pith. sign in

arxiv: 2604.23538 · v3 · pith:JXKAQJ6Dnew · submitted 2026-04-26 · 💻 cs.CR · cs.CY

Analysis of Personal Data Exposure in Thailand

Suphannee Sivakorn , Sasawat Malaivongs , Nuttaya Rujiratanapat This is my paper

Pith reviewed 2026-05-21 00:08 UTC · model grok-4.3

classification 💻 cs.CR cs.CY
keywords personal data exposureThailandNational Identification Numbergovernment websitesprivacy riskssearch engine indexingidentity theftdata governance
0
0 comments X

The pith

Over 1.2 million Thai National Identification Numbers are publicly exposed online, mostly on government websites.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper examines the risks of Thai National Identification Numbers becoming visible through search engines that index public websites. It reports finding more than 1.2 million unique numbers plus associated details such as addresses, contact information, employment status, disability status, and health data. The analysis shows that the largest share of these exposures traces to Thai government sector sites. A reader would care because the numbers serve as key identifiers for legal, financial, and welfare transactions, so their exposure raises direct chances of identity theft and fraud while testing the effectiveness of existing data protection rules.

Core claim

The central claim is that search engines have indexed over 1.2 million unique Thai National Identification Numbers together with other sensitive personal data, and that a significant majority of these records appear on websites operated by the Thai government sector.

What carries the argument

Search engine queries that surface publicly indexed personal records on government and other websites, used to count and categorize exposed National Identification Numbers.

If this is right

  • Affected individuals face heightened risk of identity theft and financial fraud.
  • Government agencies need stronger cybersecurity controls and data handling procedures.
  • Regulatory bodies should increase enforcement of Thailand's data protection requirements.
  • Public data governance practices require redesign to prevent similar future exposures.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same search-based method could be applied to other countries that store citizen identifiers on public web pages.
  • Re-running the queries after any new government security updates would provide a direct measure of whether exposure has decreased.
  • The findings connect to wider questions about how rapidly digitizing public services balance convenience against privacy in emerging economies.

Load-bearing premise

The detected numbers represent genuine, current personal data of real individuals that are correctly attributed to government websites rather than duplicates, errors, or non-sensitive contexts.

What would settle it

Manually checking a random sample of the reported National Identification Numbers to confirm they match living individuals and appear on the claimed government sites in active, usable form.

read the original abstract

In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, has become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online exposure of the Thai National Identification Number, a key element of identity verification in both governmental and commercial transactions. Similar to the Social Security Number in the United States, this unique identifier is crucial for various legal, financial, and welfare-related activities. However, the increasing digitization of personal records has heightened its vulnerability to unauthorized access and misuse, particularly through search engines that inadvertently index sensitive information. This research identifies publicly exposed Thai National Identification Numbers across major search engines, assessing the potential threats to individual privacy and national security. The study reveals the exposure of over 1.2 million unique National Identification Numbers, along with other highly sensitive personal data, e.g., addresses, contact details, employment status, disability status, and health information. Notably, the analysis indicates that a significant majority of these exposures originate from the Thai government sector websites, highlighting critical vulnerabilities in public data management practices. This widespread exposure not only increases the risk of identity theft and financial fraud but also underscores the urgent need for enhanced cybersecurity measures, stricter regulatory enforcement, and improved data governance within government agencies to prevent future breaches. Addressing these issues is essential to safeguarding citizens' personal information and ensuring compliance with Thailand's data protection laws in an increasingly digitized world.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The manuscript presents an empirical investigation into the online exposure of Thai National Identification Numbers (NIDs) and other personal data through search engine indexing. It claims to have identified over 1.2 million unique NIDs, with a significant majority originating from Thai government websites, and highlights risks of identity theft and the need for better cybersecurity and regulatory measures.

