THE government’s move to allow entities in the private sector to handle data of mobile subscriber’s identity module cards that have citizen’s personal data is worrying as it runs the risks of grave consequences. The Telecommunication Regulatory Authority is reported to have issued on January 25 a letter to mobile operators asking them to prepare the database by February 14. With the operators not having sent any report to the authorities in this connection, the regulators sent another letter on March 19 asking the operators to complete the task by April 2. The High Court, however, on March 20 issued a rule on a writ petition — with the cabinet secretary, the principal secretary to the Prime Minister’s Office, the home secretary, the posts and telecommunications division secretary, the information technology division secretary, the chief election commissioner, the director general of national identity cards, the Telecommunication Regulatory Authority chair and the Bangladesh Mobile Operators’ Association having been made respondents — asking why the directive for mobile operators to set up separate database with user’s personal data in national identity cards would not be cancelled. The court has also sought to know why citizen’s personal data would not be preserved under the home affairs ministry and the Election Commission.
It is in this context, lawyers, politicians, cyber security experts and activists at a press conference that the Bangladesh Mobile Phone Consumers’ Association held in Dhaka on April 20 have denounced the government move, noting that it is the government that should protect citizen’s personal data and ensure data security. They have said that the move is unconstitutional as the constitution in Article 43 (b), ‘Protection of home and correspondence’, lays out that every citizen will have the right, subject to any reasonable restrictions imposed by the law, to the privacy of correspondence and other means of communications. A legal expert says that the move, which constitutes an affront to the Right to Information Act 2009, also invades the Universal Declaration of Human Rights. A cyber security expert says that if the move came into effect, Bangladesh would be the first nation in South Asia that will have allowed the private sector to manage citizen’s personal data. While such a move could have grave consequences, the Mobile Phone Consumers’ Association seeks to view this as a device to afford vested quarters in the private sector easy money as mobile operators are now charged Tk 5 for the verification of data of active SIM cards through the Election Commission and there has been a whiff in the air that once the move came into effect, mobile operators could be charged Tk 10 instead. With 192.60 million SIM cards having been active, the profits could be very high.
With no personal data protection law, which was heard of several times in 2022, not having been made and enforced yet, the government’s move at hand could spell disaster. The government must, therefore, walk back its move on the task of handling citizen’s personal data by private-sector entities.