. In addition, after receiving the license, a person shall be entered into the process of digital television channel auction as prescribed in the NBTC Notification 2013 regarding the auction.

Cloud computing services typically do not require a telecommunications license. However, when such services utilise a leased line network to connect users to the cloud infrastructure, they are categorised as telecommunications services. Consequently, providers must obtain a Type 1 license, as prescribed by the National Broadcasting and Telecommunications Commission (NBTC) under the Telecommunications Business Act. This requirement is outlined in Agenda 4.24 of the National Telecommunications Commission (NTC) meeting No. 38/2013.

According to Section 6 of the Radio Communication Act, any persons who wish to import radio communication devices or any ancillary devices into the Kingdom are required to obtain a license. The telecommunications devices required to obtain a license include: radio modems, base stations, cellular repeaters, antennas, FM transmitters, and GPS tracking devices, among others. According to Section 9, the import license is valid for 180 days after issuance, and those who violate the law shall be liable to a fine, imprisonment, or both. The "Notification of the National Broadcasting and Telecommunications Commission on Criteria and Procedures for Granting A Permit to Manufacture, Import, Sell, or Offer for Sale or Install Receiver, Apparatus or Device Enabled for Receiving or Decoding Signals to Receive Programs of the Subscription Broadcasting Business B.E. 2555" includes the requirements that the importers must follow, including fee payment and document preparation.

According to the Ministry of Commerce's Notification regarding 3D Printing Machines as a Product Subjected to Import Requirements 2016, importers of 3D printing machines must be registered with the Department of Foreign Trade under the Ministry of Commerce. In addition, they are also required to notify the importation, possession, disposal, and balance of these products twice a year (in June and December). Moreover, the importers must report this information to the Customs Department.

It is reported that Thailand’s provision of incentives to customs officials who initiate investigations or enforcement actions creates conflicts of interest and encourages customs investigations for personal financial gain. Foreign companies report concerns about corruption and the cost, uncertainty, and lack of transparency associated with the customs penalty/reward system. Foreign stakeholders also have expressed concern about the country's inconsistent application of the transaction valuation methodology, as well as the repeated use of arbitrary or fictitious values by the Customs Department.

According to Section 6 of the Radio Communication Act, any persons who wish to export radio communication devices or any ancillary devices into the Kingdom are required to obtain a license. The telecommunications devices required to obtain a license include a radio modem, base station, cellular repeater, antenna, FM transmitter, GPS Tracking, among others. According to Section 9, the import license is valid for 180 days after issuance, and those who violate the law shall be liable to a fine, imprisonment, or both. In addition, the Notification of the National Broadcasting and Telecommunications Commission (NBTC) on Export of Radio Communication Equipment 2011 includes the requirements that the exporters must follow, including fee payment and document preparation.

It is reported that no compulsory assessment procedure is in place to certify electronic products.

According to the Trade Secrets Act, trade secrets can be in any means or any medium which conveys a statement, story, or fact in formula, form, compilations, or assembled works, programs, methods, techniques, or processes (Section 3). The disclosure or use of trade secrets by a governmental agency that supervises the maintenance of trade secrets shall not be deemed as an infringement of rights in trade secrets in the following cases:
- When it is necessary to protect the health or safety of the public, or;
- When it is necessary for the benefit of the public, not for a commercial purpose, the governmental agency must proceed under the procedure to protect such trade secrets from being used in unfair trading activities (Section 7.2).

The Trade Secrets Act (TSA) provides a framework for effective protection of trade secrets. Any “trade information”, such as an instrument of statements, facts, or other information that meets the following three requirements, is protected as a trade secret:
- It is confidential, i.e. the trade information is not being publicly known to or accessible by persons who are not related to the trade information;
- It has a commercial value derived from its secrecy;
- Its secrecy is protected by its owner/controller, who has taken appropriate and sufficient protection measures to maintain its secrecy.
In practice, a non-disclosure agreement is commonly used to safeguard and maintain the secrecy of a trade secret.
If there is a dispute concerning the trade secret because a person infringes its secrecy, the trade secret owner can submit the dispute to the Trade Secret Committee for mediation and settlement. Alternatively, they can file a lawsuit in court against the infringer for interim and permanent injunction orders and compensations for actual damages and punitive damages. The lawsuit must be filed within three years from the date on which the infringement act and the infringer are known or within 10 years from the date of the infringement act.

It is reported that passive infrastructure sharing in Thailand to deliver telecom services to end users is mandated, and it is practised in both the mobile and fixed sectors based on commercial agreements.

The Foreign Business Act (FBA) 1999 governs foreign investment in Thailand. Section 4 of the Act defines a "foreigner" as a company in which at least half of the capital or shares are held by foreigners, or a limited partnership or registered ordinary partnership with foreigners as the managing partner or manager.
According to Section 8 of the Telecommunications Business Act 2001, Type 2 licenses (telecommunications operators providing services to a specific group of customers, with or without operating their own telecommunications network) and Type 3 licenses (telecommunications operators providing their own telecommunications network for public use) cannot be granted to foreign applicants. As a result, foreign ownership in these sectors is capped at 49%.