Monday , December 9 2024

Data Protection Act will be a regulatory tool like DSA: TIB

Transparency International Bangladesh (TIB) believes that the draft Data Protection Act, designed to protect information, will be as arbitrary as the Digital Security Act (DSA) if it is finally passed into law. The TIB released its observations on the draft Data Protection Act, 2023 at a press conference in the capital on Monday (April 17). TIB has identified various risks in monitoring the Act.

TIB says that if the law is implemented, the government will abuse its power to monitor individuals and strengthen its control over organizations working on human rights. The TIB’s observation says that while there is a demand for the formation of an independent commission outside the control of the government to monitor the issue of personal data protection, the discussed draft proposes the formation of a data protection agency, which will be appointed by the government.

Google’s released “Vanir” Open Sources Security Patch Validation Tool

Google has announced Vanir, an open-source tool for detecting and fixing security vulnerabilities, publicly available for developers. Vanir is a...
Read More
Google’s released “Vanir” Open Sources Security Patch Validation Tool

Hacker Claim 1tb, Deloitte denies, What Inside!

The spokesperson from Deloitte told two international media that, “No Deloitte systems have been impacted,”. The allegations relate to a...
Read More
Hacker Claim 1tb, Deloitte denies, What Inside!

New Windows zero-day: Exposes credentials, Gets unofficial patch

A newly found zero-day vulnerability lets attackers steal NTLM credentials by manipulating targets into opening a malicious file in Windows...
Read More
New Windows zero-day: Exposes credentials, Gets unofficial patch

Daily Security Update Dated: 07.12.2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
Daily Security Update Dated: 07.12.2024

Patch urgently: Hundred of CISCO switches impacted

A bootloader vulnerability in Cisco NX-OS affects over 100 switches, enabling attackers to bypass image signature checks. Cisco issued security...
Read More
Patch urgently: Hundred of CISCO switches impacted

Multiple ICS Advisories Released by CISA

On December 5, 2024, CISA issued two advisories regarding Industrial Control Systems (ICS). These advisories highlight current security issues, vulnerabilities,...
Read More
Multiple ICS Advisories Released by CISA

New DroidBot malware to attack 77 banks and CES globally

DroidBot is a sophisticated Android Remote Access Trojan (RAT) that merges traditional hidden VNC and overlay functions with spyware-like features....
Read More
New DroidBot malware to attack 77 banks and CES globally

Deloitte faces alleged cyber incident, claimed over 1tb stolen

Brain Cipher, a ransomware group that emerged in June 2024, claims to have stolen 1TB of data from Deloitte UK,...
Read More
Deloitte faces alleged cyber incident, claimed over 1tb stolen

Singapore embraces AI data centres with smarter cooling systems

AI and GPU operations are crucial for modern data centers, but they generate significant energy consumption and heat. A new...
Read More
Singapore embraces AI data centres with smarter cooling systems

Daily Security Update Dated: 04.12.2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
Daily Security Update Dated: 04.12.2024

This agency is again empowered to access data, servers, prohibit data processing and order deletion of data of any controller/processor. And the fact of ensuring the proper application and execution of the Act has been left to a person appointed and necessarily controlled by the Government, with the provision that in initiating an inquiry ‘if it is reasonable to the Director-General.

Risk also states that where the government itself is the data (personal information) user and processor, it is not clear how another government agency can ensure that the government is complying with the law. It also said that such precedent of conflict of interest raises new fears that, like the Digital Security Act, this law will also be arbitrarily misused. The privacy of individuals’ information will be violated with the help of the government. If it goes against the government’s position, access to the server of any company, deletion of data and ban on data processing will happen.

As a result, the government’s power to monitor individuals, its abuses and control over organizations working on human rights will be strengthened. According to the observation, the discussed draft mentions three types of data, sensitive data; user generated data and classified data (classified data) which are subject to storage obligations within the country’s borders. It also talks about imposing restrictions on data transfer.

The risk this creates is that by keeping the data stored within the country’s borders, the power to monitor and make decisions on the data is effectively placed in the hands of the government. Given the enormous power of the Data Protection Agency under the direct control of the government and no effective safeguards against its abuse, the proposed draft will surely undermine people’s constitutional rights to freedom of speech and privacy. Monitoring of social media and people’s personal communication by various agencies of the government will be strengthened.

As data localization is expensive for small and mid-sized organizations, they will be left out of the competition. In addition, consumer spending will also increase as business expenses of all levels of organizations increase. The TIB report found that the country’s digital exports could drop by up to 45 percent depending on what kind of restrictions are imposed on data transfers. Growth rate may drop to 0.58 percent. Besides, there is fear of negative impact on foreign investment.

The draft states that, in case a company commits any offense under this Act, every owner, chief executive, director, manager, secretary, partner or any other officer or employee or representative of the company shall be deemed to have committed the said offence, unless he. Be able to prove that the offense was committed without his knowledge or that he tried his best to prevent the offence.

This section proposes a system in direct contrast to the principle of onus of proof in the criminal law. As a result, legal risk has been created for all organizations working on civil rights, media and all types of domestic and foreign organizations. And this risk is not limited to monetary penalties as the Criminal Procedure Code provides for enforcement. The experience of harassment of journalists and civil society under the Digital Security Act in Bangladesh does not guarantee that nothing will be done with the Data Protection Act.

Dr. Iftekharuzzaman, Executive Director of TIB, consultant-executive management, Sumaiya Khair, Outreach and Communication Director Sheikh Manzoor-e-Alam, Data Protection Expert Dr. Tariqul Islam were present at the press conference.

 

 

Check Also

Delinea’s customer meetup at Dhaka, promising quality services

Delinea is a leading provider of privileged access management (PAM) solutions that make security seamless …

Leave a Reply

Your email address will not be published. Required fields are marked *