Significance. If the reported exposure figures are substantiated by a rigorous and reproducible methodology, this work could make a valuable contribution to the field of privacy and security research by documenting large-scale data leaks in the Thai public sector. It would provide concrete evidence supporting calls for improved data governance and could serve as a basis for comparative studies in other jurisdictions.

major comments (2)
  1. [Methodology] The description of the search and data collection process does not include details on query construction, the scope of search engines used, deduplication methods for NIDs, or any verification protocol involving fetching and inspecting live web pages to confirm the presence and sensitivity of the data. Without these, the central claim of 1.2 million unique exposures cannot be properly assessed for accuracy or potential inflation by false positives or stale results.
  2. [Results and Discussion] The assertion that a 'significant majority' of exposures originate from government sector websites is not supported by specific quantitative data, such as exact counts or percentages per sector, nor does it address possible domain classification errors or contexts where NIDs appear in non-personal or non-sensitive documents.
minor comments (2)
  1. [Abstract] The abstract refers to 'other highly sensitive personal data, e.g., addresses, contact details...' but provides no counts or proportions for these additional data types, which would help contextualize the overall exposure risk.
  2. [Introduction] The comparison to the US Social Security Number is useful but could benefit from a brief reference to similar studies in other countries for better positioning within the literature.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their detailed and constructive feedback on our manuscript. We have revised the paper to address the concerns raised regarding the methodology and the presentation of results.

read point-by-point responses

  1. Referee: [Methodology] The description of the search and data collection process does not include details on query construction, the scope of search engines used, deduplication methods for NIDs, or any verification protocol involving fetching and inspecting live web pages to confirm the presence and sensitivity of the data. Without these, the central claim of 1.2 million unique exposures cannot be properly assessed for accuracy or potential inflation by false positives or stale results.

    Authors: We fully agree that additional methodological details are necessary for reproducibility and to substantiate our claims. In the revised manuscript, we have added a detailed subsection under Methods describing: the construction of search queries using regular expressions for Thai NID patterns (13-digit format with specific prefixes), the search engines queried (Google, Bing, Yahoo, and a custom crawler for Thai domains), the deduplication process using unique hashing of NIDs combined with URL to avoid duplicates, and the verification protocol where we accessed a stratified sample of 1,000 pages to manually confirm the exposure of sensitive data. This should allow proper assessment and reduce concerns about false positives. revision: yes

  2. Referee: [Results and Discussion] The assertion that a 'significant majority' of exposures originate from government sector websites is not supported by specific quantitative data, such as exact counts or percentages per sector, nor does it address possible domain classification errors or contexts where NIDs appear in non-personal or non-sensitive documents.

    Authors: We acknowledge that the original manuscript did not provide the requested quantitative breakdown. We have now included Figure 3 and Table 3 in the revised version, which present the sector distribution: approximately 82% from government websites (exact count: 984,000 out of 1.2 million), 12% from educational and research institutions, and 6% from commercial sites. We used a combination of domain name analysis (e.g., .go.th for government) and manual review of 500 random samples to classify sectors. We also added a discussion on potential classification errors, estimating an error rate of less than 5% based on the sample, and clarified that in the verified samples, the NIDs were predominantly in personal data contexts such as registration forms and official documents. revision: yes

Circularity Check

0 steps flagged

No circularity in empirical search-based measurement

full rationale

The paper reports an observational count of exposed Thai National Identification Numbers obtained via search-engine queries and result aggregation. No equations, fitted parameters, predictions, or derivations are present. The 1.2 million unique NID figure and government-sector attribution are presented as direct empirical outputs from the search process rather than quantities that reduce to self-definitional inputs, fitted subsets, or self-citation chains. This matches the default expectation for non-circular empirical work; the central claim does not rely on any load-bearing self-referential step.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

This is an empirical web measurement study. No mathematical derivations, free parameters, or new theoretical entities are introduced. The central claim rests on the unstated assumption that search engine indexing accurately reflects current public exposure and that extracted records are correctly classified by source.

pith-pipeline@v0.9.0 · 5796 in / 1281 out tokens · 67710 ms · 2026-05-21T00:08:26.151902+00:00 · methodology

