Tag: Data Protection Bill
27. August 2021
The Mongolian legislation on the protection of personal data is currently limited to two laws: the Law on Personal Secrets and the Law on Organisational Secrets, both enacted in 1995. The provisions are considered vague, ambiguous and insufficient, which makes them rarely used in practice. This leads to the lack of interpretation and application. Therefore, the not well developed data protection legislation requires systematic and consistent reforms in order to meet the various societal challenges and to comply with international standards.
Within the framework of the “Action Plan of the Government of Mongolia for 2020-2021” a draft law on the protection of personal data is in the process of being approved. In this regard, the parliament of Mongolia, the State Great Khural, has recently announced discussions on several draft laws. They include the Law on Public Information, the Law on Protection of Personal Data, the Law on Cyber Security, and the Law on Electronic Signatures.
The discussions were jointly held by the Standing Committee on Innovation and e-Policy and the Standing Committee on Legal Affairs on August 10th, 2021. Now, the Mongolian government is responsible for preparing the revised drafts.
The draft Law on Protection of Personal Data aims to regulate relations with regard to the collection, processing, and use of personal data as well as to ensure their security. It outlines rights and obligations of data processors and controllers, contains data subject rights and includes provisions for international data transfers.
The bill is an important step towards alignment with international data protection standards. If passed, the law will come into force on November 1st, 2021.
14. February 2020
The Indian Government released a Request for Proposal to bidder companies to procure a national Automated Facial Recognition System (AFRS). AFRS companies had time to submit their proposals until the end of January 2020. The plans for an AFRS in India are a new political development amidst the intention to pass the first national Data Protection Bill in Parliament.
The new system is supposed to integrate image databases of public authorities centrally as well as incorporate photographs from newspapers, raids, mugshots and sketches. The recordings from surveillance cameras, public or private video feeds shall then be compared to the centralised databases and help identify criminals, missing persons and dead bodies.
Human rights and privacy groups are pointing to various risks that may come with implementing nationwide AFRS in India, including violations of privacy, arbitrariness, mis-identifications, discriminatory profiling, a lack of technical safeguards, and even creating an Orwellian 1984 dystopia through mass surveillance.
However, many people in India are receiving the news about the plans of the Government with acceptance and approval. They hope that the AFRS will lead to better law enforcement and more security in their everyday lives, as India has a comparably high crime rate and only 144 police officers for every 100.000 citizens, compared to 318 per 100.000 citizens in the EU.
13. October 2017
The UK government introduced the Data Protection Bill to implement the General Data Protection Regulation (GDPR – 2016/679).
The GDPR enters into force on 25th May 2018 in the European Union. After the brexit, until now it was unclear if the UK would implement the GDPR into UK domestic law. The Data Protection Bill implements not only the legal requirements of the GDPR. The Law Enforcement Directive (2016/680) and the standards of the Council of Europe’s draft modernized Convention 108 on processing of personal data carried out by the intelligence services will also be adopted in the new Data Protection Law of the UK.
The new Law will replace the existing UK Data Protection Act 1998.
Currently the bill is at the beginning of the parliamentary process. The first reading in the House of Lords was held on 13th September, the second on 10th October. The bill consist of seven parts and 18 Schedules.
The data flow between European countries and the UK will not cause those problems that caused concerns after the Brexit, because the data protection level in Europe and the UK will be equal.
