Sri Lanka Moves To Operationalize Data Protection Authority

At the 2nd National Data Protection Symposium yesterday, Supreme Court Judge Arjuna Obeyesekere and Data Protection Authority Chairman Rajeeva Bandaranaike urged rapid operationalization of Sri Lanka’s Personal Data Protection Act and the Data Protection Authority. Obeyesekere said the 2022 PDPA is a foundation, not a guarantee, warning AI-driven automated decisions raise fairness and accountability challenges. Bandaranaike outlined priorities: staffing, capacity-building, guidance and balanced enforcement ahead of the Act’s effective date.