Sri Lanka passes data protection legislation to handle digital ID privacy concerns

Sri Lanka’s State Minister of Technology Kanaka Herath has given assurances that the government is taking a raft of measures, including the planned enactment of data protection legislation, to ensure the privacy and security of personal data to be collected for the country’s unique digital ID project.

Speaking during a press conference on September 6, Herath said the government had already obtained the accord of parliament for a Data Protection Act, Economy Next reports. The official added that they also hope to put in place a Data Protection Authority this month.

Data privacy concerns have been raised by stakeholders in Sri Lanka over the decision to award the contract to an Indian firm, Madras Security Printing. The project will involve the collection of biographic information as well as face, fingerprint and iris biometrics to be stored and managed in a centralized database.

India, which is supporting the project financially and technically, had agreed with Sri Lanka to have the contract awarded to an Indian company.

According to Herath, the government is fully aware of these concerns, and is taking measures to handle the situation. As part of such measures, the Minister also announced the putting in place of a Cybersecurity Act, which he said, will be completely drafted by the end of the year.

Also speaking during the press conference, a member of the project technical evaluation commitee, Jayasiri Amarasena, assured that as part of the safety measures, all data will be stored in encrypted form and controlled by Sri Lanka, so that it “cannot be breached by the country that is helping us or any other country.”

He added that the system will be built with a perimeter wall to prevent intrusion into the database.

Article Topics

biometric data  |  biometrics  |  data protection  |  digital ID  |  legislation  |  Sri Lanka