-
Approved by AG last Saturday
-
Set to be submitted to Cabinet this month
Information and Communication Technology Agency (ICTA) of Sri Lanka Chairman Prof. Lalith Gamage[/caption]
Sri Lanka’s Data Protection Bill has been cleared by the Attorney General’s (AG’s) Department, paving way for it to be submitted to the Cabinet for approval by the end of July, following several months of delays, The Morning Business learns.
Speaking to us, Information and Communication Technology Agency (ICTA) of Sri Lanka Chairman Prof. Lalith Gamage said that the Data Protection Bill would be presented to Cabinet either by the end of this month or early August 2021.
The ICTA Chairman stated yesterday (1): “We are on schedule; ICTA is still targeting to present the Data Protection Bill at the end of July, or by early August.”
He further said that the AG has granted approval under Article 77 of the Constitution for the aforesaid Bill last Saturday (26 June). Therefore, ICTA is currently involved in the process of preparing the Bill for Cabinet approval, which would be communicated by the AG to the Speaker of Parliament.
“These are the procedural aspects of the Bill only,” he said, implying that ICTA would be able to proceed with the Bill to the Parliament following the completion of the draft of the aforementioned Bill.
“This is a landmark Bill,” noted Prof. Gamage, emphasising that Sri Lanka happens to be the first country in the South Asian region to enact a Bill with the object of ensuring the protection of privacy in the digital era.
The final draft of this proposed Bill was scheduled to be published by the month of May. However, The Sunday Morning Business later learnt that the draft to the Bill, in fact, was delayed by another two months due to the prevailing pandemic situation at the time. Explaining the delay, Prof. Gamage said: “Firstly, it was due to the prevailing Covid-19 conditions, which have also resulted in employees working from home, and secondly, because of several other barriers to achieve the result.”
The draft of the Bill was previously finalised in 2019 by the previous Government. Since then, the draft was not only re-amended on multiple occasions, but was also scheduled for submission to Parliament on two occasions.
On an earlier occasion, ICTA Director and Legal Advisor Jayantha Fernando told The Sunday Morning Business that the amendments to the Bill were based on the feedback of several other stakeholders, including the Central Bank of Sri Lanka (CBSL), the AG’s Department, and the Ministry of Justice.
Moreover, at the recently conducted three-day discussion on the proposed Bill, ICTA elaborated that the said Bill subsequently contributes to the digital economy of the country. Fernando said: “The law broadly spells out a range of obligations by entities collecting data and the rights of individuals who provide data. From a duty of care perspective, this law imposes a set of obligations on organisations that collect data and how they would process it. The Bill will be in line with internationally acceptable standards.”
The proposed Data Protection Bill aims to develop a digital economy in line with globally recognised standards, and it details the rights of both data collection agencies and data providers, said ICTA General Counsel Jayantha Fernando.
Meanwhile, ICTA Chief Digital Economic Officer Anura de Alwis said: “The key factors considered by future investors would be the skills of the workforce, the economic conditions, and the extent to which the industry and legal frameworks support it." He added that the proposed Bill would give prospective investors confidence in data security and privacy.
ICTA Industrial Development Director Chiranthi Balapatabendi, speaking at the said conference, said that data security and privacy are key areas of concern for the ICT industry, and added that even before the new laws were in line to be enacted, organisations and industries were concerned about data protection and policies when serving their customers.