Bangladesh Draft DPA

Draft Data Protection Act 2023

Bangladesh's draft data protection law requiring DPO, imposing data localization requirements, and establishing fines up to BDT 300,000.

Jurisdiction

Bangladesh

Enacted

Pending

Effective

TBD

Enforcement

To be established

Under consideration - passage timing unclear

DataGuidance Bangladesh Overview

Why It Matters

Bangladesh's data localization requirement (if enacted) would mandate AI chatbot platforms store Bangladeshi user data on servers within Bangladesh, creating infrastructure obligations.

Recent Developments

Draft under consideration as of 2023; passage timing unclear

At a Glance

Applies to

AI CompanionMental Health AppGeneral Chatbot

Requires

Transparency User Rights

Who Must Comply

Data controllers and processors in Bangladesh (when enacted)
Entities processing data of Bangladeshi residents
Cross-border data transfers from Bangladesh

Obligations fall on:

Safety Provisions

Data Protection Officer mandatory
Data localization requirements (servers in Bangladesh)
Breach notification to authority
Consent requirements
Cross-border transfer restrictions

Compliance & Enforcement

Penalties

Fines up to BDT 300,000

Primary Source

DataGuidance Bangladesh Overview

https://www.dataguidance.com/

View on map

Bangladesh

Focus Areas

General regulation

Cite This

APA

Bangladesh. (n.d.). Draft Data Protection Act 2023.

Related Regulations

In Effect BN

Brunei PDPO

Brunei's personal data protection order requiring DPIA and imposing penalties up to 10% Brunei turnover or $1M.

In Effect IN

India DPDP Act

STRICTEST children's provisions in APAC. Children = under 18; verifiable parental consent MANDATORY; PROHIBITION on tracking, behavioral monitoring, targeted advertising to children.

In Effect ID

Indonesia's comprehensive child online protection regulation establishing age-appropriate design requirements for electronic systems accessible to children. Most granular age classification globally (5 groups). Requires risk assessments, privacy-by-default, parental consent, DPIAs, and prohibits data profiling of children. First of its kind in Asia and Global South.

In Effect CN

China CSL Amendments

First major revision of China's foundational Cybersecurity Law since 2017. Introduces formal AI governance provisions, significantly increases penalties, and expands extraterritorial application to all cybersecurity violations.

In Effect NP

Nepal AI Policy

Nepal national AI policy establishing governance framework and development priorities. Creates AI Governance Council (chaired by Minister for Communications and IT), AI Regulation Council, National AI Centre, and AI Regulatory Authority. Six pillars including ethics, human resource development, and sectoral application.

In Effect PK

Pakistan AI Policy

Pakistan's national AI roadmap establishing six strategic pillars: AI Innovation Ecosystem, Awareness and Readiness, Research and Development, Infrastructure, Governance, and International Cooperation. Creates National AI Fund (NAIF), Centres of Excellence in 7 cities, and targets training 200,000 individuals annually.

All regulations Check if this applies to you

Last updated January 22, 2026. Verify against primary sources before relying on this information.