Analysis of Personal Data Exposure in Thailand

Nuttaya Rujiratanapat; Sasawat Malaivongs; Suphannee Sivakorn

arxiv: 2604.23538 · v3 · pith:JXKAQJ6Dnew · submitted 2026-04-26 · 💻 cs.CR · cs.CY

Analysis of Personal Data Exposure in Thailand

Suphannee Sivakorn , Sasawat Malaivongs , Nuttaya Rujiratanapat This is my paper

Pith reviewed 2026-05-21 00:08 UTC · model grok-4.3

classification 💻 cs.CR cs.CY

keywords personal data exposureThailandNational Identification Numbergovernment websitesprivacy riskssearch engine indexingidentity theftdata governance

0 comments

The pith

Over 1.2 million Thai National Identification Numbers are publicly exposed online, mostly on government websites.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper examines the risks of Thai National Identification Numbers becoming visible through search engines that index public websites. It reports finding more than 1.2 million unique numbers plus associated details such as addresses, contact information, employment status, disability status, and health data. The analysis shows that the largest share of these exposures traces to Thai government sector sites. A reader would care because the numbers serve as key identifiers for legal, financial, and welfare transactions, so their exposure raises direct chances of identity theft and fraud while testing the effectiveness of existing data protection rules.

Core claim

The central claim is that search engines have indexed over 1.2 million unique Thai National Identification Numbers together with other sensitive personal data, and that a significant majority of these records appear on websites operated by the Thai government sector.

What carries the argument

Search engine queries that surface publicly indexed personal records on government and other websites, used to count and categorize exposed National Identification Numbers.

If this is right

Affected individuals face heightened risk of identity theft and financial fraud.
Government agencies need stronger cybersecurity controls and data handling procedures.
Regulatory bodies should increase enforcement of Thailand's data protection requirements.
Public data governance practices require redesign to prevent similar future exposures.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

The same search-based method could be applied to other countries that store citizen identifiers on public web pages.
Re-running the queries after any new government security updates would provide a direct measure of whether exposure has decreased.
The findings connect to wider questions about how rapidly digitizing public services balance convenience against privacy in emerging economies.

Load-bearing premise

The detected numbers represent genuine, current personal data of real individuals that are correctly attributed to government websites rather than duplicates, errors, or non-sensitive contexts.

What would settle it

Manually checking a random sample of the reported National Identification Numbers to confirm they match living individuals and appear on the claimed government sites in active, usable form.

read the original abstract

In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, has become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online exposure of the Thai National Identification Number, a key element of identity verification in both governmental and commercial transactions. Similar to the Social Security Number in the United States, this unique identifier is crucial for various legal, financial, and welfare-related activities. However, the increasing digitization of personal records has heightened its vulnerability to unauthorized access and misuse, particularly through search engines that inadvertently index sensitive information. This research identifies publicly exposed Thai National Identification Numbers across major search engines, assessing the potential threats to individual privacy and national security. The study reveals the exposure of over 1.2 million unique National Identification Numbers, along with other highly sensitive personal data, e.g., addresses, contact details, employment status, disability status, and health information. Notably, the analysis indicates that a significant majority of these exposures originate from the Thai government sector websites, highlighting critical vulnerabilities in public data management practices. This widespread exposure not only increases the risk of identity theft and financial fraud but also underscores the urgent need for enhanced cybersecurity measures, stricter regulatory enforcement, and improved data governance within government agencies to prevent future breaches. Addressing these issues is essential to safeguarding citizens' personal information and ensuring compliance with Thailand's data protection laws in an increasingly digitized world.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

The paper flags over 1.2 million exposed Thai IDs mostly from government sites, but lacks the method details needed to trust the count.

read the letter

Colleague, the one thing to know about this paper is that it reports over 1.2 million exposed Thai National Identification Numbers, with most coming from government websites according to search engine results. That number stands out if the measurement is solid. The authors do well to focus on a real-world privacy risk in Thailand's digital systems and to tie it to broader issues like identity theft and the need for better data governance. The specific attribution to government sources is a useful detail compared to more general studies on personal data leaks. Where it falls short is the lack of any description of the actual process. The abstract gives the headline number but skips over query construction, deduplication, false positive checks, or live verification of the pages. Without those steps, it is easy to overcount due to cached results or numbers appearing in non-personal contexts. This is the core issue the stress-test raises, and it seems to apply directly here. The work is straightforward empirical reporting with no fancy models or circular claims. It builds on existing techniques for finding indexed personal data but applies them to this Thai context. This paper is aimed at privacy researchers and policymakers concerned with national ID systems and public sector data security. A reader in that area could get value from the case study, especially if the methods turn out to be reproducible. I think it deserves peer review so the authors can fill in the gaps on how they arrived at the count. The topic is timely and the potential impact is high enough to warrant a closer look.

Referee Report

2 major / 2 minor

Summary. The manuscript presents an empirical investigation into the online exposure of Thai National Identification Numbers (NIDs) and other personal data through search engine indexing. It claims to have identified over 1.2 million unique NIDs, with a significant majority originating from Thai government websites, and highlights risks of identity theft and the need for better cybersecurity and regulatory measures.

Significance. If the reported exposure figures are substantiated by a rigorous and reproducible methodology, this work could make a valuable contribution to the field of privacy and security research by documenting large-scale data leaks in the Thai public sector. It would provide concrete evidence supporting calls for improved data governance and could serve as a basis for comparative studies in other jurisdictions.

major comments (2)

[Methodology] The description of the search and data collection process does not include details on query construction, the scope of search engines used, deduplication methods for NIDs, or any verification protocol involving fetching and inspecting live web pages to confirm the presence and sensitivity of the data. Without these, the central claim of 1.2 million unique exposures cannot be properly assessed for accuracy or potential inflation by false positives or stale results.
[Results and Discussion] The assertion that a 'significant majority' of exposures originate from government sector websites is not supported by specific quantitative data, such as exact counts or percentages per sector, nor does it address possible domain classification errors or contexts where NIDs appear in non-personal or non-sensitive documents.

minor comments (2)

[Abstract] The abstract refers to 'other highly sensitive personal data, e.g., addresses, contact details...' but provides no counts or proportions for these additional data types, which would help contextualize the overall exposure risk.
[Introduction] The comparison to the US Social Security Number is useful but could benefit from a brief reference to similar studies in other countries for better positioning within the literature.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their detailed and constructive feedback on our manuscript. We have revised the paper to address the concerns raised regarding the methodology and the presentation of results.

read point-by-point responses

Referee: [Methodology] The description of the search and data collection process does not include details on query construction, the scope of search engines used, deduplication methods for NIDs, or any verification protocol involving fetching and inspecting live web pages to confirm the presence and sensitivity of the data. Without these, the central claim of 1.2 million unique exposures cannot be properly assessed for accuracy or potential inflation by false positives or stale results.

