Database

Browse Database

BANGLADESH

Since June 2023, last amended in August 2025

Pillar Cross-border data policies  |  Indicator Infrastructure requirement
Guidelines to Establish Digital Bank (ডিজিটাল ব্যাংক প্রতিষ্ঠার নির্দেশিকা)
Section 10.1 of the Guidelines to Establish Digital Bank stipulates that digital banks shall maintain at least a Tier III data centre and a disaster recovery site, each located in a different seismic zone. Section 10.2 further provides that, although digital banks may utilise cloud services, the physical location of such cloud infrastructure must be within Bangladesh's territory.
Coverage Digital banks

BANGLADESH

Reported in 2020, last reported in 2025

Pillar Content access  |  Indicator Blocking or filtering of commercial web content
Blocking of commercial web content
Reports indicate that authorities have blocked certain websites, news outlets, social media platforms, and communication services, particularly during periods of political tension. Notably, several news media websites, including Manab Zamin, Samakal, Jamuna Television, and Voice of America (VOA) Bangla, were rendered inaccessible in the lead-up to and during the general elections in Bangladesh in January 2024. In addition, in July 2024, authorities restricted access to major social media and communication platforms, including Facebook, YouTube, WhatsApp, and Signal. Similar restrictions were reimposed in August 2024. Additionally, reports suggest that the Sweden-based website Netra News has remained inaccessible since 2020.
Coverage Websites, news outlets, social media and communication platforms

BANGLADESH

Since November 2025, entry into force in November 2025

Pillar Cross-border data policies  |  Indicator Conditional flow regime
Data Protection Ordinance, 2025 - Ordinance No. 61 of 2025 (ব্যক্তিগত উপাত্ত সুরক্ষা অধ্যাদেশ, ২০২৫ - ২০২৫ সনের ৬১ নং অধ্যাদেশ)
Section 29 of the Data Protection Ordinance provides that personal data, including public or open personal data, internal personal data, confidential personal data, and limited personal data as defined in the Schedule, may be transferred abroad subject to the conditions set out in Section 29 itself. Such transfers are permitted where the consent of the relevant data subject has been obtained, where the transfer is necessary for the exchange of goods or services under a contract to which the data subject is a party, or where, with the consent of the data subject, the transfer relates to matters concerning the data subject’s interests, such as business, education, emigration, or immigration. Also, personal data that is lawfully transferable may be transferred only to countries that possess appropriate technological and infrastructural safeguards for the storage of personal data, as prescribed by regulation. In cases involving the cross‑border transfer of large volumes of sensitive personally identifiable data, notification to the competent authorities is mandatory. For the purposes of this section, sensitive personally identifiable data refers to data whose large‑scale cross‑border transfer may pose risks to national sovereignty, national security, or financial stability, including government‑issued unique identification numbers such as national identity card numbers, passport numbers, and taxpayer or TIN or PAN numbers; biometric identifiers such as fingerprints, facial recognition data, and iris scans; genetic or DNA‑related information; and records of criminal convictions or criminal history.
Coverage Horizontal

BANGLADESH

N/A

Pillar Cross-border data policies  |  Indicator Participation in trade agreements committing to open cross-border data flows
Lack of participation in agreements with binding commitments on data flows
Bangladesh has not joined any agreement with binding commitments to open transfers of data across borders.
Coverage Horizontal

BANGLADESH

Since November 2025

Pillar Domestic data policies  |  Indicator Framework for data protection
Data Protection Ordinance, 2025 - Ordinance No. 61 of 2025 (ব্যক্তিগত উপাত্ত সুরক্ষা অধ্যাদেশ, ২০২৫ - ২০২৫ সনের ৬১ নং অধ্যাদেশ)
The Data Protection Ordinance establishes a comprehensive framework for data protection in Bangladesh, although the competent authority has yet to be constituted. Section 1.3 stipulates that, with the exception of section 23 and sections 31 to 46, the Ordinance shall enter into force immediately. The excepted provisions are to come into operation on such date as the Government may determine by notification in the Official Gazette, following the expiry of 18 months from the date of promulgation of the Ordinance. The provisions subject to deferred commencement primarily concern the appointment of the chief data officer, the mechanisms for lodging complaints, and the imposition of administrative penalties.
Other relevant legislation includes the Cybersecurity Ordinance 2025, the Information and Communication Technology Act 2006, the Telecommunications Act 2001, the Contract Act 1872, the Consumers’ Rights Protection Act, the Penal Code 1860, and the Copyright Act 2000.
Coverage Horizontal

