Sri Lanka Moves To Operationalize Data Protection Authority

At the 2nd National Data Protection Symposium yesterday, Supreme Court Judge Arjuna Obeyesekere and Data Protection Authority Chairman Rajeeva Bandaranaike urged rapid operationalization of Sri Lanka’s Personal Data Protection Act and the Data Protection Authority. Obeyesekere said the 2022 PDPA is a foundation, not a guarantee, warning AI-driven automated decisions raise fairness and accountability challenges. Bandaranaike outlined priorities: staffing, capacity-building, guidance and balanced enforcement ahead of the Act’s effective date.
Key Points
- 1Calls to operationalize Data Protection Authority and implement PDPA to build digital trust nationwide
- 2Warns AI-driven automated decisions risk fairness and accountability gaps that test existing legal frameworks
- 3Urges organisations to adopt clear data governance, transparency, and complaint mechanisms to maintain user confidence
Scoring Rationale
Official push and specific operational plans boost credibility and relevance, but mainly national in scope and incremental.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems