FRAMEWORK FOR THE PROPOSED PERSONAL DATA PROTECTION BILL
Framework for a Proposed Data Protection Legislation (Download - Updated_version)
The Ministry of Digital Infrastructure and Information Technology has taken cognizance of the fact that Data protection has become increasingly important in an information age, where personal data is a significant asset for Government agencies, Banks, Companies, SMEs etc.
Although Sri Lanka does not have a cross sectoral Data Protection Law, there are several Data Protection enabled legislation, such as the Banking Act (1988), Licenses issued under the Telecommunications Act (1991), Intellectual Property Act (2003), Computer Crimes Act (2007) and the Registration of Persons (Amendment) Act No. 8 of 2016.
In view of the digital transformation taking place in Sri Lanka with government agencies, Banks, Telco’s, ISPs and private sector collecting personal data via the Internet, the subject of Data Protection has become an important public policy consideration. In addition, the Right to Information Act (2016) is currently being implemented in Sri Lanka, pursuant to Article 14A of the Constitution, where right to privacy is an exception.
Taking the above into consideration and based on the request made by the Central Bank of Sri Lanka, pursuant to stakeholder meeting held at the Central Bank on 19th September 2018, this Ministry took steps to formulate Data Protection Legislation.
In formulating Draft Legislation, the Drafting Committee examined international best practices, such as the OECD Guidelines, APEC Privacy Framework, Council of Europe Data Protection Convention, the EU General Data Protection Regulations as well as laws enacted in other jurisdictions, such as Australia, Mauritius, Singapore and the Indian Draft Legislation.
The Framework for a proposed Data Protection Legislation is now available through the website of this Ministry for stakeholder comments and it provides an outline of the key principles and provisions proposed to be included in the Draft Bill. This framework would also be reviewed by an Independent Review Committee, co-chaired by Hon Justice K.T. Chitrasiri & Prof Savithri Goonesekera.
Any Comments/ feedback along with suggestions can be submitted on or before 01st of July 2019, using the enclosed template and please send it to the following email address.(Download)
There will another opportunity for review, when the Draft is published in the gazette as a Bill.
Ministry of Digital Infrastructure and Information Technology
12th June 2019