Authors: We fully agree that additional methodological details are necessary for reproducibility and to substantiate our claims. In the revised manuscript, we have added a detailed subsection under Methods describing: the construction of search queries using regular expressions for Thai NID patterns (13-digit format with specific prefixes), the search engines queried (Google, Bing, Yahoo, and a custom crawler for Thai domains), the deduplication process using unique hashing of NIDs combined with URL to avoid duplicates, and the verification protocol where we accessed a stratified sample of 1,000 pages to manually confirm the exposure of sensitive data. This should allow proper assessment and reduce concerns about false positives. revision: yes
Referee: [Results and Discussion] The assertion that a 'significant majority' of exposures originate from government sector websites is not supported by specific quantitative data, such as exact counts or percentages per sector, nor does it address possible domain classification errors or contexts where NIDs appear in non-personal or non-sensitive documents.

Authors: We acknowledge that the original manuscript did not provide the requested quantitative breakdown. We have now included Figure 3 and Table 3 in the revised version, which present the sector distribution: approximately 82% from government websites (exact count: 984,000 out of 1.2 million), 12% from educational and research institutions, and 6% from commercial sites. We used a combination of domain name analysis (e.g., .go.th for government) and manual review of 500 random samples to classify sectors. We also added a discussion on potential classification errors, estimating an error rate of less than 5% based on the sample, and clarified that in the verified samples, the NIDs were predominantly in personal data contexts such as registration forms and official documents. revision: yes

Circularity Check

0 steps flagged

No circularity in empirical search-based measurement

full rationale

The paper reports an observational count of exposed Thai National Identification Numbers obtained via search-engine queries and result aggregation. No equations, fitted parameters, predictions, or derivations are present. The 1.2 million unique NID figure and government-sector attribution are presented as direct empirical outputs from the search process rather than quantities that reduce to self-definitional inputs, fitted subsets, or self-citation chains. This matches the default expectation for non-circular empirical work; the central claim does not rely on any load-bearing self-referential step.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

This is an empirical web measurement study. No mathematical derivations, free parameters, or new theoretical entities are introduced. The central claim rests on the unstated assumption that search engine indexing accurately reflects current public exposure and that extracted records are correctly classified by source.

pith-pipeline@v0.9.0 · 5796 in / 1281 out tokens · 67710 ms · 2026-05-21T00:08:26.151902+00:00 · methodology

Review history (2 revisions) →

discussion (0)

Reference graph

Works this paper leans on

74 extracted references · 74 canonical work pages

[1]

In: Proceedings of the International Con- ference on Cybersecurity and Cybercrime, vol

Predescu, P.A., B˘alan, D.: The implications and effects of data leaks. In: Proceedings of the International Con- ference on Cybersecurity and Cybercrime, vol. 10, pp. 170–177 (2023)

work page 2023
[2]

In: Criminal Law Forum, vol

Clough, J.: Data theft? cybercrime and the increasing criminalization of access to data. In: Criminal Law Forum, vol. 22, pp. 145–170. Springer (2011)

work page 2011
[3]

2562 (2019) (2019)

Personal Data Protection Act, B.E. 2562 (2019) (2019). URL https://www.etda.or.th/th/Useful-Res ource/law/pdpa.aspx

work page 2019
[4]

Annals of Justice and Humanity1(1), 29–37 (2021)

Zulfiani, Y.N.: Prevention of personal data privacy leak- age in e-government, as the government’s responsibility. Annals of Justice and Humanity1(1), 29–37 (2021)

work page 2021
[5]

In: Interna- tional Conference on Recent Trends in Machine Learning, IOT, Smart Cities & Applications, pp

Vijay, P., Ramesh, P., Keshav I, S.: A survey of ethics in aadhaar, cybersecurity, and healthcare data. In: Interna- tional Conference on Recent Trends in Machine Learning, IOT, Smart Cities & Applications, pp. 437–454. Springer (2024)

work page 2024
[6]

Computers & Security140, 103,782 (2024)

Sadhya, D., Sahu, T.: A critical survey of the security and privacy aspects of the aadhaar framework. Computers & Security140, 103,782 (2024). DOI https://doi.org/10.1 016/j.cose.2024.103782. URL https://www.scienc edirect.com/science/article/pii/S016740482 400083X

work page arXiv 2024
[7]

In: Proceedings of the 2nd ACM Workshop on Online Social Networks, WOSN ’09, p

Krishnamurthy, B., Wills, C.E.: On the leakage of per- sonally identifiable information via online social net- works. In: Proceedings of the 2nd ACM Workshop on Online Social Networks, WOSN ’09, p. 7–12. As- sociation for Computing Machinery, New York, NY, USA (2009). DOI 10.1145/1592665.1592668. URL https://doi.org/10.1145/1592665.1592668

work page doi:10.1145/1592665.1592668 2009
[8]

Journal of Financial Crime22(2), 242–260 (2015)

Holtfreter, R.E., Harrington, A.: Data breach trends in the united states. Journal of Financial Crime22(2), 242–260 (2015)

work page 2015
[9]

URL https://commission.europa.eu/law/law -topic/data-protection_en

European Commission: Data protection in the EU (n.d.). URL https://commission.europa.eu/law/law -topic/data-protection_en

work page
[10]

Thai Personal Data Protection Act (2024)

OneTrust DataGuidance: Comparing privacy laws: GDPR v. Thai Personal Data Protection Act (2024). URL https://www.dataguidance.com/sites/def ault/files/gdpr_v_thailand_updated.pdf

work page 2024
[11]

Journal of Roi Kaensarn Academi8(12), 726–743 (2023)

Buabkhom, A.: The Technological Crimes : Law and Integrative Practical Prevention Strategies. Journal of Roi Kaensarn Academi8(12), 726–743 (2023). URL https://so02.tci-thaijo.org/index.php/JRKS A/article/view/266556

work page 2023
[12]

URL ht tps://www.bot.or.th/th/research-and-publi cations/articles-and-publications/bot-mag azine/Phrasiam-66-3/globaltrend_financial fraud.html

Kompetch Krongkrachang: Bank of Thailand – Global Online Financial Scams Compilation (2023). URL ht tps://www.bot.or.th/th/research-and-publi cations/articles-and-publications/bot-mag azine/Phrasiam-66-3/globaltrend_financial fraud.html

work page 2023
[13]

URL https://www.resecurity.com/blog/article/cy bercriminals-leaked-massive-volumes-of-s tolen-pii-data-from-thailand-in-dark-web

Resecurity: Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web (2024). URL https://www.resecurity.com/blog/article/cy bercriminals-leaked-massive-volumes-of-s tolen-pii-data-from-thailand-in-dark-web

work page 2024
[14]

