The Daily Star: Bangladesh: Friday, June 15, 2018.
In the days
before May 25, email users all over the world were bombarded with a barrage of
electronic messages updating them on something called the General Data
Protection Regulations (GDPR). Observers claim that the number of messages
dispatched by businesses throughout the world on the occasion might have
surpassed those sent during Christmas or New Year. On that day, Europe became
subject to the GDPR, a law aimed primarily at bringing outdated personal data
laws across EU up to speed with the fast-moving digital era. GDPR has an impact
far beyond Europe.
The GDPR
foresees new rules on the collection of personal information/data by businesses
and public sector organisations from EU citizens. It defines the limits for
processing of such data and sets new rights for citizens on the use or abuse of
their personal data. It confers on citizens the right to access information
that companies hold on them. It establishes strict criteria for businesses on
the transfer of such data outside EU; importantly, the law also includes
measures to be taken if this new law is violated.
GDPR goes
beyond EU boundaries because of the tremendous reach of modern technology.
Every entity that operates within the EU or deals with EU citizens, wherever
they may be, must ensure that their activities comply with GDPR.
It is this
global impact of the GDPR which explains why people all over the world,
including in Bangladesh, received email messages from such entities as Apple,
Amazon, Facebook, Google, Microsoft, Twitter and hundreds of others to which
they are linked. The new regulations require the entities to inform us about
the security and processes of all data they have on us, to comply with GDPR.
Even local
companies in Bangladesh are updating their privacy policies and informing their
clients/subscribers. For example, airlines and travel agencies are informing
their online clients about their new privacy policy, in case there are EU
citizens among them. This is a good omen. Not very long ago, hardly anybody
bothered with the privacy of individuals.
Such
developments underline the importance of transparency in relation to
information needs and data protection of citizens. It heralds the advent of new
standards in the relationship between citizens and the state, in particular.
The latter must change from the age-old culture of secrecy and autocracy and
move towards transparency and accountability.
It was not
very long ago that all information at the disposal of the government was its
sole preserve and could be kept away from ordinary citizens. This is no longer
the case legally. The Right to Information (RTI) and Freedom of Information
(FOI) laws, which have been adopted by most states of the world, now require
governments to be open to the people regarding all information at their
disposal, except a few.
In
Bangladesh, we are yet to fully comprehend and take advantage of the
opportunities that have arisen for us through the adoption of our only
transparency instrument so far, namely the Right to Information Act, 2009. As
for citizens' right to privacy, or RTP, we are yet to have a law. In fact,
there is little awareness and very little discussion on the subject. More than
80 countries in the world have, however, legislated on the collection and use
of personal data by public and private bodies.
The advent of
GDPR and its impact worldwide will hopefully change the situation for the
remaining countries. The recent blizzard of related emails is likely to help
people realise that there are individuals, organisations, and companies who are
either “controllers” or “processors” of personal data on us. Such data stitch
together complex sets of information that can be used to identify a person,
potentially including genetic data, information about religious and political
views, sexual orientation and the like. It is not difficult to understand how
susceptible all this data is to abuse.
An article in
the Washington Post on June 2 entitled “Hands off my data!” depicts a graphic
picture of how our personal data is collected without our knowledge: “Google
has been saving a map of everywhere you go, if you turned on its Assistant when
you set up an Android phone. Amazon makes your wish list public and keeps
recordings of all your conversations with Alexa. Facebook exposes to the public
your friends list and all the pages you follow, and it lets marketers use your
name in their Facebook ads. By default, Microsoft's Cortana in Windows 10
gobbles up … pretty much your entire digital life.”
If the above
picture bothers us, we must pay heed to the new privacy policies that the
companies concerned have been communicating to us more recently as a follow-up
to GDPR. We can ignore them only at our own peril, since our inaction may cause
loss of our data by default.
It is equally
important to remember that our right to privacy is directly linked to our right
to information. They are two sides of the same coin. In Bangladesh, we shall
shortly commemorate the ninth anniversary of the RTI Act, 2009. We need to look
back at the status of its implementation. Everyone agrees that the law is yet
to make a deep impression on the minds and imagination of the people and public
authorities alike. This should concern us all.
While some
RTI requests are being made to public offices and some responses are being
provided in a pro forma manner, there is no excitement about it either from the
demand or the supply side. Many public offices are still reluctant to respect
legitimate requests. The Information Commission too is carrying on its business
perfunctorily, keeping the system alive, with little effort to go the extra
mile.
On its part,
the government must recognise that its success in putting Bangladesh on the map
of developed nations will depend largely upon transparency and accountability
in governance. This is why RTI was made part of UN's Sustainable Development
Goals (SDGs).
Just as
people need adequate, accurate information on the functioning of their
government, the latter too can benefit by examining the trend of peoples' RTI
requests. They indicate which government offices receive greater public
attention and why. Only with such interactive and interdependent citizen-state
relationship can the engine of development be properly fuelled.
Shamsul Bari
is Chairman, Research Initiatives, Bangladesh (RIB) and and Ruhi Naz is Project
Coordinator (RTI section), RIB.