Strengthening Personal Data Protection: Sri Lankan Delegation's Insightful Visit to Germany

Colombo, Sri Lanka – 7th August 2024 – A delegation comprising of prominent personalities and experts embarked on a pivotal visit to Germany to delve into the complexities of personal data protection. This visit was organised by Friedrich Naumann Foundation for Freedom (FNF) Sri Lanka.


The delegation, comprised of the Chairman Mr. Arjuna Herath, Board Director Mr. Jayantha Fernando and Acting Director General Mr. Waruna Sri Dhanapala of the Personal Data Protection Authority (DPA) of Sri Lanka, as well as legal experts, civil society organization representatives, members of the Colombo Stock Exchange, and media journalists. They participated in a series of high-level meetings to enhance their understanding of the General Data Protection Regulation (GDPR) and its implementation in Bonn and Berlin from 27th July to 03rd August 2024.

This visit fostered a valuable exchange of ideas and best practices, equipping Sri Lanka with critical knowledge to bolster its personal data protection framework, currently being developed under the provisions of the Personal Data Protection Act No. 9 of 2022 (PDPA).

The FNF International Visiting Programme for Participants from Sri Lanka was titled ‘The ties that bind data-EU-Germany (GDPR) & Sri Lanka (PDPA) featured comprehensive sessions on,

  • GDPR Overview: Insight into the roles of federal and state authorities, practical applications, and emerging challenges in digital regulations.
  • Supervisory Authority Discussions: Exploration of enforcement powers and control practices of Germany’s Federal Commissioner for Data Protection and Freedom of Information.
  • Cybersecurity and Privacy: Analysis of IT security imperatives conducted by leading experts.
  • Data Protection Officers: Examination of Germany’s data protection system and integration into GDPR, featuring insights from the Society for Data Protection and Data Security.
  • Sector-Specific Insights: Detailed scrutiny of data protection within telecommunications, presented by Deutsche Telekom AG.
  • State-Level Perspectives: Understanding the responsibilities and distinctions between state and federal data protection, particularly in North Rhine-Westphalia.
  • Business Compliance: Discussions on GDPR implementation in German businesses with the German Chamber of Commerce and Industry.
  • Regulatory Policies: Learning about personal data protection compliance from Bitkom e.V.
  • Liberal Network Policy: Exploration of digital self-determination and net politics.
  • State-Level Implementation in Berlin: Gaining insights from Berlin's approach to data protection and freedom of information.

The collaborative efforts underscore a commitment to advancing privacy and security in the digital age by both state and non-state players, ensuring robust protection for all citizens.