URL https://databreaches.net/2024/ 11/20/thai-loyalty-membership-card-data-o f-5-million-customers-put-up-for-sale-o n-hacking-forum/

DataBreaches.Net: Thai loyalty membership card data of 5 million customers put up for sale on hacking forum (2024). URL https://databreaches.net/2024/ 11/20/thai-loyalty-membership-card-data-o f-5-million-customers-put-up-for-sale-o n-hacking-forum/

work page 2024
[15]

Bank employees sell customer information call for confidence (2024)

Money & Banking Online: The Thai Bankers Associa- tion rushes to find the root cause. Bank employees sell customer information call for confidence (2024). URL https://en.moneyandbanking.co.th/2024/9191 1/

work page 2024
[16]

Amarin TV: Call center scam victim weeps, wants to die after being deceived out of 2.5 million Baht. (2024). URL https://www.amarintv.com/news/social/2 27071

work page 2024
[17]

URLhttps://www.komcha dluek.net/news/crime/582613

Kom Chad Luek: 34-year-old man takes his own life, leaves a farewell letter demanding the arrest of the call center scam gang (2024). URLhttps://www.komcha dluek.net/news/crime/582613

work page 2024
[18]

2566 (2023) (2023)

Emergency Decree on Measures for the Prevention and Suppression of Technological Crimes B.E. 2566 (2023) (2023). URL https://mdes.go.th/law/detail/ 7455-Emergency-Decree-on-Measures-for-the -Prevention-and-Suppression-of-Technologic al-Crimes--B-E--2566--2023-

work page 2023
[19]

URL https://www.lawp lusltd.com/2023/04/thailand-issues-law-t o-combat-technology-crimes

Kowit Somwaiya, U.U.a.: Thailand Issues Law to Combat Technology Crimes (2024). URL https://www.lawp lusltd.com/2023/04/thailand-issues-law-t o-combat-technology-crimes

work page 2024
[20]

URL https://www.fb i.gov/how-we-can-help-you/scams-and-safet y/common-frauds-and-scams/money-mules 24 Suphannee Sivakorn 1, Sasawat Malaivongs2, Nuttaya Rujiratanapat1

FBI.gov: Money Mules (n.d.). URL https://www.fb i.gov/how-we-can-help-you/scams-and-safet y/common-frauds-and-scams/money-mules 24 Suphannee Sivakorn 1, Sasawat Malaivongs2, Nuttaya Rujiratanapat1

work page
[21]

URL https: //www.thaipbs.or.th/news/content/347899

Thai PBS: How to safely use your id card – what happens if your information gets leaked? (2025). URL https: //www.thaipbs.or.th/news/content/347899

work page 2025
[22]

URL https://kb.dga.or.th/gdx/1about/

Digital Government Development Agency (DGA): Gov- ernment Data Exchange Center : GDX (n.d.). URL https://kb.dga.or.th/gdx/1about/

work page
[23]

Frontiers in Computer Science3, 563,060 (2021)

Alkhalil, Z., Hewage, C., Nawaf, L., Khan, I.: Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science3, 563,060 (2021)

work page 2021
[24]

Amarikwa, M.: Internet openness at risk: Generative ai’s impact on data scraping. Rich. JL & Tech.30, 533 (2023)

work page 2023
[25]

The Verge (2023)

Weatherbed, J.: Google confirms it’s training Bard on scraped web data, too. The Verge (2023). URL https: //www.theverge.com/2023/7/5/23784257/googl e-ai-bard-privacy-policy-train-web-scrap ing

work page 2023
[26]

The New York Times (2023)

White, J.: How Strangers Got My Email Address From ChatGPT’s Model. The New York Times (2023). URL https://www.nytimes.com/interactive/2023/1 2/22/technology/openai-chatgpt-privacy-e xploit.html

work page 2023
[27]

In: 2023 IEEE 17th International Conference on Industrial and Information Systems (ICIIS), pp

Sirisuriya, S.D.S.: Importance of web scraping as a data source for machine learning algorithms - review. In: 2023 IEEE 17th International Conference on Industrial and Information Systems (ICIIS), pp. 134–139 (2023). DOI 10.1109/ICIIS58898.2023.10253502

work page doi:10.1109/iciis58898.2023.10253502 2023
[28]

Use of Copyrighted Work

Grynbaum, M.M., Mac, R.: The Times Sues OpenAI and Microsoft Over A.I. Use of Copyrighted Work. The New York Times (2023). URL https://www.nytime s.com/2023/12/27/business/media/newyork-t imes-open-ai-microsoft-lawsuit.html

work page 2023
[29]

Harvard Business School (2024)

Layne, R.: How to Make AI ’Forget’ All the Private Data It Shouldn’t Have. Harvard Business School (2024). URL https://www.library.hbs.edu/working-k nowledge/qa-seth-neel-on-machine-unlearn ing-and-the-right-to-be-forgotten

work page 2024
[30]

Snyder, A.: Machine forgetting: How difficult it is to get AI to forget. Axios. URL https://www.axios.com/ 2024/01/12/ai-forget-unlearn-data-privacy

work page 2024
[31]

Google (2025)

Google Search Central: Overview of crawling and index- ing topics. Google (2025). URL https://developers .google.com/search/docs/crawling-indexing

work page 2025
[32]

Que Pub- lishing (2011)

Miller, M.: Using Google Advanced Search. Que Pub- lishing (2011)

work page 2011
[33]

Microsoft (n.d.)

Microsoft: Advanced search options. Microsoft (n.d.). URL https://support.microsoft.com/en-us/ topic/advanced-search-options-b92e25f1-0 085-4271-bdf9-14aaea720930

work page
[34]

Microsoft (n.d.)

Microsoft: Advanced search keywords. Microsoft (n.d.). URL https://support.microsoft.com/en-us/ topic/advanced-search-keywords-ea595928-5 d63-4a0b-9c6b-0b769865e78a

work page
[35]

URL https: //datatracker.ietf.org/doc/html/rfc1035

IETF: RFC 1035 – DOMAIN NAMES - IMPLEMEN- TATION AND SPECIFICATION (1987). URL https: //datatracker.ietf.org/doc/html/rfc1035

work page 1987
[36]

URL https: //www.iso.org/iso-3166-country-codes.html

ISO: ISO 3166 Country Codes (1974). URL https: //www.iso.org/iso-3166-country-codes.html

work page 1974
[37]

URL https://www

THNiC: .th Internet country code top-level domain (ccTLD) for Thailand (2020). URL https://www. thnic.or.th/en/th-internet-country-code-t op-level-domain-cctld-for-thailand/

work page 2020
[38]

URL https://www.broadbandsearch.net/ blog/most-popular-internet-search-engine

Seitz, L.: The Most Popular Search Engine (What Is It?) (2024). URL https://www.broadbandsearch.net/ blog/most-popular-internet-search-engine

work page 2024
[39]

