Inside Bangladesh’s new data protection laws
The 2022 Draft Data Protection Act (DPA), which establishes new restrictions related to the processing, storage, and transfer of data, appears to move Bangladesh’s digital governance in a different direction. The DPA is the first data-privacy law to be proposed in Bangladesh; it follows in the wake of new digital-privacy laws passed around the world over the past several years. Provisions of the bill have been met with criticism due to the restrictions they place on digital business activity and the lack of constraints established over the government’s enforcement authority.
The expansion of the digital economy raises legitimate concerns about data privacy that governments need to address. Yet, blanket restrictions on information flows, coupled with vague enforcement provisions, are unlikely to buttress consumer protections; and they may instead erode human rights. Some fear that governments can suppress opposition through digital surveillance under the guise of data governance.
This policy brief examines Bangladesh’s draft Data Protection Act. Following a brief overview of the act, it provides a framework for understanding the political tradeoffs that governments face when implementing digital-economy regulations. The article then considers how the act may influence the trajectory of Bangladesh’s integration in global markets, and the country’s prospects for continued growth.
The South Asia Center is the hub for the Atlantic Council’s analysis of the political, social, geographical, and cultural diversity of the region. At the intersection of South Asia and its geopolitics, SAC cultivates dialogue to shape policy and forge ties between the region and the global community.