Islamabad, (October 21, 2020): An independent and autonomous Privacy Commission – without any political or executive influence – is essential for protection of citizen’s digital data and redressal for the privacy related violations. The constitution of a commission for the safeguarding fundamental rights, including the right to privacy must be in line with the guidelines of the Paris Principles.
Bytes for All (B4A) has released a report regarding the scope of a privacy commission in Pakistan. The report features the cases of different privacy commissions from Asia region, their structures, functioning and powers vested with them. It also analyses whether these models can be replicated in Pakistan for the establishment of a commission for data protection.
The report observed that data controllers and processors of personal data do not invest a lot of money in improving their systems that house sensitive personal data. The result is that they are vulnerable to cyber-attacks on daily basis. In the absence of a robust data protection law, these corporations get away with their slackness. Therefore, the government should incorporate a language in the bill that distinctly empowers the privacy commission to carry out proactive inspections of information systems of the data controllers and data processors.
Additionally, for data collection in-depth interviews with Ministry of Information Technology and Telecommunication (MoIT&T) officials and with a legal expert were conducted, along with an analysis of the proposed draft of the Personal Data Protection Bill 2020. A framework of National Human Rights Institutions (NHRIs) is applied to draw upon the best practices essential for the establishment of a privacy commission in Pakistan. It also presents an overview of the challenges pertaining to the establishment of a robust Privacy Commission in Pakistan and proposes a suitable structure for the same.
To download the report, please click here.