As a judge at the Asia-Pacific Broadcasting+ Awards 2024, Pattaraphan emphasised the pivotal role of legal compliance and innovation in driving industry standards forward.

In the ever-evolving landscape of broadcasting and telecommunications, the challenges and opportunities are as vast as the APAC region itself. With technological advancements reshaping consumer behaviours and regulatory landscapes, industry leaders are tasked with not only keeping pace but also innovating and complying with emerging standards.

Pattaraphan Paiboon, a Partner at Baker McKenzie and a distinguished judge at the Asia-Pacific Broadcasting+ Awards 2024, brings a wealth of expertise to the table, offering insights into the intricacies of this dynamic industry.

As a Partner in the Intellectual Property and Technology practice, her focus spans telecommunications, broadcasting, IT/communications, cybersecurity, data privacy, platform liability, and e-commerce law. Prior to her tenure at Baker McKenzie, she honed her skills at the National Broadcasting and Telecommunications Commission (NBTC) as a legal officer. Pattaraphan’s dedication to excellence is further underscored by her appointment as a sub-committee to Data Protection Committee to provide opinions and comments on a draft data protection sub-regulation. Pattaraphan was recognised by Chambers Asia Pacific and was ranked as a ‘Band 1’ individual in Technology, Media, and Telecoms (TMT) in 2024.

In this interview, Pattaraphan Paiboon offers her perspective on the evolving landscape of broadcasting and telecommunications in the Asia-Pacific region. From the prominence of over-the-top (OTT) platforms to the imperative of data privacy compliance, Pattaraphan offers invaluable insights into the challenges and opportunities shaping the industry.

How do you see the landscape of broadcasting and telecommunications evolving in the Asia-Pacific region?

In today’s technologically advanced world, the broadcasting and telecommunications industry has undergone significant transformations in the last few years. Considering that the way people consume entertainment has also evolved drastically over the past decade, with an increasing number of people turning to online content and video streaming rather than traditional television. Broadcasters worldwide are diligently adapting to this rapidly changing landscape. As a result of this adaptation, the number of over-the-top (OTT) providers is on the rise, particularly in APAC, where over half of all global digital video viewers watch videos on their smartphones.

From a legal perspective, I have notice that regulators in APAC have shifted their focus to regulate online platform providers. For example, in Thailand, broadcasting laws traditionally applied only to radio and television operators. However, due to the growing number of users on online streaming services, Thailand has recently issued various laws and drafts to regulate digital platforms and OTT service providers both in Thailand and internationally. I have also seen the same trend across the APAC region.

How do you assess the current state of data privacy compliance iQn the broadcasting industry, and what are some key considerations for companies aiming to achieve compliance with regulations such as Thailand’s Personal Data Protection Act (PDPA)?

I have noticed an increase in privacy protection and a greater awareness of compliance over time. I have seen various TV stations / online channels protect the privacy of people by blurring the faces of bystanders captured unintentionally and seeking consent before airing footage (if required). Anyhow, it seems like we are still in a learning stage, especially because data protection laws are rather new in many jurisdictions, including Thailand. Promotion of data privacy compliance is encouraged.

In order to comply with the PDPA, broadcasting businesses and content creators must prioritise the legal and ethical considerations associated with handling personal data. This includes being mindful when mentioning individuals on broadcasting and television programmes, and also in case of unintentionally capturing the faces of individuals when creating content.

There are several key considerations that should be kept in mind. First, to always use or disclose personal data in the context of professional ethics. Second, compliance with the legal obligation associated with collecting, using, or disclosing personal data.

Specifically, for commercial media, it’s important to respect the rights of the owner of personal data including the right to withdraw their consent, request deletion or destruction of their information, make their personal information non-personally identifiable, or request the suspension of its use, amongst other things. In certain circumstances, consent would be required. However, consent may not be required if it could be implied by gestures of the data subjects. If a bystander’s face is unintentionally captured in a photo or video, their face can be blurred to mitigate the risk of being liable to the PDPA.

What are some emerging cybersecurity threats that broadcasters should be aware of, and how can they enhance their cybersecurity measures to mitigate risks effectively?

Nowadays, the broadcasting industry is increasingly reliant on digital technologies, which also increases the risk of cyber threats. Cyber threats can come in various forms, including ransomware attacks, data breaches, cloud security risks, etc. These threats have the potential to disrupt broadcasting services or leak sensitive information and personal data. Therefore, broadcasters should enhance their cybersecurity measures by implementing a comprehensive cybersecurity strategy and complying with local regulations and guidelines such as data security requirements under the PDPA, to prevent or mitigate damage in case of cyber-attacks.

One way to achieve this is by establishing a robust cybersecurity policy that adheres to relevant laws. For example, implementing access control to data, frequently managing passwords, enhancing data protection policies, providing employee awareness training, and using multi-factor authentication are some other measures that can help increase data security as a whole.

Could you elaborate on the importance of establishing robust privacy structures and data-related policies for companies operating in diverse sectors, as you’ve done with your clients? How do these frameworks contribute to maintaining trust with customers and ensuring compliance with regulatory requirements?

With an increasing amount of personal data being collected and stored by companies, maintaining the privacy and security of this data has become a top priority. I have provided a comprehensive legal privacy framework to my clients that outlines how they collect, use, store, and dispose of personal data, including internal policies and procedures for data protection, data protection awareness training, data breach incident response, and preparation and updating of data protection related legal documents.

By establishing a robust privacy framework and implementing effective data-related policies enable companies to protect their customers’ personal data, maintain their trust, and comply with legal requirements. This approach also helps companies to mitigate risks related to data breaches, protect companies’ reputation, and build a competitive advantage.

Can you share any insights or best practices for companies looking to enhance their cybersecurity measures, especially in the broadcasting sector where content distribution often relies on digital platforms and networks?

Here are some best practices that I could share with broadcasting companies to consider in order to enhance their cybersecurity measures.

Conduct Regular Cybersecurity Audits. This helps identify potential vulnerabilities in their systems and networks, and companies can take proactive measures to prevent cyber-attacks.

Implement Multi-Factor Authentication. This is an effective way to prevent unauthorised access to networks and systems. Companies should implement this authentication for all employees, contractors, and vendors who access their networks and systems.

Use Encryption Technologies. Encryption technologies can help to protect sensitive data from cyber threats. Companies should use encryption technologies to secure data both at rest and in transit.

Train Employees. Human error is often the weakest link in cybersecurity. Companies should provide regular cybersecurity training to their employees to help them identify and prevent cyber threats.

Implement Strong Password Policies. Companies should implement strong password policies that require employees to use complex passwords and change them regularly to reduce the risk of hacking.

Backup Data Regularly. Companies should backup their data regularly to ensure that they can recover it in case of a cyber-attack or data loss.

In your role as a judge at the Asia-Pacific Broadcasting+ Awards 2024, what criteria do you believe are essential for recognising excellence in broadcasting today?

As a judge, I believe that criteria such as legal compliance, innovation, and creativity are equally important. Whilst it is essential for companies to offer unique, innovative, and impactful content, services, or products to their customers, it is equally important that they adhere to the legal obligations within the scope of their operation. They should also take into account any changes or updates in the legal landscape that may impact their operations and adapt accordingly. In addition to compliance with the law, companies should continuously work on developing new services and products that appeal to their customers, and that differentiate them from their competitors.

Overall, although there are various criteria that must be taken into account, compliance with the law and professional ethics are essential components that must never be overlooked.

Share on Facebook

Tweet

Follow us

Save