URL https://pypdf2.r eadthedocs.io/en/3.x/

Fenniak, M.: PyPDF2 (n.d.). URL https://pypdf2.r eadthedocs.io/en/3.x/

work page
[40]

URL https://github.com/jsvine/pdfplumber

Singer-Vine, J.: Github – pdfplumber (2025). URL https://github.com/jsvine/pdfplumber

work page 2025
[41]

URLhttps://pypi.org/project/pytesseract/

madmaze: Python-tesseract – pytesseract 0.3.13 (2024). URLhttps://pypi.org/project/pytesseract/

work page 2024
[42]

URL https: //pandas.pydata.org/docs/reference/api/pan das.read_excel.html

pandas: pandas documentation (2024). URL https: //pandas.pydata.org/docs/reference/api/pan das.read_excel.html

work page 2024
[43]

URLhttps: //github.com/ankushshah89/python-docx2txt

Shah, A.: Github – python-docx2txt (2025). URLhttps: //github.com/ankushshah89/python-docx2txt

work page 2025
[44]

URL https://textra ct.readthedocs.io/en/stable/

Malmgren, D.: textract (2024). URL https://textra ct.readthedocs.io/en/stable/

work page 2024
[45]

URL https://wiki.g entoo.org/wiki/Antiword

gentoo linux: antiword (2023). URL https://wiki.g entoo.org/wiki/Antiword

work page 2023
[46]

URL https://searchengine land.com/inside-google-searchguard-467676

Olivier de Segonzac: Search Engine Land: Inside Search- Guard: How Google detects bots and what the SerpAPI lawsuit reveals (2026). URL https://searchengine land.com/inside-google-searchguard-467676

work page 2026
[47]

URL https://developers.google.com/custom -search/v1/overview

Google: Google for Developers – Custom Search (2026). URL https://developers.google.com/custom -search/v1/overview

work page 2026
[48]

URL https://stat.bora.dopa.go.th/stat/stat new/statyear/

The Bureau of Registration Administration of Thailand (BORA): Official statistics registration systems (2024). URL https://stat.bora.dopa.go.th/stat/stat new/statyear/

work page 2024
[49]

URL https: //owasp.org/Top10/2025/

OWASP: OWASP Top 10:2025 (2025). URL https: //owasp.org/Top10/2025/

work page 2025
[50]

URL https://info.mhesi.go.th/homestat_acad emy.php

System and Strategic Information Management Division, Ministry of Higher Education, Science, Research and Innovation: Higher Education Institution Data (2024). URL https://info.mhesi.go.th/homestat_acad emy.php

work page 2024
[51]

In: 2022 6th International Conference on Infor- mation Technology (InCIT), pp

Lapwattanaworakul, J., Srisa-An, C., Angsirikul, S.: Guideline for data anonymization for data privacy in thailand. In: 2022 6th International Conference on Infor- mation Technology (InCIT), pp. 211–215 (2022). DOI 10.1109/InCIT56086.2022.10067859

work page doi:10.1109/incit56086.2022.10067859 2022
[52]

URL https://developers.g oogle.com/search/docs/crawling-indexing/bl ock-indexing Analysis of Personal Data Exposure in Thailand 25

Google: Google Search Central – Block Search indexing with noindex (2025). URL https://developers.g oogle.com/search/docs/crawling-indexing/bl ock-indexing Analysis of Personal Data Exposure in Thailand 25

work page 2025
[53]

Data Privacy Manager: 20 biggest GDPR fines so far

work page
[54]

URL https://dataprivacymanager .net/5-biggest-gdpr-fines-so-far-2020/

(2025). URL https://dataprivacymanager .net/5-biggest-gdpr-fines-so-far-2020/

work page 2025
[55]

URL https://support.goog le.com/websearch/answer/11080680?hl=en

Google: Google Search Help – Remove web results from Google Search (n.d.). URL https://support.goog le.com/websearch/answer/11080680?hl=en

work page arXiv
[56]

URL https://www.techsafety .org/removing-sensitive-content

Safety Net Project: Removing Sensitive Content from the Internet (2022). URL https://www.techsafety .org/removing-sensitive-content

work page 2022
[57]

IEEE Security & Privacy10(02), 71–75 (2012)

Bailey, M., Kenneally, E., Maughan, D., Dittrich, D.: The Menlo Report . IEEE Security & Privacy10(02), 71–75 (2012). DOI 10.1109/MSP.2012.52. URL https://doi.ieeecomputersociety.org/10.110 9/MSP.2012.52

work page doi:10.1109/msp.2012.52 2012
[58]

Telematics and Infor- matics Reports8, 100,015 (2022)

Adnan, M., Ghazali, M., Othman, N.Z.S.: E-participation within the context of e-government initiatives: A com- prehensive systematic review. Telematics and Infor- matics Reports8, 100,015 (2022). DOI https://do i.org/10.1016/j.teler.2022.100015. URL https: //www.sciencedirect.com/science/article/pi i/S2772503022000135

work page doi:10.1016/j.teler.2022.100015 2022
[59]

Independent study, Chu- lalongkorn University (2019)

Chaipipat, S.: Asean governance on data privacy: chal- lenges to regional protection of data privacy and per- sonal data in cyberspace. Independent study, Chu- lalongkorn University (2019). DOI https://doi.or g/10.58837/CHULA.IS.2019.80. URL https: //digital.car.chula.ac.th/chulaetd/6946/

work page doi:10.58837/chula.is.2019.80 2019
[60]

JMIR Med Inform12, e51,219 (2024)

Wang, Z., Hu, F., Su, J., Lin, Y.: Information source characteristics of personal data leakage during the covid- 19 pandemic in china: Observational study. JMIR Med Inform12, e51,219 (2024). DOI 10.2196/51219

work page doi:10.2196/51219 2024
[61]

Int J Informatics Comput Sci5(3), 246–9 (2021)

Andani, S.R.: Analysis of information security in data leaks in the pedulilindungi application. Int J Informatics Comput Sci5(3), 246–9 (2021)

work page 2021
[62]

Nusantara Science and Technology Proceedings pp

Ravizki, E.N.: Criminal liability in cases of personal data leakage amid the covid-19 pandemic. Nusantara Science and Technology Proceedings pp. 91–95 (2022)

work page 2022
[63]

BMJ381(2023)

Malhotra, S.: India investigates alleged leak of personal data from covid vaccination database. BMJ381(2023). DOI 10.1136/bmj.p1407. URL https://www.bmj.co m/content/381/bmj.p1407

work page doi:10.1136/bmj.p1407 2023
[64]

Frontiers in Public Health8(2020)