BANGLADESH

Since December 2020

Pillar Domestic data policies  |  Indicator Minimum period for data retention
BTRC Regulatory and Licensing Guideline For Internet Service Provider (ISP) in Bangladesh
According to Clause 25.4 of the "Regulatory and Licensing Guideline for Internet Service Providers (ISPs) in Bangladesh", licensees are required to maintain individual user history records, system failure records, Simple Network Management Protocol (SNMP) traffic data, and bandwidth utilisation records as daily logs for a minimum period of three months. These records must be made available upon request by the Bangladesh Telecommunication Regulatory Commission or any relevant law enforcement agency.
The 2025 Telecommunications Network and Licensing Policy introduced migration of ISP licences into the Fixed Telecom Service Providers (FTSPs)/District FTSP framework, but it does not expressly repeal the 2020 ISP Guideline, and existing licensees may complete their current licensing terms.
Coverage Internet Service Providers (ISPs)

BANGLADESH

Since July 2021

Pillar Domestic data policies  |  Indicator Minimum period for data retention
Digital Commerce Operation Guidelines, 2021 (ডিজিটাল কমার্স পরিচালনা নির্দেশিকা -২০২১)
In accordance with Section 3.1.14 of the Digital Commerce Operation Guidelines, all information pertaining to the operations of digital commerce platforms must be retained for a minimum of 6 years and made available to any government authority upon request.
Coverage Digital commerce platforms

BANGLADESH

Since February 2024

Pillar Domestic data policies  |  Indicator Minimum period for data retention
BTRC Regulatory and Licensing Guidelines for Cellular Mobile Services in Bangladesh
Pursuant to Section 25.02 of the Bangladesh Telecommunication Regulatory Commission (BTRC) Regulatory and Licensing Guidelines for Cellular Mobile Services in Bangladesh, licensees must preserve Call Detail Records (CDRs), Transaction Detail Records (TDRs), system logs or audit trails relating to CDR changes, network traffic data, IN and HLR dumps, QoS and KPI reports with underlying data, official correspondence with BTRC, statements, reports, and related records for two years, for scrutiny by BTRC, as directed by the Commission, or as required by the National Telecommunication Monitoring Centre (NTMC) under the law.
Licensees must also retain third-party VAS/CP logs for the same two-year period relating to activation, deactivation, and service usage. Where call records would otherwise be deleted after 2 years, the licensee must retain any specific CDR upon instruction from BTRC or law enforcement agencies. In addition, licensees must record and store data session logs or information, including IP addresses, for six months, for scrutiny by, or as directed by, the Commission. Records not subject to a retention instruction may be deleted without prior permission.
Coverage Mobile services providers

BANGLADESH

Since September 2025

Pillar Telecom infrastructure & competition  |  Indicator Functional/accounting separation for operators with significant market power
Telecommunications Network and Licensing Policy, 2025
Bangladesh imposes obligations of accounting and functional separation on telecommunications operators with Significant Market Power (SMP). Under the Telecommunications Network and Licensing Policy 2025, Sections 11.8.1 and 11.8.2(d) authorise the Bangladesh Telecommunication Regulatory Commission (BTRC) to identify SMP operators and impose requirements relating to accounting separation and financial transparency.
The Policy further gives BTRC broader separation-related powers. Sections 11.8.5(c) and 11.8.7(b)–(c) allow BTRC to review financial transparency, recommend structural separation where justified, prohibit undue accumulation of licences across distinct functional layers without operational or structural separation, and require accounting separation, firewall mechanisms, and public disclosure for multi-layer licensees.
Coverage Telecommunications sector

