Bangladesh's Data Protection Bill

Of the few countries in Asia which do not have data privacy laws or Government Bills, Bangladesh is the most likely to enact such a law. The government released The Data Protection Act, 2022 for public comment in April 2022, but it has not yet reached the floor of Bangladesh’s unicameral Parliament. This article is a brief introduction to the Bill, its strengths and weaknesses, noting key features such as:* A confusing approach to extra-territorial application.* A mistaken exclusion of pseudonymous data.* A reliance on consent rather than legitimate grounds for processing.* A separate requirement to protect ‘the right of privacy’ in data collection, processing and use.* A non-independent Data Protection Office (regulator) must be established by the government, controlled by the Digital Security Agency, and headed by its Director-General.* The maximum penalties or compensation will be US$ 5,000 (approx. 500,000 (5 lac) Bangadeshi rupees (taka)).