Charting Progress: Sri Lanka's PDPA Implementation - Part 1

Panelists Discuss Scope of PDPA and Its Global Regulatory Context
Clockwise, from top left: Oshada Senanayake, Brian Pereira, Sujit Christy, Sanduni Wickramasinghe and Jayantha Fernando

Sri Lanka launched the Personal Data Protection Act, or PDPA, to provide regulation for the processing of personal data, to identify and strengthen the rights of data subjects in relation to the protection of personal data, and to facilitate the establishment of the Data Protection Authority.

Jayantha Fernando, digital law specialist and partner at Heritage Partners, provided a recent timeline of events and updates since the rollout of Part V of the PDPA. Fernando is among the security practitioners who were consulted or involved in the drafting of the PDPA.

"It [the new regulatory board of directors] will first set up the institutional framework for which some other provisions will be brought into operation sometime [in the future]," said Fernando, citing an October 2023 announcement from Sri Lanka's Presidential Secretariat.

The Act derived inspiration from data protection regulations worldwide, including the GDPR, Convention 108+ and APEC Privacy Framework.

In Part 1 of this panel discussion with the Information Security Media Group, the panelists discussed:

  • Sri Lanka's Personal Data Protection Act No. 9 of 2022;
  • Objectives of the Data Protection Authority of Sri Lanka;
  • A comparison of PDPA with other global legal frameworks.

Wickramasinghe provides legal consultancy services in relation to privacy, data protection, digital governance and rights under legal frameworks in Sri Lanka.

Fernando leads the technology, media and telecommunications practice at Heritage Partners. He has more than 25 years of international experience in a range of digital law and policy issues.

Christy is a cybersecurity adoption evangelist providing vital guidance to improve cyber defenses while raising cybersecurity awareness to improve risk reduction and compliance.

Senanayake is the chief operating officer of digital transformation at Brandix. He is a digital transformation specialist with more than 17 years of experience in corporate management, strategy formulation and implementation, process optimization, and software development.

About the Author

Brian Pereira

Brian Pereira

Sr. Director - Editorial, ISMG

Pereira has nearly three decades of journalism experience. He is the former editor of CHIP, InformationWeek and CISO MAG. He has also written for The Times of India and The Indian Express.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.