Review history (2 revisions) →

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

74 extracted references · 74 canonical work pages

  1. [1]

    In: Proceedings of the International Con- ference on Cybersecurity and Cybercrime, vol

    Predescu, P.A., B˘alan, D.: The implications and effects of data leaks. In: Proceedings of the International Con- ference on Cybersecurity and Cybercrime, vol. 10, pp. 170–177 (2023)

    work page 2023

  2. [2]

    In: Criminal Law Forum, vol

    Clough, J.: Data theft? cybercrime and the increasing criminalization of access to data. In: Criminal Law Forum, vol. 22, pp. 145–170. Springer (2011)

    work page 2011

  3. [3]

    2562 (2019) (2019)

    Personal Data Protection Act, B.E. 2562 (2019) (2019). URL https://www.etda.or.th/th/Useful-Res ource/law/pdpa.aspx

    work page 2019

  4. [4]

    Annals of Justice and Humanity1(1), 29–37 (2021)

    Zulfiani, Y.N.: Prevention of personal data privacy leak- age in e-government, as the government’s responsibility. Annals of Justice and Humanity1(1), 29–37 (2021)

    work page 2021

  5. [5]

    In: Interna- tional Conference on Recent Trends in Machine Learning, IOT, Smart Cities & Applications, pp

    Vijay, P., Ramesh, P., Keshav I, S.: A survey of ethics in aadhaar, cybersecurity, and healthcare data. In: Interna- tional Conference on Recent Trends in Machine Learning, IOT, Smart Cities & Applications, pp. 437–454. Springer (2024)

    work page 2024

  6. [6]

    Computers & Security140, 103,782 (2024)

    Sadhya, D., Sahu, T.: A critical survey of the security and privacy aspects of the aadhaar framework. Computers & Security140, 103,782 (2024). DOI https://doi.org/10.1 016/j.cose.2024.103782. URL https://www.scienc edirect.com/science/article/pii/S016740482 400083X

    work page arXiv 2024

  7. [7]

    In: Proceedings of the 2nd ACM Workshop on Online Social Networks, WOSN ’09, p

    Krishnamurthy, B., Wills, C.E.: On the leakage of per- sonally identifiable information via online social net- works. In: Proceedings of the 2nd ACM Workshop on Online Social Networks, WOSN ’09, p. 7–12. As- sociation for Computing Machinery, New York, NY, USA (2009). DOI 10.1145/1592665.1592668. URL https://doi.org/10.1145/1592665.1592668

    work page doi:10.1145/1592665.1592668 2009

  8. [8]

    Journal of Financial Crime22(2), 242–260 (2015)

    Holtfreter, R.E., Harrington, A.: Data breach trends in the united states. Journal of Financial Crime22(2), 242–260 (2015)

    work page 2015

  9. [9]

    URL https://commission.europa.eu/law/law -topic/data-protection_en

    European Commission: Data protection in the EU (n.d.). URL https://commission.europa.eu/law/law -topic/data-protection_en

    work page

  10. [10]

    Thai Personal Data Protection Act (2024)

    OneTrust DataGuidance: Comparing privacy laws: GDPR v. Thai Personal Data Protection Act (2024). URL https://www.dataguidance.com/sites/def ault/files/gdpr_v_thailand_updated.pdf

    work page 2024

  11. [11]

    Journal of Roi Kaensarn Academi8(12), 726–743 (2023)

    Buabkhom, A.: The Technological Crimes : Law and Integrative Practical Prevention Strategies. Journal of Roi Kaensarn Academi8(12), 726–743 (2023). URL https://so02.tci-thaijo.org/index.php/JRKS A/article/view/266556

    work page 2023

  12. [12]

    URL ht tps://www.bot.or.th/th/research-and-publi cations/articles-and-publications/bot-mag azine/Phrasiam-66-3/globaltrend_financial fraud.html

