Bangladesh Draft DPA
Draft Data Protection Act 2023
Bangladesh's draft data protection law requiring DPO, imposing data localization requirements, and establishing fines up to BDT 300,000.
Jurisdiction
Bangladesh
Enacted
Pending
Effective
TBD
Enforcement
To be established
Under consideration - passage timing unclear
DataGuidance Bangladesh OverviewWhy It Matters
Bangladesh's data localization requirement (if enacted) would mandate AI chatbot platforms store Bangladeshi user data on servers within Bangladesh, creating infrastructure obligations.
Recent Developments
Draft under consideration as of 2023; passage timing unclear
At a Glance
Applies to
Requires
Who Must Comply
- Data controllers and processors in Bangladesh (when enacted)
- Entities processing data of Bangladeshi residents
- Cross-border data transfers from Bangladesh
Obligations fall on:
Safety Provisions
- Data Protection Officer mandatory
- Data localization requirements (servers in Bangladesh)
- Breach notification to authority
- Consent requirements
- Cross-border transfer restrictions
Compliance & Enforcement
Penalties
Fines up to BDT 300,000
View on map
Bangladesh
Focus Areas
General regulation
Cite This
APA
Bangladesh. (n.d.). Draft Data Protection Act 2023.
Related Regulations
Brunei PDPO
Brunei's personal data protection order requiring DPIA and imposing penalties up to 10% Brunei turnover or $1M.
India DPDP Act
STRICTEST children's provisions in APAC. Children = under 18; verifiable parental consent MANDATORY; PROHIBITION on tracking, behavioral monitoring, targeted advertising to children.
Indonesia PP 17/2025
Indonesia's comprehensive child online protection regulation establishing age-appropriate design requirements for electronic systems accessible to children. Most granular age classification globally (5 groups). Requires risk assessments, privacy-by-default, parental consent, DPIAs, and prohibits data profiling of children. First of its kind in Asia and Global South.
China CSL Amendments
First major revision of China's foundational Cybersecurity Law since 2017. Introduces formal AI governance provisions, significantly increases penalties, and expands extraterritorial application to all cybersecurity violations.
AU National AI Plan
National AI policy roadmap replacing previously proposed mandatory AI guardrails. Focuses on leveraging existing legal frameworks rather than new mandatory requirements. Establishes the Australian AI Safety Institute (AISI) to monitor, test, and share information on AI risks and harms.
India AI Governance Guidelines
Voluntary AI governance framework built on seven core principles ('sutras'): Trust, People First, Innovation over Restraint, Fairness & Equity, Accountability, Understandable by Design, and Safety/Resilience/Sustainability. Establishes AI Governance Group, AI Safety Institute, and Technology & Policy Expert Committee.
Last updated January 22, 2026. Verify against primary sources before relying on this information.