Press Release
Dhaka, 11 October 2025: Transparency International Bangladesh (TIB) has expressed deep concern, frustration, and disappointment over the hasty approval of the Personal Data Protection Ordinance 2025 and the National Data Governance Ordinance 2025 in the Advisory Council without adequate expert consultation and stakeholder engagement. TIB has also called upon the government to suspend both ordinances and move forward only after ensuring meaningful stakeholder participation and taking expert opinions into account.
In a statement issued today, TIB Executive Director Dr. Iftekharuzzaman said, “The draft of the Data Protection law had been going through a prolonged phase of contention between stakeholders and the former authoritarian government before its fall. After assuming responsibility, the interim government initially followed a proactive and inclusive participatory process, which led to several positive changes. However, it is reprehensible that the government has ignored stakeholders’ recommendations regarding critical weaknesses and risks in the draft and unilaterally approved the latest draft in the Advisory Council in secrecy without informing stakeholders. Surprisingly, the approved draft has excluded internationally recognized data protection principles—such as lawfulness, fairness and transparency, purpose limitation, data minimization, accuracy, integrity and confidentiality, and accountability—which are considered the lifeblood of such laws. This has set a regrettable precedent of making the ordinance crippled and ineffective from the very beginning.”
According to the version of the draft obtained by TIB, the provision under Subsection 15(4) creates scope to exempt data controllers and processors from their duties and responsibilities, which TIB describes as a deceptive loophole. Referring to Section 24 regarding exemptions, Dr. Zaman noted that the ordinance allows broad access to personal data in the name of “crime prevention.” He said, “It is essential to clarify under what considerations and objectives such provisions—intended to protect data—have instead been kept as tools for control and surveillance. The authority to use personal data in the name of national security and public interest has also been retained. Allowing government agencies unrestricted access to data servers without judicial oversight creates serious risks of misuse. Furthermore, the core constitutional commitment to ensuring the privacy of personal information is not reflected in the draft, which is truly alarming.”
TIB has also expressed concern that the way misuse of information has been criminalized in the ordinance is objectionable, and its potential negative impacts on business and commerce have not been duly considered. Commenting on the lack of an independent authority for data protection—despite longstanding demands—Dr. Iftekharuzzaman added, “Almost abruptly, the draft National Data Governance Ordinance 2025 has been approved to form a so-called interoperability authority, despite being inconsistent with global practices and based on unrealistic concepts, and without any notable expert consultation or stakeholder engagement. According to expert opinion, this poses serious risks and could have self-defeating consequences. Unfortunately, no meaningful effort has been made to gather or consider broader stakeholder feedback outside government and bureaucratic circles, which is a disappointing example of authoritarian practice.”
TIB emphasized that, in today’s digital world, the need to enact legislation related to data governance is undeniable. However, attempting to address such a complex issue merely through one or two laws—without assessing the full scope of the digital ecosystem, identifying existing gaps, involving relevant experts and stakeholders from the outset, or weighing the potential costs and benefits—will only increase complications instead of solving problems. It will also heighten the risk of multidimensional rights violations, particularly through increased government surveillance over personal and business data. TIB called upon the government to refrain from enforcing the two ordinances in their current form and to ensure meaningful engagement with relevant stakeholders and experts. The organization urged that their opinions be duly incorporated to make necessary amendments before implementation.
Media Contact:
Mohammad Tauhidul Islam
Director, Outreach and Communication
Phone: +8801713107868
Email: tauhidul@ti-bangladesh.org
