The Sri Lankan Ministry of Digital Infrastructure and Information Technology introduced the framework for the proposed Personal Data Protection Bill on June 12, 2019. ‘Data Protection Legislation’ is an important public policy consideration for Sri Lankan government in the context of “digital transformation taking place in Sri Lanka with government agencies, Banks, Telco’s, ISPs and private sector collecting personal data via the Internet”, according to the official press release. It is also important as “the Right to Information Act (2016) is currently being implemented in Sri Lanka, pursuant to Article 14A of the Constitution, where the right to privacy is an exception”. To draft the legislation, the Drafting Committee looked at international best practices, such as the EU General Data Protection Regulation as well as the laws enacted in other jurisdictions, “such as Australia, Singapore and the Indian Draft Legislation”.…