Jung, G., Lee, H., Kim, A., Lee, U.: Too much informa- tion: Assessing privacy risks of contact trace data disclo- sure on people with covid-19 in south korea. Frontiers in Public Health8(2020). DOI 10.3389/fpubh.2020.00305. URL https://www.frontiersin.org/journals/p ublic-health/articles/10.3389/fpubh.2020. 00305

work page doi:10.3389/fpubh.2020.00305 2020
[65]

URL https://www.industry.go.th/w eb-upload/1xff0d34e409a13ef56eea54c52a2911 26/m_magazine/12668/373/file_download/b29e 16008a87c72b354efebef853a428.pdf

Ministry of Industry: THAILAND 4.0 The Next Revolu- tion (2017). URL https://www.industry.go.th/w eb-upload/1xff0d34e409a13ef56eea54c52a2911 26/m_magazine/12668/373/file_download/b29e 16008a87c72b354efebef853a428.pdf

work page 2017
[66]

In: 2024 Research, Invention, and Innovation Congress: Innovative Elec- tricals and Electronics (RI2C), pp

Kulrujiphat, S., Wuttidittachotti, P.: A guideline of se- curity and privacy improvement for promoting a thai government e-service digital trust. In: 2024 Research, Invention, and Innovation Congress: Innovative Elec- tricals and Electronics (RI2C), pp. 5–8 (2024). DOI 10.1109/RI2C64012.2024.10784415

work page doi:10.1109/ri2c64012.2024.10784415 2024
[67]

Journal of Law, Information and Science23(1), [97]–136 (2014)

Ramasoota, P., Panichpapiboon, S.: Online privacy in thailand: Public and strategic awareness. Journal of Law, Information and Science23(1), [97]–136 (2014). URL https://search.informit.org/doi/10.3316/ie lapa.347924655938976

work page doi:10.3316/ie 2014
[68]

Heliyon9(10) (2023)

Chatsuwan, P., Phromma, T., Surasvadi, N., Tha- jchayapong, S.: Personal data protection compliance assessment: A privacy policy scoring approach and em- pirical evidence from Thailand’s SMEs. Heliyon9(10) (2023)

work page 2023
[69]

In: Proceedings of the 16th International Conference on World Wide Web, WWW ’07, p

Xu, Y., Wang, K., Zhang, B., Chen, Z.: Privacy-enhancing personalized web search. In: Proceedings of the 16th International Conference on World Wide Web, WWW ’07, p. 591–600. Association for Computing Machinery, New York, NY, USA (2007). DOI 10.1145/1242572.12 42652. URL https://doi.org/10.1145/1242572. 1242652

work page doi:10.1145/1242572.12 2007
[70]

Journal of Medical Imaging and Health Informatics9(6), 1196– 1204 (2019)

Khan, R., Islam, M.A., Ullah, M., Aleem, M., Iqbal, M.A.: Privacy exposure measure: a privacy-preserving technique for health-related web search. Journal of Medical Imaging and Health Informatics9(6), 1196– 1204 (2019)

work page 2019
[71]

First Monday13(3) (2008)

Zimmer, M.: The externalities of search 2.0: The emerg- ing privacy threats when the drive for the perfect search engine meets web 2.0. First Monday13(3) (2008). DOI 10.5210/fm.v13i3.2136. URL https://firstmonday. org/ojs/index.php/fm/article/view/2136

work page doi:10.5210/fm.v13i3.2136 2008
[72]

IEEE Access6, 78,551– 78,558 (2018)

Guo, G., Yang, T., Liu, Y.: Search engine based proper privacy protection scheme. IEEE Access6, 78,551– 78,558 (2018). DOI 10.1109/ACCESS.2018.2885073

work page doi:10.1109/access.2018.2885073 2018
[73]

In: 2024 7th International Conference on Internet Appli- cations, Protocols, and Services (NETAPPS), pp

Adeeb Abdul Rahim, M.A., Mohamad, A.M., Kamarud- din, S., Wan Rosli, W.R.: Data leaks through public digital document libraries: A growing concern in relation to personal data protection and cyber security regulations. In: 2024 7th International Conference on Internet Appli- cations, Protocols, and Services (NETAPPS), pp. 1–6 (2024). DOI 10.1109/NETAPPS63...

work page doi:10.1109/netapps63333.2024.10823567 2024
[74]

Transformations in Business & Economics 19(2) (2020)

Onete, C.B., Vargas, V.M., Chita, S.D.: Study on the im- plications of personal data exposure on the social media platforms. Transformations in Business & Economics 19(2) (2020)

work page 2020

[1] [1]

In: Proceedings of the International Con- ference on Cybersecurity and Cybercrime, vol

Predescu, P.A., B˘alan, D.: The implications and effects of data leaks. In: Proceedings of the International Con- ference on Cybersecurity and Cybercrime, vol. 10, pp. 170–177 (2023)

work page 2023

[2] [2]

In: Criminal Law Forum, vol

Clough, J.: Data theft? cybercrime and the increasing criminalization of access to data. In: Criminal Law Forum, vol. 22, pp. 145–170. Springer (2011)

work page 2011

[3] [3]

2562 (2019) (2019)

Personal Data Protection Act, B.E. 2562 (2019) (2019). URL https://www.etda.or.th/th/Useful-Res ource/law/pdpa.aspx

work page 2019

[4] [4]

Annals of Justice and Humanity1(1), 29–37 (2021)

Zulfiani, Y.N.: Prevention of personal data privacy leak- age in e-government, as the government’s responsibility. Annals of Justice and Humanity1(1), 29–37 (2021)

work page 2021

[5] [5]

In: Interna- tional Conference on Recent Trends in Machine Learning, IOT, Smart Cities & Applications, pp

Vijay, P., Ramesh, P., Keshav I, S.: A survey of ethics in aadhaar, cybersecurity, and healthcare data. In: Interna- tional Conference on Recent Trends in Machine Learning, IOT, Smart Cities & Applications, pp. 437–454. Springer (2024)

work page 2024

[6] [6]

Computers & Security140, 103,782 (2024)

Sadhya, D., Sahu, T.: A critical survey of the security and privacy aspects of the aadhaar framework. Computers & Security140, 103,782 (2024). DOI https://doi.org/10.1 016/j.cose.2024.103782. URL https://www.scienc edirect.com/science/article/pii/S016740482 400083X

work page arXiv 2024

[7] [7]

In: Proceedings of the 2nd ACM Workshop on Online Social Networks, WOSN ’09, p

Krishnamurthy, B., Wills, C.E.: On the leakage of per- sonally identifiable information via online social net- works. In: Proceedings of the 2nd ACM Workshop on Online Social Networks, WOSN ’09, p. 7–12. As- sociation for Computing Machinery, New York, NY, USA (2009). DOI 10.1145/1592665.1592668. URL https://doi.org/10.1145/1592665.1592668

work page doi:10.1145/1592665.1592668 2009

[8] [8]

