Is Smart Bangladesh ready to confront data risk?

Ensuring strong governance concerning data protection and ensuring data privacy should be the key concerns of authorities. Photo: Reuters

The government aims to transform the country into Smart Bangladesh. This is in line with the ongoing trends in globalisation, growth in countless industries, transformation in business processes and diversification in economies around the world. People, organisations, and nations are more interconnected than ever. And, data, which continues to grow in size and complexity at an astounding rate, sits at the centre of today's most pressing business challenges.

Alongside several societal and regulatory shifts, businesses are facing challenging times, and it has also contributed to a steady rise in the incidence of domestic and international disputes. The spectrum of risks the organisations will have to navigate in a post-COVID era is no longer limited to the workplace, because of the way data is being shared and how internal systems interact due to remote work. Organisations will now have to step up to support and integrate the dream of building a Smart Bangladesh, where everyone will learn to do everything online. Bangladeshi economy will be an e-economy, where the entire money management system, including e-governance, e-education, and e-health, will be done on digital devices. 

The risks relating to emerging data sources such as collaboration platforms and cloud file-sharing tools were not a topic of conversation in previous years. However, the increase in focus towards Smart Bangladesh and investment and growth of the ICT sector are indicative of the explosion of emerging data in the coming years. The ICT sector is evolving very fast, and data maps are changing frequently with new start-ups coming up with new application tools. 

Creating strong governance concerning data protection and ensuring data privacy and security, to prevent fallout from a data breach, has therefore become and will continue to be a key area of focus in the coming years; so will the belief that regulators will become more active and stringent. It is now high time to internally align, re-assess and be reasonably well prepared in data privacy, information governance and security, keeping in mind the impact of emerging data sources on everything.  

Money laundering, fraud, bribery, corruption, embezzlement, online gambling, IP theft, illegal financial e-transactions and misappropriation of hundreds of crores worth of assets, and acquiring assets in Dubai, Malaysia and other countries, have become very common to local and foreign fraudsters, and is in the rise due to lack of digital security. 

The perpetrators of these crimes are taking advantage of the low level of understanding and implementation of existing regulatory legal framework. They are using an array of emerging data sources, including chat and instant messaging applications, collaboration tools and cloud-based platforms, which are typically hosted by a third party, making it difficult for law enforcement agencies to obtain, quantify or assess their actions. 

Regulatory, legal and ICT experts need to realise that these emerging data sources are discoverable evidence, which is complicated to access, collect and format for investigation and litigation. The relevant data which is significant for a legal or regulatory matter should be organised in a format that can be reviewed and understood in context with other information. 

Data-related business challenges are on the rise and the incidence of data breaches is skyrocketing around the world. According to IBM Security's Cost of a Data Breach 2021 Report, data breach costs rose to more than US 4.24 million, the highest average total cost in the history of the report. 

When personal data is compromised, the stakes are even higher. Around the world, data privacy regulations are ramping up in enforcement, and fines under the General Data Protection Regulation rose by nearly 40% alone last year, adding millions to the cost of corporate compliance due to the increasing global data protection laws. 

Personally, I am feeling less and less prepared to defend myself against increased levels of data risk heightened by the shift to remote work and accelerated use of emerging data sources. Especially now, looking at the future of Smart Bangladesh, the risk seems more pertinent than ever. 

Both regulators and organisations will have to grapple with how to root out fraud, maintain compliance, protect sensitive information and struggle to mitigate this ever-expanding landscape of risk. 

At this moment, one possible way forward is to explore ways to include data privacy programs and evaluate the applicable regulations and requirements for organisations. We can identify the gaps and areas of risks across people, processes and technology, develop a road map, policy and procedural implementation that will automate enforcement and control, reduce third-party risk and foster a culture of compliance.

Barrister Tasnuva Shelley. TBS Sketch

Tasnuva Shelley is the Founder & CEO of Legalized Education and the Head of Chambers, Justicia Legal Minds.

Disclaimer: The views and opinions expressed in this article are those of the authors and do not necessarily reflect the opinions and views of The Business Standard.