TIB criticises hasty approval of data protection, data governance ordinances without expert consultation
In a statement today (11 October), TIB urged the government to suspend both ordinances and move forward only after ensuring meaningful participation from relevant stakeholders and taking expert opinions into account.
The Transparency International Bangladesh (TIB) has expressed deep concern and disappointment over the government's hasty approval of the Personal Data Protection Ordinance and the National Data Governance Ordinance in the Advisory Council without adequate expert consultation or stakeholder engagement.
In a statement today (11 October), TIB urged the government to suspend both ordinances and move forward only after ensuring meaningful participation from relevant stakeholders and taking expert opinions into account.
TIB Executive Director Iftekharuzzaman said the earlier draft of the Data Protection law had already faced extensive criticism and debate during the former government's tenure.
Keep updated, follow The Business Standard's Google news channel
"After taking charge, the interim government initially pursued an inclusive process that led to positive changes. However, it is reprehensible that the government ignored stakeholders' recommendations on critical weaknesses and risks, approving the final draft secretly without informing them," he added.
According to TIB, the approved draft omits key internationally recognised principles of data protection — such as lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, integrity, confidentiality, and accountability — rendering the ordinance "crippled and ineffective from the outset."
TIB also highlighted specific concerns, including Subsection 15(4), which allows data controllers and processors to be exempted from responsibilities, and Section 24, which grants broad access to personal data in the name of "crime prevention" and "national security."
Iftekharuzzaman warned that these provisions could be used for control and surveillance instead of protection, especially since the law allows unrestricted access to data servers without judicial oversight.
"The ordinance fails to reflect constitutional commitments to privacy and could open the door to serious misuse of personal information," he said.
TIB further criticised the approval of the National Data Governance Ordinance, which establishes an "interoperability authority" without ensuring independence or expert input. "This ordinance, inconsistent with global practices and based on unrealistic concepts, poses serious risks and could have self-defeating consequences," the TIB executive director said.
The watchdog also noted that the criminalisation of information misuse in the ordinances could negatively affect business and commerce.
Emphasising the importance of comprehensive and inclusive policymaking, TIB said that addressing complex data governance issues through one or two laws, without assessing the entire digital ecosystem or involving experts, will only worsen complications and increase the risk of rights violations, including expanded government surveillance over citizens and businesses.
TIB also called on the government to halt implementation of the two ordinances in their current form and to initiate an open, participatory process to revise them in line with constitutional rights, global standards, and expert recommendations.