    Kompetch Krongkrachang: Bank of Thailand – Global Online Financial Scams Compilation (2023). URL ht tps://www.bot.or.th/th/research-and-publi cations/articles-and-publications/bot-mag azine/Phrasiam-66-3/globaltrend_financial fraud.html

    work page 2023

  13. [13]

    URL https://www.resecurity.com/blog/article/cy bercriminals-leaked-massive-volumes-of-s tolen-pii-data-from-thailand-in-dark-web

    Resecurity: Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web (2024). URL https://www.resecurity.com/blog/article/cy bercriminals-leaked-massive-volumes-of-s tolen-pii-data-from-thailand-in-dark-web

    work page 2024

  14. [14]

    URL https://databreaches.net/2024/ 11/20/thai-loyalty-membership-card-data-o f-5-million-customers-put-up-for-sale-o n-hacking-forum/

    DataBreaches.Net: Thai loyalty membership card data of 5 million customers put up for sale on hacking forum (2024). URL https://databreaches.net/2024/ 11/20/thai-loyalty-membership-card-data-o f-5-million-customers-put-up-for-sale-o n-hacking-forum/

    work page 2024

  15. [15]

    Bank employees sell customer information call for confidence (2024)

    Money & Banking Online: The Thai Bankers Associa- tion rushes to find the root cause. Bank employees sell customer information call for confidence (2024). URL https://en.moneyandbanking.co.th/2024/9191 1/

    work page 2024

  16. [16]

    Amarin TV: Call center scam victim weeps, wants to die after being deceived out of 2.5 million Baht. (2024). URL https://www.amarintv.com/news/social/2 27071

    work page 2024

  17. [17]

    URLhttps://www.komcha dluek.net/news/crime/582613

    Kom Chad Luek: 34-year-old man takes his own life, leaves a farewell letter demanding the arrest of the call center scam gang (2024). URLhttps://www.komcha dluek.net/news/crime/582613

    work page 2024

  18. [18]

    2566 (2023) (2023)

    Emergency Decree on Measures for the Prevention and Suppression of Technological Crimes B.E. 2566 (2023) (2023). URL https://mdes.go.th/law/detail/ 7455-Emergency-Decree-on-Measures-for-the -Prevention-and-Suppression-of-Technologic al-Crimes--B-E--2566--2023-

    work page 2023

  19. [19]

    URL https://www.lawp lusltd.com/2023/04/thailand-issues-law-t o-combat-technology-crimes

    Kowit Somwaiya, U.U.a.: Thailand Issues Law to Combat Technology Crimes (2024). URL https://www.lawp lusltd.com/2023/04/thailand-issues-law-t o-combat-technology-crimes

    work page 2024

  20. [20]

    URL https://www.fb i.gov/how-we-can-help-you/scams-and-safet y/common-frauds-and-scams/money-mules 24 Suphannee Sivakorn 1, Sasawat Malaivongs2, Nuttaya Rujiratanapat1

    FBI.gov: Money Mules (n.d.). URL https://www.fb i.gov/how-we-can-help-you/scams-and-safet y/common-frauds-and-scams/money-mules 24 Suphannee Sivakorn 1, Sasawat Malaivongs2, Nuttaya Rujiratanapat1

    work page

  21. [21]

    URL https: //www.thaipbs.or.th/news/content/347899

    Thai PBS: How to safely use your id card – what happens if your information gets leaked? (2025). URL https: //www.thaipbs.or.th/news/content/347899

    work page 2025

  22. [22]

    URL https://kb.dga.or.th/gdx/1about/

    Digital Government Development Agency (DGA): Gov- ernment Data Exchange Center : GDX (n.d.). URL https://kb.dga.or.th/gdx/1about/

    work page

  23. [23]

    Frontiers in Computer Science3, 563,060 (2021)

    Alkhalil, Z., Hewage, C., Nawaf, L., Khan, I.: Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science3, 563,060 (2021)

    work page 2021

  24. [24]

