Pakistani Regulatory Body
National Commission for Personal Data ProtectionFormation | 2023 |
---|
Type | Regulatory body |
---|
Legal status | Active |
---|
Purpose | Protecting the privacy rights of individuals |
---|
Region served | Pakistan |
---|
The National Commission for Personal Data Protection (NCPDP) is a regulatory body established by the Government of Pakistan under the Personal Data Protection Bill 2023. The Commission is tasked with monitoring data processing activities and protecting the privacy rights of individuals.[1][2]
Establishment
The NCPDP, the National Committee for Personal Data Protection, was founded within six months of the initiation of the Personal Data Protection Act in 2023. The federal government formally announced its establishment via a published notification in a government gazette.[1]
Legislation
The Federal Cabinet approved the Personal Data Protection Bill of 2023, which seeks to govern the gathering, processing, utilization, disclosure, and transmission of personal data.[1][2] This bill establishes a framework for data protection that encompasses offenses related to infringing on an individual's data privacy rights.[1] Additionally, it suggests substantial fines for violations, with penalties potentially reaching up to $2 million or an equivalent sum in Pakistani rupees.[3]
Role and responsibilities
The NCPDP functions as a civil court to safeguard users' private documents and data while addressing the concerns of individuals who file complaints. Its primary responsibility is to guarantee the security of personal information and data belonging to various organizations and companies. The commission enforces restrictions on the sharing of a user's information or data with any company, individual, or government entity without the user's explicit consent.[2]
Controversies
Despite its purported goal of safeguarding citizens' privacy, certain critics contend that the new data protection law is a pretense aimed at compromising citizens' privacy.[4] They assert that meaningful advancements in data protection can only be achieved through a more comprehensive policy-making approach that actively involves privacy experts, technology companies, and the public.[5]
References