Data Protection Authority (DPA)

The Data Protection Authority of Sri Lanka was established under the PDPA, in August 2023, to regulate personal data processing and protect individuals' privacy. This authority is committed to ensuring that all entities, both public and private, adhere to the legal obligations set out in the Act. By securing personal data and promoting regulatory compliance, the Authority aims to foster growth and innovation in Sri Lanka's digital economy, ensuring that digital transactions and communications are both safe and trusted.

Website: https://www.dpa.gov.lk/