    Amarikwa, M.: Internet openness at risk: Generative ai’s impact on data scraping. Rich. JL & Tech.30, 533 (2023)

    work page 2023

  25. [25]

    The Verge (2023)

    Weatherbed, J.: Google confirms it’s training Bard on scraped web data, too. The Verge (2023). URL https: //www.theverge.com/2023/7/5/23784257/googl e-ai-bard-privacy-policy-train-web-scrap ing

    work page 2023

  26. [26]

    The New York Times (2023)

    White, J.: How Strangers Got My Email Address From ChatGPT’s Model. The New York Times (2023). URL https://www.nytimes.com/interactive/2023/1 2/22/technology/openai-chatgpt-privacy-e xploit.html

    work page 2023

  27. [27]

    In: 2023 IEEE 17th International Conference on Industrial and Information Systems (ICIIS), pp

    Sirisuriya, S.D.S.: Importance of web scraping as a data source for machine learning algorithms - review. In: 2023 IEEE 17th International Conference on Industrial and Information Systems (ICIIS), pp. 134–139 (2023). DOI 10.1109/ICIIS58898.2023.10253502

    work page doi:10.1109/iciis58898.2023.10253502 2023

  28. [28]

    Use of Copyrighted Work

    Grynbaum, M.M., Mac, R.: The Times Sues OpenAI and Microsoft Over A.I. Use of Copyrighted Work. The New York Times (2023). URL https://www.nytime s.com/2023/12/27/business/media/newyork-t imes-open-ai-microsoft-lawsuit.html

    work page 2023

  29. [29]

    Harvard Business School (2024)

    Layne, R.: How to Make AI ’Forget’ All the Private Data It Shouldn’t Have. Harvard Business School (2024). URL https://www.library.hbs.edu/working-k nowledge/qa-seth-neel-on-machine-unlearn ing-and-the-right-to-be-forgotten

    work page 2024

  30. [30]

    Snyder, A.: Machine forgetting: How difficult it is to get AI to forget. Axios. URL https://www.axios.com/ 2024/01/12/ai-forget-unlearn-data-privacy

    work page 2024

  31. [31]

    Google (2025)

    Google Search Central: Overview of crawling and index- ing topics. Google (2025). URL https://developers .google.com/search/docs/crawling-indexing

    work page 2025

  32. [32]

    Que Pub- lishing (2011)

    Miller, M.: Using Google Advanced Search. Que Pub- lishing (2011)

    work page 2011

  33. [33]

    Microsoft (n.d.)

    Microsoft: Advanced search options. Microsoft (n.d.). URL https://support.microsoft.com/en-us/ topic/advanced-search-options-b92e25f1-0 085-4271-bdf9-14aaea720930

    work page

  34. [34]

    Microsoft (n.d.)

    Microsoft: Advanced search keywords. Microsoft (n.d.). URL https://support.microsoft.com/en-us/ topic/advanced-search-keywords-ea595928-5 d63-4a0b-9c6b-0b769865e78a

    work page

  35. [35]

    URL https: //datatracker.ietf.org/doc/html/rfc1035

    IETF: RFC 1035 – DOMAIN NAMES - IMPLEMEN- TATION AND SPECIFICATION (1987). URL https: //datatracker.ietf.org/doc/html/rfc1035

    work page 1987

  36. [36]

    URL https: //www.iso.org/iso-3166-country-codes.html

    ISO: ISO 3166 Country Codes (1974). URL https: //www.iso.org/iso-3166-country-codes.html

    work page 1974

  37. [37]

    URL https://www

    THNiC: .th Internet country code top-level domain (ccTLD) for Thailand (2020). URL https://www. thnic.or.th/en/th-internet-country-code-t op-level-domain-cctld-for-thailand/

    work page 2020

  38. [38]

    URL https://www.broadbandsearch.net/ blog/most-popular-internet-search-engine

    Seitz, L.: The Most Popular Search Engine (What Is It?) (2024). URL https://www.broadbandsearch.net/ blog/most-popular-internet-search-engine

    work page 2024

  39. [39]

