Sri Lanka Data Protection Authority (DPA) announces new leadership positions to set up secretariat

With the recent unanimous adoption of the Personal Data Protection (amendment) Bill in Parliament, the Data Protection Authority of Sri Lanka (DPA), established under the Personal Data Protection Act No. 9 of 2022 (PDPA) is pleased to announce several new career opportunities, including the post of Director General. These positions are essential to set up the Secretariat, which will be tasked with the implementation of the strategy and roadmap of the DPA, to enable DPA’s objectives to be fulfilled under the overall direction and supervision of DPA Board of Directors.

Establishment of the DPA Secretariat, with full time staff led by Director General, is a major step in advancing Sri Lanka’s national agenda on Data Protection and privacy and digital trust, which are vital to facilitate growth and innovation in the digital economy. This is a prerequisite in order to determine enforcement dates for PDPA, the law which will regulate the processing of personal data and strengthen the rights of all individuals (data subjects).

As the country’s digital transformation strategies continue to accelerate across different sectors of the economy, the DPA would be required under the PDPA to ensure data protection compliance and promote responsible data processing practices.

“The importance of data privacy in the digital age cannot be overstated, as its an essential component of Consumer trust,” said Rajeeva Bandaranaike, Chairman of the DPA Sri Lanka. “The establishment of the Secretariat at DPA marks a defining moment in Sri Lanka’s commitment to building a secure and transparent digital ecosystem. We are now seeking talented professionals who can help shape this institution’s success .”

The DPA will shortly advertise and call for applications to recruit highly skilled and committed professionals to join its Secretariat across multiple disciplines — including policy, legislation, compliance, cybersecurity, communications, and information technology. These opportunities offer a platform to directly influence Sri Lanka’s PDPA implementation, which will define digital regulation landscape while contributing to safeguard digital trust and public service innovation.

Professionals who are passionate about public service, data privacy and digital innovation are invited to apply and help define the future of data privacy in Sri Lanka.

About the Data Protection Authority (DPA) of Sri Lanka

The DPA is the independent regulatory body established under the Personal Data Protection Act No. 9 of 2022 to regulate the processing of personal data and safeguard the rights of data subjects in Sri Lanka. Its mission is to ensure lawful processing of personal data, and foster a culture of trust in government and private sector digital services.

Media Contact:
Dr Kanishka Karunasena
Acting Director General
Data Protection Authority of Sri Lanka
Phone: +94 (0)11 2697241
Email: info@dpa.gov.lk
Website: www.dpa.gov.lk