BANGKOK - The Thai government has requested all coffee shops, including small mom-and-pop operators, to keep traffic data of customers using their Wi-Fi for 90 days and to provide that information if required.
The government says this is necessary to deter crimes and track suspects but concerns have been raised that it would drive away customers worried about privacy and misuse of the data collected.
"This is beneficial for both the authorities and the shop owners who can protect themselves if their customers did something wrong while using their Wi-Fi," Minister of Digital Economy and Society Buddhipongse Punnakanta told The Straits Times on Wednesday (Oct 9).
"We're merely asking for cooperation. It is not compulsory," Mr Buddhipongse said.
On Tuesday, he told reporters that those not doing so may face a computer crime charge, and be fined up to 500,000 baht (S$22,750).
Mr Buddhipongse did not specify what types of crime the authorities are targeting. But since taking up the post in July, he has intensified a crackdown on fake news and criticism against the government and monarchy, with Thailand's first anti-fake news centre expected to be opened in his ministry by Nov 1.
The computer law, which requires all providers of the Internet to maintain a logfile data for at least 90 days, has been in effect since 2007.
But, in terms of enforcement, the authorities have only focused on large-scale operators such as Internet and telecom providers as well as foreign-owned coffee shop chains, leaving out small-scale shops and stalls, said Paiboon Amonpinyoket, a cyber law expert.
"All of a sudden, the government wants to enforce it without educating people first. This is bound to create confusion and a burden on these operators," Mr Paiboon said.
Many coffee shop owners and managers are not aware of the law and the government's plan to enforce it.
Others fear the new measure would lead to a reduction in the number of customers concerned about their privacy and misuse of their data.
"Most people don't know that their login data is stored by shops when they use their Wi-Fi. Now they know and may panic, even though we have never used such data," said Suparat Rattanabunditsakul, the director of Drip and Drop Coffee Supply Bangkok.
"I'm afraid our regular customers who love to sit for a long time to work with our Wi-Fi may not come any more," she added.
"We have never kept such data. It's their private information. We don't want the customers to view us negatively. Hopefully this would not affect our sales," said Thitiya Thanataweepong, manager of Artis Coffee.
To store data of many customers for up to 90 days, the shops would need to buy new storage equipment or upgrade their software that would cost at least thousands of baht and none appears willing to do so.
"This measure does not guarantee that those intending to commit crimes can be stopped. They may use VPN or other means to avoid sharing their data," said Arthit Suriyawongkul, coordinator for the Thai Netizen Network, a non-profit group for Internet freedom and digital rights.
Mr Arthit said that when someone uses a shop's Wi-Fi, the IP addresses and time of use are shared with the shops. If users log in to Wi-Fi with their e-mail addresses and other personal information such as ID numbers, it would make it easier for the authorities to track them.
Users' Web browsing, passwords and private messages could also be exposed, depending on how secure the websites and the apps in use are. The "https" websites are more secure than the "http" ones as the former only identify access to the site but not the activities inside it, Mr Arthit said.
"This has created more problems for the public and might not even prove to be an effective measure to deter crimes. It's rather a tool for the government to keep people in line and not make opinions different from theirs."