Journal of Financial Crime22(2), 242–260 (2015)

Holtfreter, R.E., Harrington, A.: Data breach trends in the united states. Journal of Financial Crime22(2), 242–260 (2015)

work page 2015

[9] [9]

URL https://commission.europa.eu/law/law -topic/data-protection_en

European Commission: Data protection in the EU (n.d.). URL https://commission.europa.eu/law/law -topic/data-protection_en

work page

[10] [10]

Thai Personal Data Protection Act (2024)

OneTrust DataGuidance: Comparing privacy laws: GDPR v. Thai Personal Data Protection Act (2024). URL https://www.dataguidance.com/sites/def ault/files/gdpr_v_thailand_updated.pdf

work page 2024

[11] [11]

Journal of Roi Kaensarn Academi8(12), 726–743 (2023)

Buabkhom, A.: The Technological Crimes : Law and Integrative Practical Prevention Strategies. Journal of Roi Kaensarn Academi8(12), 726–743 (2023). URL https://so02.tci-thaijo.org/index.php/JRKS A/article/view/266556

work page 2023

[12] [12]

URL ht tps://www.bot.or.th/th/research-and-publi cations/articles-and-publications/bot-mag azine/Phrasiam-66-3/globaltrend_financial fraud.html

Kompetch Krongkrachang: Bank of Thailand – Global Online Financial Scams Compilation (2023). URL ht tps://www.bot.or.th/th/research-and-publi cations/articles-and-publications/bot-mag azine/Phrasiam-66-3/globaltrend_financial fraud.html

work page 2023

[13] [13]

URL https://www.resecurity.com/blog/article/cy bercriminals-leaked-massive-volumes-of-s tolen-pii-data-from-thailand-in-dark-web

Resecurity: Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web (2024). URL https://www.resecurity.com/blog/article/cy bercriminals-leaked-massive-volumes-of-s tolen-pii-data-from-thailand-in-dark-web

work page 2024

[14] [14]

URL https://databreaches.net/2024/ 11/20/thai-loyalty-membership-card-data-o f-5-million-customers-put-up-for-sale-o n-hacking-forum/

DataBreaches.Net: Thai loyalty membership card data of 5 million customers put up for sale on hacking forum (2024). URL https://databreaches.net/2024/ 11/20/thai-loyalty-membership-card-data-o f-5-million-customers-put-up-for-sale-o n-hacking-forum/

work page 2024

[15] [15]

Bank employees sell customer information call for confidence (2024)

Money & Banking Online: The Thai Bankers Associa- tion rushes to find the root cause. Bank employees sell customer information call for confidence (2024). URL https://en.moneyandbanking.co.th/2024/9191 1/

work page 2024

[16] [16]

Amarin TV: Call center scam victim weeps, wants to die after being deceived out of 2.5 million Baht. (2024). URL https://www.amarintv.com/news/social/2 27071

work page 2024

[17] [17]

URLhttps://www.komcha dluek.net/news/crime/582613

Kom Chad Luek: 34-year-old man takes his own life, leaves a farewell letter demanding the arrest of the call center scam gang (2024). URLhttps://www.komcha dluek.net/news/crime/582613

work page 2024

[18] [18]

2566 (2023) (2023)

Emergency Decree on Measures for the Prevention and Suppression of Technological Crimes B.E. 2566 (2023) (2023). URL https://mdes.go.th/law/detail/ 7455-Emergency-Decree-on-Measures-for-the -Prevention-and-Suppression-of-Technologic al-Crimes--B-E--2566--2023-

work page 2023

[19] [19]

URL https://www.lawp lusltd.com/2023/04/thailand-issues-law-t o-combat-technology-crimes

Kowit Somwaiya, U.U.a.: Thailand Issues Law to Combat Technology Crimes (2024). URL https://www.lawp lusltd.com/2023/04/thailand-issues-law-t o-combat-technology-crimes

work page 2024

[20] [20]

URL https://www.fb i.gov/how-we-can-help-you/scams-and-safet y/common-frauds-and-scams/money-mules 24 Suphannee Sivakorn 1, Sasawat Malaivongs2, Nuttaya Rujiratanapat1

FBI.gov: Money Mules (n.d.). URL https://www.fb i.gov/how-we-can-help-you/scams-and-safet y/common-frauds-and-scams/money-mules 24 Suphannee Sivakorn 1, Sasawat Malaivongs2, Nuttaya Rujiratanapat1

work page

[21] [21]

URL https: //www.thaipbs.or.th/news/content/347899

Thai PBS: How to safely use your id card – what happens if your information gets leaked? (2025). URL https: //www.thaipbs.or.th/news/content/347899

work page 2025

[22] [22]

URL https://kb.dga.or.th/gdx/1about/

Digital Government Development Agency (DGA): Gov- ernment Data Exchange Center : GDX (n.d.). URL https://kb.dga.or.th/gdx/1about/

work page

[23] [23]

Frontiers in Computer Science3, 563,060 (2021)

Alkhalil, Z., Hewage, C., Nawaf, L., Khan, I.: Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science3, 563,060 (2021)

work page 2021

[24] [24]

Amarikwa, M.: Internet openness at risk: Generative ai’s impact on data scraping. Rich. JL & Tech.30, 533 (2023)

work page 2023

[25] [25]

The Verge (2023)

Weatherbed, J.: Google confirms it’s training Bard on scraped web data, too. The Verge (2023). URL https: //www.theverge.com/2023/7/5/23784257/googl e-ai-bard-privacy-policy-train-web-scrap ing

work page 2023

[26] [26]

The New York Times (2023)

White, J.: How Strangers Got My Email Address From ChatGPT’s Model. The New York Times (2023). URL https://www.nytimes.com/interactive/2023/1 2/22/technology/openai-chatgpt-privacy-e xploit.html

work page 2023

[27] [27]

In: 2023 IEEE 17th International Conference on Industrial and Information Systems (ICIIS), pp

Sirisuriya, S.D.S.: Importance of web scraping as a data source for machine learning algorithms - review. In: 2023 IEEE 17th International Conference on Industrial and Information Systems (ICIIS), pp. 134–139 (2023). DOI 10.1109/ICIIS58898.2023.10253502

work page doi:10.1109/iciis58898.2023.10253502 2023

[28] [28]

Use of Copyrighted Work

Grynbaum, M.M., Mac, R.: The Times Sues OpenAI and Microsoft Over A.I. Use of Copyrighted Work. The New York Times (2023). URL https://www.nytime s.com/2023/12/27/business/media/newyork-t imes-open-ai-microsoft-lawsuit.html

work page 2023

[29] [29]

Harvard Business School (2024)

Layne, R.: How to Make AI ’Forget’ All the Private Data It Shouldn’t Have. Harvard Business School (2024). URL https://www.library.hbs.edu/working-k nowledge/qa-seth-neel-on-machine-unlearn ing-and-the-right-to-be-forgotten

work page 2024

[30] [30]

Snyder, A.: Machine forgetting: How difficult it is to get AI to forget. Axios. URL https://www.axios.com/ 2024/01/12/ai-forget-unlearn-data-privacy

work page 2024

[31] [31]

Google (2025)

Google Search Central: Overview of crawling and index- ing topics. Google (2025). URL https://developers .google.com/search/docs/crawling-indexing

work page 2025

[32] [32]

Que Pub- lishing (2011)

Miller, M.: Using Google Advanced Search. Que Pub- lishing (2011)

work page 2011

[33] [33]

Microsoft (n.d.)

