Personal Data Protection Bill 2018

The Personal Data Protection Bill is a Pakistani law that attempts to protect personal data from misuse by corporations and governments. The implementation of GDPR by the European Union impacted the Cyber Law policymakers of Pakistan, the Ministry of Information Technology and Telecommunication.

They proposed a bill to protect the personal data of Pakistani citizens. According to this bill, "A Bill to protect people against the violation of their privacy by processing of personal data. Whereas it is expedient to provide for the processing, obtaining, holding, usage and disclosure of data relating to individuals while respecting the rights, freedoms and dignity of natural persons with special regard to their right to privacy, secrecy and personal identity and for matters connected therewith and ancillary thereto." With regards into processing, obtaining, holding, usage and disclosure of data, rights should be involved with matters by freedom and dignity and happiness.

Scope

This Act applies to:

• any person who processes; and
• any person who has control over or authorizes the processing of, any personal data in respect of commercial transactions.

The Act is limited to persons established in Pakistan (resident for greater than 180 days) whose personal data is processed by an establishment or others who use equipment in Pakistan for processing personal data for purposes other than transit through Pakistan.

Punishment

The penalty for violations is up to 2 years imprisonment and up to a PKR 5 Million fine.^[1][2]

Execution

A commission is to be formed within six months of enactment.

See also

Personal Data Protection Bill, 2019 (India)

References

1. "What is the 'Personal Data Protection Bill 2018'? | Pakodia". Pakodia. 2018-07-13. Retrieved 2018-07-13.
2. AMIN, TAHIR (July 8, 2018). "Maximum punishment proposed: MoIT&T drafts 'Personal Data Protection Bill 2018'". Business Recorder.