Skip to content

Tuesday | April 28, 2026 | Dhaka

TIB seeks amendments to Data Protection Act

 New Nation
 Published: 12:00 AM, 21 September 2023

Staff Reporter :
Transparency International Bangladesh (TIB) has called for amendments to the “Data Protection Act 2023” to ensure clear definitions of personal data, judicial oversight, and the establishment of independent and impartial authorities outside government control for personal data protection.

The TIB made this demand at a press conference titled “Data Protection and Privacy Act 2023: Review and Recommendations,” held at its office in the capital on Wednesday.

They also emphasised avoiding unnecessary complications, like those found in the Cybersecurity Act, and involving relevant experts and internationally recognised discussions before finalizing the legislation.

TIB Executive Director Dr. Iftekharuzzaman, said, “The definition of personal information in the law is unclear and insufficient.

The lack of a specific definition leaves room for errors and misinterpretations, and allows for the misuse and lack of control over personal information.”

“Therefore, the law needs to be strengthened and revised to prevent it from being misused for ulterior motives.

The definition of personal information presented in TIB’s working paper should be incorporated into the law.

Secondly, the title of the law should be changed to ‘Personal Information Protection Act-2023’.

The change in title, without any substantive changes to the content, will trigger a loophole in the acceptance of the law, which will question its acceptability,” he said.

Dr. Iftikharuzzaman stated, “If the critical provisions within the law are not amended, the law will allow for the control of personal information rather than its protection.

This is not something the government itself would want, nor would the public.”

Emphasising the necessity for data protection laws for the people, he said, “The law should not be rushed through, similar to the Cybersecurity Act.

Before finalising the law, it must be discussed with stakeholders in parliament.”

“It should be ensured that the Personal Information Protection Board or the relevant authorities can operate independently, outside the control of the government.

Otherwise, if the government has access to personal information, there will be no opportunity for redress,” he pointed out.

If the user of personal information and the guardian of personal information security are the same entity, it will create a conflict of interest.

To prevent such conflicts of interest, the law must include specific provisions, he said.