Sri Lanka

HomeSri Lanka

Sri Lanka: The Cyber Security Act of 2019

The Cyber Security Act of 2019 is a law in Sri Lanka that provides a legal framework for establishing a national cybersecurity system. The law addresses threats to the country’s critical infrastructure and online activities. It also provides for establishing a National Cyber Security Council, responsible for coordinating and implementing cybersecurity policies and measures in the country.

The law outlines various cybersecurity obligations for service providers, including reporting cybersecurity incidents, protecting personal data, and complying with cybersecurity guidelines. It also provides for the appointment of a national cybersecurity specialist responsible for identifying and responding to cybersecurity incidents.

The Cyber Security Act of 2019 is a significant step towards improving Sri Lanka’s cybersecurity readiness and protecting the country from the growing threat of cybercrime.

Download Law

1 – Short Title and date of operation

PART I: OBJECTIVES OF THE ACT
2 – Objectives of the Act

PART II: DIGITAL INFRASTRUCTURE PROTECTION AGENCY OF SRI LANKA
3 – Establishment of the Agency
4 – Powers, duties and functions of the Agency
5 – Constitution of the Board
6 – Disqualifications from being a member of the Board
7 – Meetings of the Board
8 – Seal of the Agency
9 – Acts not invalidated by reason of vacancy or defect in appointment
10 – Remuneration of members
11 – Term of office of the appointed members

PART III: APPOINTMENT OF THE DIRECTOR GENERAL AND STAFF OF THE AGENCY
12 – Appointment of the Director General
13 – Other officers and employees of the Agency
14 – Appointment of public officers to the staff of the Agency

PART IV: INSTITUTIONAL FRAMEWORK TO ASSIST THE AGENCY
15 – Sri Lanka Computer Emergency Readiness Team
16 – Minister to seek assistance of other institutions in the event of national security etc

PART V: CRITICAL INFORMATION INFRASTRUCTURE
17 – Designation of a computer or computer system as CII
18 – Obligations of the owner of the CII

PART VI: FUND OF THE AGENCY
19 – Fund of the Agency

PART VII: PENALTIES
20 – Imposition of penalties to enforce compliance

PART VIII: MISCELLANEOUS
21 – Financial year and audit of accounts
22 – Power of entry, inspection and search
23 – Agency to be scheduled institution within the meaning of the Bribery Act (Chapter 26)
24 – Members, officers and servants of the Agency deemed to be public
25 – Acquisition of immovable property under the Land Acquisition Act
26 – Expenses in suit or prosecution to be paid out of the Fund
27 – Annual Report
28 – Directions by the Minister
29 – Duty to maintain confidentiality
30 – Rules
31 – Regulations
32 – Interpretation
33 – Sinhala text shall prevail

Download Law

Comments are closed.

Close
About Decybr

Decybr is a technology platform offering an extensive database of international legal resources including laws, case laws and legal literature on cybercrimes. Branded as Decybrary, this database aggregation will be classified and searched by professionals using AI technology.

In addition to providing access to a comprehensive database of legal resources to professionals, Decybr will also offer online training to professionals on the legal and IT aspects of the laws, case laws and legal literature within cybercrime.

Archives