Back to Resources
Strategy

Data Sovereignty for Thai Firms: Why Public AI Models Are a Security Liability

The productivity gains from AI tools are real. A partner who drafts a contract summary in three minutes instead of forty-five is not imagining the time saved. What many Thai professional firms have not yet worked through is the other side of that transaction: when client documents go into a public AI model, where do they go, and who can access them later?

For a Thai law firm or accounting firm, this is not a theoretical question. It is a direct professional obligation. The clients whose contracts are uploaded, whose financials are summarised, and whose tax positions are analysed have a reasonable expectation that their information stays inside the firm. Most public AI tools, used without specific enterprise agreements, do not guarantee that.

This article is about understanding the difference between the AI tool you can open in a browser tab and the AI infrastructure that Thai professional firms should be using for client work.

What Public AI Tools Actually Do with Your Data

The default terms of service for most public AI tools, including the consumer versions of popular models, permit the provider to use submitted content to improve and train their systems. This means that when a partner uploads an unsigned M&A term sheet and asks the model to identify deal risks, that document, or a processed version of it, may become part of the data the model learns from. The counterparty’s identity, the deal structure, and the commercial terms are all in that document.

A public AI tool is not a secure professional environment. It is a browser-based service with consumer-oriented defaults. Most Thai professional firms using these tools for client work are operating on the assumption that the interface feels private. The interface does feel private. The data handling terms often say otherwise.

This matters for two specific reasons in a Thai professional services context.

First, client confidentiality is a core professional obligation under both the Lawyers Act and the accountancy profession’s standards. Disclosing client information to a third party, even inadvertently through a technology tool, is a breach of that obligation.

Second, the Personal Data Protection Act creates specific requirements around how personal data is shared with third-party data processors. When a public AI tool receives a document containing client personal data, that tool is acting as a data processor under PDPA. The firm is responsible for ensuring that processor meets PDPA requirements. Most consumer AI tools do not provide a Data Processing Agreement. A privacy policy is not a substitute.

The ETDA Framework and What It Expects from Firms

Thailand’s Electronic Transactions Development Agency has established an AI governance framework built on three pillars: Unlock, Promote, and Protect. The Protect pillar is directly relevant to how professional firms should evaluate their AI tools. It establishes ethical standards for AI deployment, including protections against algorithmic discrimination and data misuse, without imposing blanket bans on AI technology.

The practical implication of this framework is that firms operating in Thailand are expected to make deliberate choices about how they deploy AI, not simply use whatever tool is most convenient. “Verifiable AI” is the standard emerging from this context: AI where the firm can demonstrate exactly where data goes, how it is processed, and confirm that it is never used to train external models. This sits squarely within the Protect pillar’s expectation that AI adoption is accountable rather than accidental.

Thailand has also formalised a national AI Sovereignty concept (อธิปไตยทาง AI). The government is investing in domestic Small Language Models trained on Thai data, reducing dependency on foreign models, and building data governance frameworks that keep sensitive Thai information within Thai jurisdiction. This national-level direction has downstream implications for professional services firms: as regulatory expectations mature, firms that have already implemented verifiable AI practices will be in a stronger position than those that have not.

What Verifiable AI Means in Practice

The term is used loosely, but for a professional services firm the test is specific. There are three questions to ask about any AI tool used for client work.

Where does the data go? The document that enters the model must stay within a defined, auditable environment. It should not leave that environment to reach third-party subprocessors or training pipelines without explicit consent from the firm and its clients.

How is it processed? The firm should be able to verify that processing occurs in a specified geographic location, under a defined legal framework. For Thai client data, this typically means processing within Thailand or in a jurisdiction that meets PDPA adequacy standards.

Is there a contractual basis? The firm should hold a formal agreement with the AI provider that includes data processing terms, specifies retention and deletion timelines, and provides audit rights. A consumer account with a privacy policy does not fulfil this requirement.

If a firm cannot answer all three questions affirmatively, the tool is not appropriate for use with client data. This standard does not require advanced technical knowledge. It requires the same deliberate vendor assessment that firms should apply to any third party that receives client information.

Sovereign AI Infrastructure: Thailand’s Position

One of the concrete developments in Thai AI infrastructure is the partnership between AIS, Thailand’s major telecommunications provider, and Oracle to operate a Hyperscale Cloud environment staffed entirely by Thai personnel and governed under Thai law. This facility has been certified by the Digital Economy Promotion Agency (depa), signalling state recognition of domestically operated cloud infrastructure as a credible foundation for AI deployment by Thai organisations.

The global picture behind this development is worth understanding. Only 32 countries host AI-specialised data centres, and the United States, China, and European Union together control over half of the world’s most powerful computing capacity. More than 150 countries have no AI data centre infrastructure at all. Thailand is deliberately positioning itself outside that group, investing in domestic infrastructure that allows Thai organisations to process AI workloads within Thai jurisdiction rather than routing sensitive data through foreign systems.

For a boutique professional services firm, the infrastructure question is handled by the software platforms they choose. The firm does not need to operate its own data centre. What the firm needs is software whose AI components run on infrastructure that satisfies the verifiable AI standard: known location, auditable processing, contractual data protection. The existence of Thai-certified sovereign cloud infrastructure means that software providers serving Thai firms have credible options for where to build.

What Clients Will Start to Ask

The enterprise procurement trend is already visible in Thailand’s large-corporate sector. Companies managing their own PDPA compliance and conducting vendor risk assessments are beginning to ask their professional advisors for information about how client data is handled in AI-assisted workflows.

For a boutique firm serving mid-market clients, this may feel like a future concern. It is closer than it appears. As Thai listed companies face PDPA audits and their own governance obligations mature, the question of how their law firm or accounting firm handles sensitive data in AI tools will move from an informal consideration to a formal procurement checklist item. A firm that can answer that question with documented infrastructure and a signed Data Processing Agreement is in a better position than one that responds by describing the consumer version of a popular AI chat tool.

Clients will not always frame this question in technical terms. It may arrive as: “How do you keep our information confidential when you use AI?” The answer a firm gives in 2026 will increasingly determine whether that client relationship renews.

FirmFlow and the Ring-Fenced Environment

FirmFlow processes client documents, meeting transcripts, and matter data within an enterprise-grade, ring-fenced environment. The AI that analyses a contract, summarises a meeting, or drafts a report operates within a controlled system where client data does not leave the platform or feed into public model training. The firm’s matter record, the client’s documents, and the AI-generated findings remain within the platform.

This is the infrastructure difference between using a public browser-based AI tool for client work and using AI built into a professional services platform with defined data governance. FirmFlow provides the data processing terms, the data location specification, and the audit trail documentation that verifiable AI requires. A firm using FirmFlow for its AI-assisted workflows has an answer ready before the client question is asked.

The Standard Is Clear

The productivity argument for AI is settled. The security argument is the conversation that Thai professional firms need to have internally in 2026. The question is not whether to use AI for client work. It is whether the AI being used meets the professional and regulatory standards that client work requires.

The ETDA framework, Thailand’s AI Sovereignty strategy, and the PDPA’s requirements all point in the same direction: AI adoption that is deliberate, verifiable, and contractually grounded. That standard is achievable. The first step is distinguishing between tools built for individual consumers and infrastructure built for professional services work. Most Thai firms that make that distinction carefully will find they need to change something about the AI tools they are currently using for client work.

Read the full guide, it's free

Join thousands of Thai professionals getting practical firm management insights.