Proposed Data Protection Act will establish bureaucratic control over personal info: TIB

There is a risk that bureaucratic control will be established on one's personal information, rendering the personal data vulnerable, when the proposed Data Protection Act is passed, the Transparency International Bangladesh has said.

The TIB has observed that there is no definition of personal information in the draft law. It expressed concern that the act, prepared by the information ministry, would turn into a "black law".

At a virtual discussion on Monday, it demanded massive reform to the proposed act.

In his speech, TIB Executive Director Iftekharuzzaman said in the proposed law, the investigative authority has been delegated to the police which should be given to some other government authority.

"We are not questioning the capacity of the police. The [proposed] digital security agency has also got limitless power which will create scope for misuse of the authority and it is in contradiction of the Constitution too," he said.

He noted that no independent commission in the country is effective but ineffectiveness is no excuse for not having an independent commission.

He suggested that the authority to protect data should be given to an independent commission and not to the digital security agency. 

Iftekharuzzaman also observed that it seems the draft law has been prepared whimsically without considering the detailed aspects of its implementation. This hurried approach will make the law a failure in achieving its main objectives and draw widespread criticism due to its misuse similar to what has happened with the Digital Security Act, 2018, which will harass people and malign the country's image, he added.

In his presentation, TIB Director (Outreach and Communications), Sheikh Muhammad Manzoor-e-Alam, said the power of the digital security agency is in conflict with the human and privacy rights given to the people by the Constitution. 

Countries which have implemented similar laws have had five decades of experience in such matters. As the issue is new here, enactment of a complete and effective law may not be possible immediately, he said.  

TIB suggested determining the most important and necessary issues and their solutions to incorporate in the law after discussion with stakeholders.    

In its recommendations, TIB said that in the prevailing internet ecosystem of the country where personal information is being used indiscriminately, it is impossible for a single law only to tackle all sorts of situations arising over personal data protection.