According to the Asia Internet Coalition (AIC), which is comprised of major digital media companies, the “Pakistan Draught Data Protection Bill 2023” raises several questions and fails to address the majority of the industry’s substantive concerns.
Foreign internet businesses will be hampered in their capacity to do business in Pakistan under the current version of the bill, which will have a chilling effect on investment and slow the country’s economic recovery. In a letter to Amin ul Haque, Federal Minister for Information Technology and Telecommunication, AIC Managing Director Jeff Paine expressed concern that local Pakistani businesses could be barred from using competitively priced global cloud services.
The Ministry of Information and Communications (MoITT) published a draught of a bill to protect individuals’ personal data on May 19, 2023. The AIC, on behalf of its members, has submitted comments on the draught bill to the MoITT.
Important Points Raise for Data Protection Bill
The newest Draught Personal Data Protection Bill 2023, published in May 2023 (the Bill), has four major flaws:
The Bill introduces a requirement to share sensitive personal information with the Government; the age of a child under the Bill should be thirteen, not eighteen; the Data Localisation requirement mandates that critical personal information must only be processed in Pakistan; and there should be a set maximum fine payable for breaches of the Bill.
Overly broad and nebulous definitions of key terms like sensitive personal information and critical personal information, globally divergent data subject rights, and expansive powers of the Commission are all things that the Bill fails to address. This will have a negative effect on Pakistani consumers and enterprises because these regulations do not meet international data protection standards (like GDPR),” he noted.
They value the opportunity to make input on the Bill, and he added that data protection is a crucial part of any privacy regime. When it comes to the creation of national personal data protection policies and regulations, AIC and its members have worked closely with governments around the world.
By doing so, we have seen firsthand the potential for such laws and legislation to protect the privacy concerns of citizens without stifling innovation and technological progress. While the letter acknowledged the efforts being made by the Government of Pakistan and the Ministry of Information Technology and Telecommunications (“MOITT”) to further refine the data legislation, it also expressed continued concerns, particularly regarding the cross-border transfer of “critical” and “sensitive” personal data.
For more insight into how the Bill would affect industry perspectives and priorities, AIC has called for a roundtable discussion. We also plan to talk about how we can work together and have conversations with the government to improve the Personal Data Protection Bill 2023. The message continued, “As such, we would be happy to schedule a video conference meeting with you or your team at your earliest convenience.”
To read our article about “Cabinet approve Rehmat Ali Hasnie new NBP CEO for 3 years” click here.
