Bangladesh steps into the data protection regime
The jurisprudence of data protection stems from the right to privacy. Data protection and privacy are recognised as fundamental rights. An individual’s “private life” includes the protection of his or her personal data. Personal data, in principle, is information that identifies an individual, or is related to the individual.
Data, in the age of the fourth industrial revolution, is considered as the new currency. The amount of data created and stored every day continues to grow at an unprecedented rate, and data-driven disruptive technologies like Artificial Intelligence, Internet of Things and Big Data are continuously challenging the legal framework in every jurisdiction.
Data protection laws by and large govern processing and handling of personal information and aim to protect individuals to safeguard their privacy and protect their personal information from being misused by others. According to Privacy International, 126 countries now have data protection laws. Article 43(B) of the Constitution of Bangladesh safeguards citizens’ privacy of correspondence and communication, but such protection would not usually extend to the breach of privacy caused by a private entity or caused through peer-to-peer data-sharing.
The basic distinction between “data” and “information” is that data is unprocessed, i.e. raw facts, texts, figures, symbols or characters. Data, once refined or processed, transforms into information, and becomes useful to users. The ICT Act, 2006 of Bangladesh was intended to provide the legal framework and recognition to digital signature, electronic records and controller of certifying authorities. It was not intended to deal with data privacy or data protection, nor does it intend to do so now. However, the government of Bangladesh has enacted the Digital Security Act, 2018, and the same was published through a gazette notification on October 8, 2018. Digital Security Act, 2018, which is commonly known as the Cyber Security Act in other jurisdictions, aims to promote confidentiality, integrity, and availability of public and private information systems and networks with the goal to protect individuals’ rights and privacy, economic interests and security in the cyberspace. Therefore, the inherent purposes of the ICT Act, 2006 and the Digital Security Act, 2018 are therefore distinct.
With the enactment of the Digital Security Act, 2018, Bangladesh has stepped into the data or information protection regime. Section 26 of the Digital Security Act, 2018 defines personal data as “identity information”. Section 26 requires that an individual’s explicit consent or authorisation be obtained for collecting, selling, storing/preserving, supplying or using his or her identity information. ..Read more..