Kathmandu School of Law Review

P-ISSN : 2091-2110, E-ISSN : 2773-8159, DOI : 10.46985, Publisher : Kathmandu School of Law, Nepal
Annual flagship journal of Kathmandu School of Law, Nepal

Volume 12, Issue 1, April 2023
Articles

The Need for data protection law in Nepal: Securing Citizen's Rights in the Digital Age

PDF
  • Dr. Newal Chaudhary
Dr. Newal Chaudhary
Assistant Professor at Nepal Law Campus, Tribhuvan University
DOI: https://doi.org/10.46985/kslr.v12i1.2225

Published 2024-07-26

Keywords

  • Data, Development, Root, System, Privacy.

How to Cite

Chaudhary, D. N. (2024). The Need for data protection law in Nepal: Securing Citizen’s Rights in the Digital Age. Kathmandu School of Law Review, 12(1), 113–125. https://doi.org/10.46985/kslr.v12i1.2225
Crossref
Scopus
Google Scholar
Europe PMC

Abstract

Nepal is undergoing rapid digitization of services across sectors like education, commerce, finance and healthcare. However, this digital transformation has enabled mass collection of citizens' personal data by both government and private companies without sufficient consent, transparency or protection around data use. Vast troves of Nepali citizens' information ranging from names and biometrics to browsing history, purchases and location data are being harvested through digital platforms and systems. This article analyzes the policy gaps around safeguarding citizens' data privacy rights in Nepal. It highlights real-world cases of harms arising from lack of governance around citizens' data, including electoral manipulation, data breaches, unregulated cross-border data transfers and privacy violations during the pandemic under the guise of public health response. For instance, the Cambridge Analytica scandal revealed how private firms can covertly harvest citizens' Facebook data to psychologically profile voters and target them with customized disinformation to influence their behavior. The article argues that forward-looking and rights-based data protection legislation on par with global benchmarks has become an urgent democratic imperative if Nepal is to secure its citizens' privacy, autonomy and choice in the digital age. Comprehensive governance setting clear consent requirements, purpose limitations and penalties around collection and use of citizens' data can no longer be delayed, as Nepal lags behind many of its regional peers in enacting such safeguards. The article makes the case for recognizing data protection as a 21st century freedom struggle to reclaim citizens' rights in virtual spaces in the age of surveillance capitalism.1 Enacting strong data privacy law is positioned as essential for equitable digital development in Nepal.

PDF

Downloads

Download data is not yet available.

References

  1. Shoshana Zuboff, The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power, Profile Books, 2018.
  2. Igor Bonifacic, ‘Report finds remote learning apps collected and sold kids’ data’, Engadget, 26 May 2022, available at https://www.engadget.com/human-rights-watch-kids-data-183055475.html, accessed on 25 November 2023.
  3. Simon Kemp, ‘Digital 2022: Nepal’, Datareportal, 15 February 2022, available at https://datareportal.com/reports/digital-2022-nepal, accessed on 7 November 2023.
  4. Ben Smith, ‘How TikTok Reads Your Mind’, New York Times, 5 December 2021, available at https://www.nytimes.com/2021/12/05/business/media/tiktok-algorithm.html, accessed on 25 November 2023.
  5. Andre Camillo, ‘Real life Consequences and examples of Data breaches, some industry Insights and Some tips to reduce risk’, Geek Culture, 15 October 2022, available at https://medium.com/geekculture/real-life-consequences-and-examples-of-data-breaches-some-industry-insights-and-some-tips-to-3dff9638fdf7, accessed on 25 November 2023.
  6. In the context of cybersecurity, this includes anything from a simple set of rules for identifying spam to a complex machine learning algorithm for detecting advanced cyberattacks.
  7. The Patriot Act modernized our ability to monitor criminal and terrorist communications by applying our wiretap laws to new technologies such as cell phones and e-mail without modifying or reducing the legal and constitutional restraints applicable to those tools.
  8. Newal Chaudhary, ‘Data vulnerability in Nepal’, The Kathmandu Post, 18 October 2023, available at https://kathmandupost.com/columns/2023/10/18/ data-vulnerability-in-nepal, accessed on 25 November 2023.
  9. Human Research Protection Office, ‘European Union General Data Protection Regulation (GDPR)’, University of Pittsburgh, available at https://www.hrpo.pitt.edu/european-union-eu-general-data-protection-regulation-gdpr, accessed on 25 November 2023.
  10. Brad Greenwood and Paul M. Vaaler, ‘Do US State Breach Notification Laws Decrease Firm Data Breaches?’ Minnesota Legal Studies Research Paper, 2023, available at SSRN: https://ssrn.com/abstract=3885993, accessed on 25 November 2023.
  11. Aniket Kesari, ‘Do Data Breach Notification Laws Work?’, SSRN, 2022, available at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4164674, accessed on 25 November 2023.
  12. Carole Cadwalladr & Emma Graham-Harrison, ‘Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach’ The Guardian, 17 March 2018, available at https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-election, accessed on 25 November 2023.
  13. Chaudhary (n 7).
  14. Chaudhary (n 7).
  15. Abigail Abrams, ‘Here's What We Know So Far About Russia's 2016 Meddling’, Times, 18 April 2019, available at https://time.com/5565991/russia-influence-2016-election/, accessed on 25 November 2023.
  16. Kathmandu Post, ‘Vianet suffers data breach, leaking personal customer details online’, The Kathmandu Post, 8 April 2020, available at https://kathmandupost.com/national/2020/04/08/vianet-suffers-data-breach-leaking-personal-customer-details-online, accessed on 25 November 2023.
  17. Indo-Asian News Service, ‘Nepal Telecom call details stolen by Chinese hackers’, Economic Times, New Delhi, 13 July 2021, available at https://ciso.economictimes.indiatimes.com/news/nepal-telecom-call-details-stolen-by-chinese-hackers/84366159, accessed on 25 November 2023.
  18. Robinson Meyer, ‘Everything We Know About Facebook’s Secret Mood-Manipulation Experiment’, The Atlantic, 28 June 2014, available at https://www.theatlantic.com/technology/archive/2014/06/everything-we-know-about-facebooks-secret-mood-manipulation-experiment/373648/, accessed on 25 November 2023.
  19. Ryan Browne, ‘Europe and the U.S. finally agree a landmark data-sharing pact — and it’s already under threat’, CNBC, 12 July 2023, available at https://www.cnbc.com/2023/07/12/eu-and-us-agree-new-data-sharing-deal-what-is-it-and-why-it-matters.html, accessed on 25 Nov 2023.
  20. Chaudhary, (n 7).
  21. Chaudhary, (n 7).
  22. Ali A. Jessani & Kirk J. Nahra, ‘India Passes Long-Awaited Privacy Law’, WilmerHale, 18 August 2023, available at https://www.wilmerhale.com/en/insights/blogs/wilmerhale-privacy-and-cybersecurity-law/20230818-india-passes-long-awaited-privacy-law, accessed on 25 Nov 2023.
  23. NASSCOM stands for the National Association of Software and Service Companies. It is a nonprofit trade association and advocacy group focused on the information technology and business process outsourcing industry in India. NASSCOM is the premier trade body and industry association for India's technology and digital services sector acting as a key platform for market growth, policy advocacy, partnerships and skills building across the country's burgeoning IT-BPM industry. It plays a strategic role in steering the rapid development of India's globally competitive technology services industry.

Similar Articles

<< < 1 2 3 4 5 6 > >> 

You may also start an advanced similarity search for this article.