The Thai Cabinet has recently approved the principles of the Draft Royal Decree which will exempt three categories of personal data processing activities from compliance obligations under the Thai Personal Data Protection Act (PDPA), namely, (a) public security and taxation, (b) public interests and international cooperation, and (c) legal proceedings and relevant cooperation.