New Data Protection Act in Sri LankaAAA IPRIGHT2
There has been a lot going on in Sri Lanka at the moment. Recently, the Government of Sri Lanka announced that this country was bankrupt, declaring a temporary suspension of repayment of all external debt. However, despite this news, just a few weeks before, the Government has just issued a new Data Protection Act in Sri Lanka.
The Personal Data Protection Act was passed by the Sri Lankan Parliament without a vote after many amendments were made to the original version.
Although there have been some concerns regarding the proposed Data Protection Authority’s influence on individuals’ privacy and independence, mainly from legislators and media organizations, overall, for the most part, the Act was welcomed to make a few key changes in the country.
On the opposition, specifically, the media organization’s concerns are that they won’t have the means to utilize personal data while reporting, infringing on journalists’ rights.
Addressing this issue, Justice Minister Ali Sabry said that the law was essential, announcing that “perfect legislation does not exist. Today’s perfect legislation may not be perfect for tomorrow. Therefore we can’t sit and wait for tomorrow to do the legislation.”
He also added that the New Act will not breach the privacy of the people.
Although there are some oppositions, the Act is still evaluated by many experts in that it contains diverse provisions regarding the safeguard of the individual’s data. It likewise stipulates that a designated public corporation, statutory body, or any other institution established by or under any written law and controlled by the government be set up and known as the “Data Protection Authority of Sri Lanka”.
There are many oppositions in Sri Lanka regarding this new Act.
Opposition legislator M A Sumanthiran said the independence of the proposed Data Protection Authority was “a serious concern”.
“Change the nature of the authority and make it independent,” Sumanthiran demanded that the government needs to “change the nature of the authority and make it independent” during the debate.
Transparency International Sri Lanka (TISL) and seven media groups under Sri Lanka Press Institute have also stated their concerns about the new Act: “It does not recognize ‘Journalistic Purpose’ or data processing in the exercise of freedom of the press or freedom of expression as a condition for processing data. This means that media, including broadcast media, will be restricted from using personal data when reporting, as they become data controllers and processors in the use of personal information of others for journalistic activities.”
Meanwhile, in the private sector, Govind Chaturvedi, a trademark, social media law, and data expert has stated: “While this act does provide a number of rights for individuals or as they are referred to in the act as “data subjects” it does not have as comprehensive reach as it should, nor are the fines that stringent. It allows for the right to erasure but the right to be forgotten is not mentioned. Hence, while the law is well enunciated in certain aspects, it lacks to provide the broad overview of protection that it should. It will give the citizens of Sri Lanka to contest the right to privacy, but I see concerns of more complex problems in regard to substrata of data protection flaring up. “
Or sending your inquiry by filling the form: