Over the last two decades, digital information and communication technologies have become the focus of heavy-handed state intervention in Bangladesh. The government introduced two internet security laws, both woefully inadequate to address the challenges of the evolving nature of the internet.
Then in early 2021, in response to a public interest litigation, the Bangladesh Telecommunication Regulatory Commission drafted a new online content regulation bill. Disappointingly, the current draft of the regulation mirrors India’s problematic Information Technology Rules, 2021.
In addition to broad categories of “restricted speech,” the regulation mandates traceability of private communications over internet-based messaging services, without affording sufficient safeguards to counteract executive abuse.
This requirement is incompatible with the privacy-protective features of encryption technology, and paves the way for the government to issue overreaching tracing orders and disclosure requests, in violation of citizens’ fundamental right to privacy.
At the same time, the government is also drafting a new data protection legislation, which requires mandatory localisation of personal and non-personal data in Bangladesh.
Notably, the localisation requirement extends to user-generated content, which means potentially all interactions over social media platforms, instant messaging and video communication applications, and emails, as well as metadata of users, may have to be stored in data servers and centres in the country. As the 2020 Freedom House report…