BANGLADESH

Since April 2001, last amended in August 2010

Pillar Telecom infrastructure & competition  |  Indicator Licensing restrictions to operate in the telecom market
Bangladesh Telecommunication Regulatory Authority Act, 2001 - Act No. 18 of 2001 (বাংলাদেশ টেলিযোগাযোগ নিয়ন্ত্রণ আইন, ২০০১ - ২০০১ সনের ১৮ নং আইন)
Under Section 96 of the Bangladesh Telecommunication Regulatory Authority Act, the government is empowered, in the public interest, to assume control of any telecommunication system, along with any necessary arrangements for its operation. This control may be maintained for an indefinite period, during which the operator and the employees of the telecom operator may be required to remain engaged either on a full-time basis or for a specified duration to ensure the continued operation of the apparatus or system.
Coverage Telecommunications sector

BANGLADESH

Since September 2025

Pillar Telecom infrastructure & competition  |  Indicator Licensing restrictions to operate in the telecom market
Telecommunications Network and Licensing Policy, 2025
The Telecommunications Network and Licensing Policy 2025 establishes a new licensing framework for Bangladesh and imposes specific market-entry conditions. Under Section 7.3.4, Cellular Mobile Service Provider licences are subject to a limited licensing framework, with the number of licences determined by the Bangladesh Telecommunication Regulatory Commission (BTRC) based on spectrum availability, market competition, and consumer benefit. For National Infrastructure and Connectivity Service Provider (NICSP) licences, Section 7.7.10 requires applicants to demonstrate minimum investment capacity. However, this minimum investment has not yet been established.
Coverage Telecommunications sector

BANGLADESH

N/A

Pillar Telecom infrastructure & competition  |  Indicator Signature of the WTO Telecom Reference Paper
Lack of appendment of WTO Telecom Reference Paper to schedule of commitments
Bangladesh has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.
Coverage Telecommunications sector

BANGLADESH

Reported in 2019, last reported in 2025

Pillar Telecom infrastructure & competition  |  Indicator Presence of an independent telecom authority
Lack of an independent telecom authority
Bangladesh has a telecommunications regulatory authority, the Bangladesh Telecommunication Regulatory Commission (BTRC). However, its decision-making process is not entirely independent of government influence. Officially, the BTRC is an autonomous regulatory body tasked with overseeing telecommunications and related matters. Nevertheless, reports suggest that, in practice, it lacks genuine independence and primarily represents governmental interests. The Ministry of Posts, Telecommunications, and Information Technology (MPTIT) is responsible for regulating the sector, with the BTRC functioning as a subsidiary entity. Additionally, the Posts and Telecommunications Division (PTD) within the MPTIT supervises the BTRC's operations.
Coverage Telecommunications sector

BANGLADESH

Since November 2023, entry into force in February 2025

Pillar Intellectual Property Rights (IPRs)  |  Indicator Practical or legal restrictions related to the application process for patents
Bangladesh Patent Act, 2023 (বাংলাদেশ পেটেন্ট আইন, ২০২৩)
Section 8(14) of the Bangladesh Patent Act, 2023 empowers the Director General, before granting a patent, to require a foreign patent applicant to adapt the patent description to the general skill of Bangladeshi citizens, with a view to promoting the use of the patented technology in Bangladesh. It is reported that imposing this requirement exclusively on foreign applicants in the patent-granting process may constitute discrimination, thereby potentially violating the principle of national treatment.
Coverage Horizontal

BANGLADESH

Since May 1991, last amended in June 2023

Pillar Cross-border data policies  |  Indicator Ban to transfer and local processing requirement
Bank Company Act, 1991 - Act No. 14 of 1991 (ব্যাংক-কোম্পানী আইন, ১৯৯১ - ১৯৯১ সনের ১৪ নং আইন)
Section 12 of the Bank Company Act provides that banks may not transfer records or documents relating to their business outside Bangladesh without prior approval by the Central Bank.
Coverage Financial sector

Report issue     Report new measure