No frameworks for ‘Digital’ Bangladesh!

In today's increasingly digitised world where data is the most sought after product and people's privacy are under increasing threat from both government and market actors, it is of urgent importance to think and talk about how different kinds of data should be governed. In Bangladesh, despite the government's ambitious plan to digitise the country, such conversations have been severely limited, and regulatory frameworks to distinguish between different kinds of data are either non-existent or woefully inadequate to address the challenges of a data-driven global economy.

A recent report by the Digital Trade and Data Governance Hub of George Washington University ranked Bangladesh in the bottom 10, among 68 countries and the EU. Bangladesh, scoring less than Pakistan and India, lacks personal data protection laws, an open data law for the proactive release of government information, and laws allowing for the right of data portability. The report notes that the country does not have a data ethics framework to guide public servants in using data funded, collected, and controlled by government entities in an appropriate, responsible, and ethical manner. Moreover, there are no guidelines on how nongovernmental entities can share data in different contexts, and no responsible bodies for supporting personal and public sector data-sharing among governmental entities.

The Hub seeks to "help policymakers and the public understand how governments around the world are governing data" and generate a broader understanding of data governance. But are our policymakers plugged into these urgent discussions taking place globally? Are they taking note of the policy recommendations put forward by think tanks who specialise in data governance, and the best practices of other countries that have already experimented with different regulatory frameworks? Are our policymakers even engaging with the basics – much less delving deep into – the intricacies, contradictions, and challenges of data governance?

Unfortunately, the Data Protection Bill put forward by the Bangladesh government – which could have been an instrumental first step towards ensuring people's privacy – reveal their short-sightedness and inherent refusal to understand how data works. Instead of protecting people and their privacy, the act authorises law enforcement and other authorities to access sensitive personal data both physically and remotely. Its requirement of data localisation (which means that data collected from citizens of a state has to be stored in physical devices located within the state territories) will not only hamper civil liberties, but also reduce IT-based service exports by up to 44 percent, according to local think tank Research and Policy Integration for Development (RAPID).

Notably, the Indian government has recently withdrawn its data protection and privacy bill, which had some of the same problematic provisions as the one proposed by our government, following three years of criticism from human rights advocates and tech giants. Our government, too, needs to think beyond its narrow policy of surveillance, and understand the suicidal implications of such short-sightedness if they want Bangladesh to stay relevant in an increasingly digitised global economy. It must institute regulatory frameworks that protect human rights and enable free flow of information, not restrict freedom and evolution.