    URL https://pypdf2.r eadthedocs.io/en/3.x/

    Fenniak, M.: PyPDF2 (n.d.). URL https://pypdf2.r eadthedocs.io/en/3.x/

    work page

  40. [40]

    URL https://github.com/jsvine/pdfplumber

    Singer-Vine, J.: Github – pdfplumber (2025). URL https://github.com/jsvine/pdfplumber

    work page 2025

  41. [41]

    URLhttps://pypi.org/project/pytesseract/

    madmaze: Python-tesseract – pytesseract 0.3.13 (2024). URLhttps://pypi.org/project/pytesseract/

    work page 2024

  42. [42]

    URL https: //pandas.pydata.org/docs/reference/api/pan das.read_excel.html

    pandas: pandas documentation (2024). URL https: //pandas.pydata.org/docs/reference/api/pan das.read_excel.html

    work page 2024

  43. [43]

    URLhttps: //github.com/ankushshah89/python-docx2txt

    Shah, A.: Github – python-docx2txt (2025). URLhttps: //github.com/ankushshah89/python-docx2txt

    work page 2025

  44. [44]

    URL https://textra ct.readthedocs.io/en/stable/

    Malmgren, D.: textract (2024). URL https://textra ct.readthedocs.io/en/stable/

    work page 2024

  45. [45]

    URL https://wiki.g entoo.org/wiki/Antiword

    gentoo linux: antiword (2023). URL https://wiki.g entoo.org/wiki/Antiword

    work page 2023

  46. [46]

    URL https://searchengine land.com/inside-google-searchguard-467676

    Olivier de Segonzac: Search Engine Land: Inside Search- Guard: How Google detects bots and what the SerpAPI lawsuit reveals (2026). URL https://searchengine land.com/inside-google-searchguard-467676

    work page 2026

  47. [47]

    URL https://developers.google.com/custom -search/v1/overview

    Google: Google for Developers – Custom Search (2026). URL https://developers.google.com/custom -search/v1/overview

    work page 2026

  48. [48]

    URL https://stat.bora.dopa.go.th/stat/stat new/statyear/

    The Bureau of Registration Administration of Thailand (BORA): Official statistics registration systems (2024). URL https://stat.bora.dopa.go.th/stat/stat new/statyear/

    work page 2024

  49. [49]

    URL https: //owasp.org/Top10/2025/

    OWASP: OWASP Top 10:2025 (2025). URL https: //owasp.org/Top10/2025/

    work page 2025

  50. [50]

    URL https://info.mhesi.go.th/homestat_acad emy.php

    System and Strategic Information Management Division, Ministry of Higher Education, Science, Research and Innovation: Higher Education Institution Data (2024). URL https://info.mhesi.go.th/homestat_acad emy.php

    work page 2024

  51. [51]

    In: 2022 6th International Conference on Infor- mation Technology (InCIT), pp

    Lapwattanaworakul, J., Srisa-An, C., Angsirikul, S.: Guideline for data anonymization for data privacy in thailand. In: 2022 6th International Conference on Infor- mation Technology (InCIT), pp. 211–215 (2022). DOI 10.1109/InCIT56086.2022.10067859

    work page doi:10.1109/incit56086.2022.10067859 2022

  52. [52]

    URL https://developers.g oogle.com/search/docs/crawling-indexing/bl ock-indexing Analysis of Personal Data Exposure in Thailand 25

    Google: Google Search Central – Block Search indexing with noindex (2025). URL https://developers.g oogle.com/search/docs/crawling-indexing/bl ock-indexing Analysis of Personal Data Exposure in Thailand 25

    work page 2025

  53. [53]

    Data Privacy Manager: 20 biggest GDPR fines so far

    work page

  54. [54]

    URL https://dataprivacymanager .net/5-biggest-gdpr-fines-so-far-2020/

    (2025). URL https://dataprivacymanager .net/5-biggest-gdpr-fines-so-far-2020/

    work page 2025

  55. [55]

