THE issues that raised concerns about the Personal Data Protection Act 2022 when its draft was posted online in April to solicit public opinion are still there in the revised draft, adding to fears that the legal provisions could be abused for purposes partisan and further raising fears for a journey to a more surveillance-based society. There was the absence of the proper definition of certain terms in the draft, ambiguity in certain sections which could be matters of debate regarding their misinterpretation and the misplacement of law enforcement. The project review contains all the flaws and all the fears, as members of civic groups, business people and journalists said in a discussion hosted by the Information and Communications Technology Division July 17. The revised draft does not contain appropriate definitions of terms such as “personal data”. and “information”, although the law intends to protect personal data. Although the absence of proper definitions leaves room for misinterpretation of terms, leading to likely misuse or abuse, there is concern that the law could be misused or abused in the same way as the Digital Security Act 2018 has so far been widely misused or abused. .
The proposal gets even scarier as even the revised bill makes the Digital Security Authority, the highest authority in the Digital Security Act 2018, also the highest authority in the current legislation. This establishes a formidable link between the two laws and the enforcement authorities. Experts believe that such a proposal is contradictory. While the Digital Security Agency acts to monitor private data or information, the Data Protection Office should act to protect private data or information. Government, of course, must collect information for legitimate purposes such as recognizing patterns aimed at good governance, but even then members of government and security agencies may use the data for illegitimate purposes and misuse or abuse data through individual profiling. because of the power, reach and resources they have. The misuse or abuse of a law depends on the character of the state, and the character of a state depends on the government. Experts therefore believe that the way the law was drafted suggests that the government is trying to intrude on people’s privacy when the law should, in fact, protect citizens’ privacy and not jeopardize the civil liberty.
A law is needed to protect personal data and prevent its unauthorized use. But the law must in no way infringe the privacy of individuals and must not allow any illegitimate use of personal data. The Minister of Justice hopes to hold further discussions on the review. It is therefore expected that the authorities will purge the legislation of any provisions that could allow its misuse. The government should also set up an independent commission outside the control and framework of the government, as has been done in many other countries, to effectively deter any misuse of the law.