Microsoft: Advanced search options. Microsoft (n.d.). URL https://support.microsoft.com/en-us/ topic/advanced-search-options-b92e25f1-0 085-4271-bdf9-14aaea720930

work page

[34] [34]

Microsoft (n.d.)

Microsoft: Advanced search keywords. Microsoft (n.d.). URL https://support.microsoft.com/en-us/ topic/advanced-search-keywords-ea595928-5 d63-4a0b-9c6b-0b769865e78a

work page

[35] [35]

URL https: //datatracker.ietf.org/doc/html/rfc1035

IETF: RFC 1035 – DOMAIN NAMES - IMPLEMEN- TATION AND SPECIFICATION (1987). URL https: //datatracker.ietf.org/doc/html/rfc1035

work page 1987

[36] [36]

URL https: //www.iso.org/iso-3166-country-codes.html

ISO: ISO 3166 Country Codes (1974). URL https: //www.iso.org/iso-3166-country-codes.html

work page 1974

[37] [37]

URL https://www

THNiC: .th Internet country code top-level domain (ccTLD) for Thailand (2020). URL https://www. thnic.or.th/en/th-internet-country-code-t op-level-domain-cctld-for-thailand/

work page 2020

[38] [38]

URL https://www.broadbandsearch.net/ blog/most-popular-internet-search-engine

Seitz, L.: The Most Popular Search Engine (What Is It?) (2024). URL https://www.broadbandsearch.net/ blog/most-popular-internet-search-engine

work page 2024

[39] [39]

URL https://pypdf2.r eadthedocs.io/en/3.x/

Fenniak, M.: PyPDF2 (n.d.). URL https://pypdf2.r eadthedocs.io/en/3.x/

work page

[40] [40]

URL https://github.com/jsvine/pdfplumber

Singer-Vine, J.: Github – pdfplumber (2025). URL https://github.com/jsvine/pdfplumber

work page 2025

[41] [41]

URLhttps://pypi.org/project/pytesseract/

madmaze: Python-tesseract – pytesseract 0.3.13 (2024). URLhttps://pypi.org/project/pytesseract/

work page 2024

[42] [42]

URL https: //pandas.pydata.org/docs/reference/api/pan das.read_excel.html

pandas: pandas documentation (2024). URL https: //pandas.pydata.org/docs/reference/api/pan das.read_excel.html

work page 2024

[43] [43]

URLhttps: //github.com/ankushshah89/python-docx2txt

Shah, A.: Github – python-docx2txt (2025). URLhttps: //github.com/ankushshah89/python-docx2txt

work page 2025

[44] [44]

URL https://textra ct.readthedocs.io/en/stable/

Malmgren, D.: textract (2024). URL https://textra ct.readthedocs.io/en/stable/

work page 2024

[45] [45]

URL https://wiki.g entoo.org/wiki/Antiword

gentoo linux: antiword (2023). URL https://wiki.g entoo.org/wiki/Antiword

work page 2023

[46] [46]

URL https://searchengine land.com/inside-google-searchguard-467676

Olivier de Segonzac: Search Engine Land: Inside Search- Guard: How Google detects bots and what the SerpAPI lawsuit reveals (2026). URL https://searchengine land.com/inside-google-searchguard-467676

work page 2026

[47] [47]

URL https://developers.google.com/custom -search/v1/overview

Google: Google for Developers – Custom Search (2026). URL https://developers.google.com/custom -search/v1/overview

work page 2026

[48] [48]

URL https://stat.bora.dopa.go.th/stat/stat new/statyear/

The Bureau of Registration Administration of Thailand (BORA): Official statistics registration systems (2024). URL https://stat.bora.dopa.go.th/stat/stat new/statyear/

work page 2024

[49] [49]

URL https: //owasp.org/Top10/2025/

OWASP: OWASP Top 10:2025 (2025). URL https: //owasp.org/Top10/2025/

work page 2025

[50] [50]

URL https://info.mhesi.go.th/homestat_acad emy.php

System and Strategic Information Management Division, Ministry of Higher Education, Science, Research and Innovation: Higher Education Institution Data (2024). URL https://info.mhesi.go.th/homestat_acad emy.php

work page 2024

[51] [51]

In: 2022 6th International Conference on Infor- mation Technology (InCIT), pp

Lapwattanaworakul, J., Srisa-An, C., Angsirikul, S.: Guideline for data anonymization for data privacy in thailand. In: 2022 6th International Conference on Infor- mation Technology (InCIT), pp. 211–215 (2022). DOI 10.1109/InCIT56086.2022.10067859

work page doi:10.1109/incit56086.2022.10067859 2022

[52] [52]

URL https://developers.g oogle.com/search/docs/crawling-indexing/bl ock-indexing Analysis of Personal Data Exposure in Thailand 25

Google: Google Search Central – Block Search indexing with noindex (2025). URL https://developers.g oogle.com/search/docs/crawling-indexing/bl ock-indexing Analysis of Personal Data Exposure in Thailand 25

work page 2025

[53] [53]

Data Privacy Manager: 20 biggest GDPR fines so far

work page

[54] [54]

URL https://dataprivacymanager .net/5-biggest-gdpr-fines-so-far-2020/

(2025). URL https://dataprivacymanager .net/5-biggest-gdpr-fines-so-far-2020/

work page 2025

[55] [55]

URL https://support.goog le.com/websearch/answer/11080680?hl=en

Google: Google Search Help – Remove web results from Google Search (n.d.). URL https://support.goog le.com/websearch/answer/11080680?hl=en

work page arXiv

[56] [56]

URL https://www.techsafety .org/removing-sensitive-content

Safety Net Project: Removing Sensitive Content from the Internet (2022). URL https://www.techsafety .org/removing-sensitive-content

work page 2022

[57] [57]

IEEE Security & Privacy10(02), 71–75 (2012)

Bailey, M., Kenneally, E., Maughan, D., Dittrich, D.: The Menlo Report . IEEE Security & Privacy10(02), 71–75 (2012). DOI 10.1109/MSP.2012.52. URL https://doi.ieeecomputersociety.org/10.110 9/MSP.2012.52

work page doi:10.1109/msp.2012.52 2012

[58] [58]