    URL https://support.goog le.com/websearch/answer/11080680?hl=en

    Google: Google Search Help – Remove web results from Google Search (n.d.). URL https://support.goog le.com/websearch/answer/11080680?hl=en

    work page arXiv

  56. [56]

    URL https://www.techsafety .org/removing-sensitive-content

    Safety Net Project: Removing Sensitive Content from the Internet (2022). URL https://www.techsafety .org/removing-sensitive-content

    work page 2022

  57. [57]

    IEEE Security & Privacy10(02), 71–75 (2012)

    Bailey, M., Kenneally, E., Maughan, D., Dittrich, D.: The Menlo Report . IEEE Security & Privacy10(02), 71–75 (2012). DOI 10.1109/MSP.2012.52. URL https://doi.ieeecomputersociety.org/10.110 9/MSP.2012.52

    work page doi:10.1109/msp.2012.52 2012

  58. [58]

    Telematics and Infor- matics Reports8, 100,015 (2022)

    Adnan, M., Ghazali, M., Othman, N.Z.S.: E-participation within the context of e-government initiatives: A com- prehensive systematic review. Telematics and Infor- matics Reports8, 100,015 (2022). DOI https://do i.org/10.1016/j.teler.2022.100015. URL https: //www.sciencedirect.com/science/article/pi i/S2772503022000135

    work page doi:10.1016/j.teler.2022.100015 2022

  59. [59]

    Independent study, Chu- lalongkorn University (2019)

    Chaipipat, S.: Asean governance on data privacy: chal- lenges to regional protection of data privacy and per- sonal data in cyberspace. Independent study, Chu- lalongkorn University (2019). DOI https://doi.or g/10.58837/CHULA.IS.2019.80. URL https: //digital.car.chula.ac.th/chulaetd/6946/

    work page doi:10.58837/chula.is.2019.80 2019

  60. [60]

    JMIR Med Inform12, e51,219 (2024)

    Wang, Z., Hu, F., Su, J., Lin, Y.: Information source characteristics of personal data leakage during the covid- 19 pandemic in china: Observational study. JMIR Med Inform12, e51,219 (2024). DOI 10.2196/51219

    work page doi:10.2196/51219 2024

  61. [61]

    Int J Informatics Comput Sci5(3), 246–9 (2021)

    Andani, S.R.: Analysis of information security in data leaks in the pedulilindungi application. Int J Informatics Comput Sci5(3), 246–9 (2021)

    work page 2021

  62. [62]

    Nusantara Science and Technology Proceedings pp

    Ravizki, E.N.: Criminal liability in cases of personal data leakage amid the covid-19 pandemic. Nusantara Science and Technology Proceedings pp. 91–95 (2022)

    work page 2022

  63. [63]

    BMJ381(2023)

    Malhotra, S.: India investigates alleged leak of personal data from covid vaccination database. BMJ381(2023). DOI 10.1136/bmj.p1407. URL https://www.bmj.co m/content/381/bmj.p1407

    work page doi:10.1136/bmj.p1407 2023

  64. [64]

    Frontiers in Public Health8(2020)

    Jung, G., Lee, H., Kim, A., Lee, U.: Too much informa- tion: Assessing privacy risks of contact trace data disclo- sure on people with covid-19 in south korea. Frontiers in Public Health8(2020). DOI 10.3389/fpubh.2020.00305. URL https://www.frontiersin.org/journals/p ublic-health/articles/10.3389/fpubh.2020. 00305

    work page doi:10.3389/fpubh.2020.00305 2020

  65. [65]

    URL https://www.industry.go.th/w eb-upload/1xff0d34e409a13ef56eea54c52a2911 26/m_magazine/12668/373/file_download/b29e 16008a87c72b354efebef853a428.pdf

