The Sri-Lankan ministry of digital infrastructure and information technology (MDIIT) has published the final draft of the Personal data protection Bill. This draft updates the data protection framework that had already been presented in June by the ministry. The objectives of the proposed legislation are to: Provide for the regulation of the processing of personal data; Identify and strengthen the rights of data subjects; Provide for the designation of the Data Protection Authority; Regulate the dissemination of unsolicited messages using personal data; and Provide legislation for matters incidental to the processing of personal data. According to Daily FT, the Bill will come into force within a period of three years from the date the Speaker ratifies it.