The Thai government has come under renewed scrutiny this week after it passed a cybersecurity bill that has been characterised by critics as \u2018vague\u2019 and problematic for its potential to enable sweeping access to internet user data.\nThe bill passed without any government rejections, although 16 legislators were absent, and could allow the government to search and seize data and equipment if they classify the situation as a national emergency. This could enable internet traffic monitoring and access to private data, including communications, without a court order.\nThe government has defended the legislation, stating that the legislation intended to protect networks from cyberattacks and would not enable state surveillance or violate rights. The permanent-secretary of the Ministry of Digital Economy and Society told reporters that the law will not be used to regulate social media, or computers or devices belonging to the people.\nHowever, opponents of the bill are worried it could be used to silence anyone that criticises the government online.\nIn Thailand, it is already illegal to criticise the monarchy and doing so on social media or other online forums is punishable with a prison sentence. Back in 2017, a Bangkok court sentenced a man to 35 years in prison for a series of Facebook posts that were deemed insulting to the Thai Royal Family.\nAside from concerns around censorship, activists are also worried the legislation would ultimately compromise privacy and the rule of law, driving foreign businesses out of Thailand due to the burden on them to comply.\nControversial legislation throughout ASEAN\nHowever, Thailand is not the only Southeast Asian country to pass controversial cybersecurity laws. On the 1\u00a0January this year, Vietnam introduced new regulations that had free-speech advocates worried.\nThe law prohibits Vietnam\u2019s 53 million internet users from organising with or training others for anti-state purposes; including spreading false information and challenging the country\u2019s achievements or solidarity. It also requires social media companies and technology giants such as Facebook and Google to hand over data and personal information about users and remove any \u201ctoxic content\u201d that is deemed to be in violation of the law.\nThe regulation also requires foreign internet companies to operate a local office and store user information on Vietnamese soil, a directive very few non-native companies have thus-far complied with. Vietnam was reportedly the target of around 6,500 cyberattacks between January and September 2018 and critics of the law are worried that storing vast amounts of data locally will make them a continued target for cybercriminals.