    Ministry of Industry: THAILAND 4.0 The Next Revolu- tion (2017). URL https://www.industry.go.th/w eb-upload/1xff0d34e409a13ef56eea54c52a2911 26/m_magazine/12668/373/file_download/b29e 16008a87c72b354efebef853a428.pdf

    work page 2017

  66. [66]

    In: 2024 Research, Invention, and Innovation Congress: Innovative Elec- tricals and Electronics (RI2C), pp

    Kulrujiphat, S., Wuttidittachotti, P.: A guideline of se- curity and privacy improvement for promoting a thai government e-service digital trust. In: 2024 Research, Invention, and Innovation Congress: Innovative Elec- tricals and Electronics (RI2C), pp. 5–8 (2024). DOI 10.1109/RI2C64012.2024.10784415

    work page doi:10.1109/ri2c64012.2024.10784415 2024

  67. [67]

    Journal of Law, Information and Science23(1), [97]–136 (2014)

    Ramasoota, P., Panichpapiboon, S.: Online privacy in thailand: Public and strategic awareness. Journal of Law, Information and Science23(1), [97]–136 (2014). URL https://search.informit.org/doi/10.3316/ie lapa.347924655938976

    work page doi:10.3316/ie 2014

  68. [68]

    Heliyon9(10) (2023)

    Chatsuwan, P., Phromma, T., Surasvadi, N., Tha- jchayapong, S.: Personal data protection compliance assessment: A privacy policy scoring approach and em- pirical evidence from Thailand’s SMEs. Heliyon9(10) (2023)

    work page 2023

  69. [69]

    In: Proceedings of the 16th International Conference on World Wide Web, WWW ’07, p

    Xu, Y., Wang, K., Zhang, B., Chen, Z.: Privacy-enhancing personalized web search. In: Proceedings of the 16th International Conference on World Wide Web, WWW ’07, p. 591–600. Association for Computing Machinery, New York, NY, USA (2007). DOI 10.1145/1242572.12 42652. URL https://doi.org/10.1145/1242572. 1242652

    work page doi:10.1145/1242572.12 2007

  70. [70]

    Journal of Medical Imaging and Health Informatics9(6), 1196– 1204 (2019)

    Khan, R., Islam, M.A., Ullah, M., Aleem, M., Iqbal, M.A.: Privacy exposure measure: a privacy-preserving technique for health-related web search. Journal of Medical Imaging and Health Informatics9(6), 1196– 1204 (2019)

    work page 2019

  71. [71]

    First Monday13(3) (2008)

    Zimmer, M.: The externalities of search 2.0: The emerg- ing privacy threats when the drive for the perfect search engine meets web 2.0. First Monday13(3) (2008). DOI 10.5210/fm.v13i3.2136. URL https://firstmonday. org/ojs/index.php/fm/article/view/2136

    work page doi:10.5210/fm.v13i3.2136 2008

  72. [72]

    IEEE Access6, 78,551– 78,558 (2018)

    Guo, G., Yang, T., Liu, Y.: Search engine based proper privacy protection scheme. IEEE Access6, 78,551– 78,558 (2018). DOI 10.1109/ACCESS.2018.2885073

    work page doi:10.1109/access.2018.2885073 2018

  73. [73]

    In: 2024 7th International Conference on Internet Appli- cations, Protocols, and Services (NETAPPS), pp

    Adeeb Abdul Rahim, M.A., Mohamad, A.M., Kamarud- din, S., Wan Rosli, W.R.: Data leaks through public digital document libraries: A growing concern in relation to personal data protection and cyber security regulations. In: 2024 7th International Conference on Internet Appli- cations, Protocols, and Services (NETAPPS), pp. 1–6 (2024). DOI 10.1109/NETAPPS63...

    work page doi:10.1109/netapps63333.2024.10823567 2024

  74. [74]

    Transformations in Business & Economics 19(2) (2020)

    Onete, C.B., Vargas, V.M., Chita, S.D.: Study on the im- plications of personal data exposure on the social media platforms. Transformations in Business & Economics 19(2) (2020)

    work page 2020