Telematics and Infor- matics Reports8, 100,015 (2022)

Adnan, M., Ghazali, M., Othman, N.Z.S.: E-participation within the context of e-government initiatives: A com- prehensive systematic review. Telematics and Infor- matics Reports8, 100,015 (2022). DOI https://do i.org/10.1016/j.teler.2022.100015. URL https: //www.sciencedirect.com/science/article/pi i/S2772503022000135

work page doi:10.1016/j.teler.2022.100015 2022

[59] [59]

Independent study, Chu- lalongkorn University (2019)

Chaipipat, S.: Asean governance on data privacy: chal- lenges to regional protection of data privacy and per- sonal data in cyberspace. Independent study, Chu- lalongkorn University (2019). DOI https://doi.or g/10.58837/CHULA.IS.2019.80. URL https: //digital.car.chula.ac.th/chulaetd/6946/

work page doi:10.58837/chula.is.2019.80 2019

[60] [60]

JMIR Med Inform12, e51,219 (2024)

Wang, Z., Hu, F., Su, J., Lin, Y.: Information source characteristics of personal data leakage during the covid- 19 pandemic in china: Observational study. JMIR Med Inform12, e51,219 (2024). DOI 10.2196/51219

work page doi:10.2196/51219 2024

[61] [61]

Int J Informatics Comput Sci5(3), 246–9 (2021)

Andani, S.R.: Analysis of information security in data leaks in the pedulilindungi application. Int J Informatics Comput Sci5(3), 246–9 (2021)

work page 2021

[62] [62]

Nusantara Science and Technology Proceedings pp

Ravizki, E.N.: Criminal liability in cases of personal data leakage amid the covid-19 pandemic. Nusantara Science and Technology Proceedings pp. 91–95 (2022)

work page 2022

[63] [63]

BMJ381(2023)

Malhotra, S.: India investigates alleged leak of personal data from covid vaccination database. BMJ381(2023). DOI 10.1136/bmj.p1407. URL https://www.bmj.co m/content/381/bmj.p1407

work page doi:10.1136/bmj.p1407 2023

[64] [64]

Frontiers in Public Health8(2020)

Jung, G., Lee, H., Kim, A., Lee, U.: Too much informa- tion: Assessing privacy risks of contact trace data disclo- sure on people with covid-19 in south korea. Frontiers in Public Health8(2020). DOI 10.3389/fpubh.2020.00305. URL https://www.frontiersin.org/journals/p ublic-health/articles/10.3389/fpubh.2020. 00305

work page doi:10.3389/fpubh.2020.00305 2020

[65] [65]

URL https://www.industry.go.th/w eb-upload/1xff0d34e409a13ef56eea54c52a2911 26/m_magazine/12668/373/file_download/b29e 16008a87c72b354efebef853a428.pdf

Ministry of Industry: THAILAND 4.0 The Next Revolu- tion (2017). URL https://www.industry.go.th/w eb-upload/1xff0d34e409a13ef56eea54c52a2911 26/m_magazine/12668/373/file_download/b29e 16008a87c72b354efebef853a428.pdf

work page 2017

[66] [66]

In: 2024 Research, Invention, and Innovation Congress: Innovative Elec- tricals and Electronics (RI2C), pp

Kulrujiphat, S., Wuttidittachotti, P.: A guideline of se- curity and privacy improvement for promoting a thai government e-service digital trust. In: 2024 Research, Invention, and Innovation Congress: Innovative Elec- tricals and Electronics (RI2C), pp. 5–8 (2024). DOI 10.1109/RI2C64012.2024.10784415

work page doi:10.1109/ri2c64012.2024.10784415 2024

[67] [67]

Journal of Law, Information and Science23(1), [97]–136 (2014)

Ramasoota, P., Panichpapiboon, S.: Online privacy in thailand: Public and strategic awareness. Journal of Law, Information and Science23(1), [97]–136 (2014). URL https://search.informit.org/doi/10.3316/ie lapa.347924655938976

work page doi:10.3316/ie 2014

[68] [68]

Heliyon9(10) (2023)

Chatsuwan, P., Phromma, T., Surasvadi, N., Tha- jchayapong, S.: Personal data protection compliance assessment: A privacy policy scoring approach and em- pirical evidence from Thailand’s SMEs. Heliyon9(10) (2023)

work page 2023

[69] [69]

In: Proceedings of the 16th International Conference on World Wide Web, WWW ’07, p

Xu, Y., Wang, K., Zhang, B., Chen, Z.: Privacy-enhancing personalized web search. In: Proceedings of the 16th International Conference on World Wide Web, WWW ’07, p. 591–600. Association for Computing Machinery, New York, NY, USA (2007). DOI 10.1145/1242572.12 42652. URL https://doi.org/10.1145/1242572. 1242652

work page doi:10.1145/1242572.12 2007

[70] [70]

Journal of Medical Imaging and Health Informatics9(6), 1196– 1204 (2019)

Khan, R., Islam, M.A., Ullah, M., Aleem, M., Iqbal, M.A.: Privacy exposure measure: a privacy-preserving technique for health-related web search. Journal of Medical Imaging and Health Informatics9(6), 1196– 1204 (2019)

work page 2019

[71] [71]

First Monday13(3) (2008)

Zimmer, M.: The externalities of search 2.0: The emerg- ing privacy threats when the drive for the perfect search engine meets web 2.0. First Monday13(3) (2008). DOI 10.5210/fm.v13i3.2136. URL https://firstmonday. org/ojs/index.php/fm/article/view/2136

work page doi:10.5210/fm.v13i3.2136 2008

[72] [72]

IEEE Access6, 78,551– 78,558 (2018)

Guo, G., Yang, T., Liu, Y.: Search engine based proper privacy protection scheme. IEEE Access6, 78,551– 78,558 (2018). DOI 10.1109/ACCESS.2018.2885073

work page doi:10.1109/access.2018.2885073 2018

[73] [73]

In: 2024 7th International Conference on Internet Appli- cations, Protocols, and Services (NETAPPS), pp

Adeeb Abdul Rahim, M.A., Mohamad, A.M., Kamarud- din, S., Wan Rosli, W.R.: Data leaks through public digital document libraries: A growing concern in relation to personal data protection and cyber security regulations. In: 2024 7th International Conference on Internet Appli- cations, Protocols, and Services (NETAPPS), pp. 1–6 (2024). DOI 10.1109/NETAPPS63...

work page doi:10.1109/netapps63333.2024.10823567 2024

[74] [74]

Transformations in Business & Economics 19(2) (2020)

Onete, C.B., Vargas, V.M., Chita, S.D.: Study on the im- plications of personal data exposure on the social media platforms. Transformations in Business & Economics 19(2) (2020)

work page 2020