Reviewing the new draft, Muhammad Ershadul Karim, senior lecturer of the law and upcoming technologies department at the Universiti Malaya in Malaysia, told Prothom Alo, “There is some hope that the government has considered some changes in the draft. However, the draft is still too restrictive. It is worrisome when a law is too restrictive. Besides, the definition of data must be clearer. In addition to that, there is no mention of the definition and standard of privacy in the draft.”
The definition of data must be clearer. In addition to that, there is no mention of the definition and standard of privacy in the draftMuhammad Ershadul Karim, senior lecturer, law and upcoming technologies department, Universiti Malaya
The new draft mentions localisation of data, that is keeping the data within the country. However, there is also scope of transferring data in case of international trade, international relations or for any other issues specified by the government. It has also been mentioned that the government will have the authority to join an international alliance or multilateral agency if needed.
One of the demands of the stakeholders was giving them time before the implementation of the law. A three year time period has been given for the implementation of the law in the new draft.
The draft has some concerning sections as well. For instance, according to the new draft of the data protection law, the director general will have the authority to order the people affiliated with data processing and other concerned people to provide him with any data he needs. The data analyst or the controller must abide by the order. It means that the government can get any data whenever it wants.
According to the section 10/A of the draft, the people concerned can collect data from the analysts in case of threat to national security, prevent crimes, identify criminals and for investigation.
The United Nations expressed concern over this provision saying, if this provision stands, then the data stored in the server or in the data centre will always be under government vigilance. There will be pressure on the private companies to leak confidential data. Therefore, this section of the proposed data protection law may weaken the democratic governance in the country.
There were recommendations from different organisations for the formation of an independent data protection agency under the data protection law. The draft states that the government will form a separate agency in this regard. And the government will recruit the manpower needed for that agency.
The new draft further states that the government can ask the director general for reports on any data processed under this law if needed and the director general will be bound to provide that.
Besides, no one can file any complaint to the court directly if his or her right to privacy is breached, according to the provisions mentioned in the new draft.
Five representatives from the civil society met with law minister Anisul Huq regarding the Digital Security Act and the proposed data protection law. However, there was no discussion on the data protection law.
Speaking to the newspersons after the meeting, Iftekharuzzaman, executive director of Transparency International Bangladesh (TIB), said they would review the draft first and would hold a meeting with the law minister in this regard on 6 April.