Shifting Gears in Sri Lanka’s Online Safety Laws
After months of heated debates, Sri Lanka’s parliament has tweaked the controversial Online Safety Act (OSA), attempting to fix its most disputed parts. The eye-catching move? The government ditched the divisive clause punishing so-called ‘religious outrage’, which had been flagged by rights groups for stifling free speech. But according to legal analysts and digital rights advocates, these changes only scratch the surface. There’s plenty of unfinished business if Sri Lanka wants its digital laws to truly respect human rights and personal freedoms.
The big question vexing critics is: Can the OSA really balance national safety with human rights protections in the digital realm? Right now, many believe the Act still lacks the teeth, fairness, and oversight needed to stand up to international standards.
Calls for Inclusive and Transparent Reform
Leading voices, including academics and tech policy experts, are pushing for an overhaul of how the law is governed and enforced. The usual approach—government officials crafting rules behind closed doors—just isn’t cutting it anymore. Advocates argue for a new multi-stakeholder process, inviting civil society groups, digital experts, private industry, and respected international organizations like United Nations agencies to sit at the table. Wide consultation, they say, is crucial for building trust and crafting laws that fit everyday realities, not just what looks good on paper.
But structure alone isn’t enough. There’s a growing demand for platforms themselves—think big social networks or messaging apps—to step up with real accountability. That means regular transparency reports, open audits, and human rights impact assessments, so the public can see whether these platforms are genuinely safeguarding users or just paying lip service. This push is modeled on global best practices, including the work of former UN Special Rapporteur David Kaye and think tanks like Chatham House.
The conversation has also turned to privacy. Many Sri Lankans now expect clear, written rules that protect their private conversations, especially encrypted messages. Advocates are adamant that the OSA must never undermine end-to-end encryption, as weakening this could open the door to abuse—not just by hackers, but sometimes by the authorities themselves.
When it comes to enforcement, proportionality is the word of the hour. Critics say harsh penalties for minor breaches only scare people away from using online tools or expressing honest opinions. Instead, they’re pushing for remedies and appeals processes that let users challenge takedowns or penalties they feel are unfair, and that aim to fix mistakes rather than simply punish.
Lastly, groups are urging the government and platforms to take up positive obligations: actively promoting free speech, running digital literacy campaigns, and supporting a diverse online ecosystem. Just blocking nasty content isn’t enough—digital spaces should encourage everyone to take part and stay informed.
Much of this thinking aligns with the GNI (Global Network Initiative) framework, which lays out four pillars for responsible digital governance: legality, legitimacy, necessity, and privacy. Basically, any rules about online safety should be grounded in publicly available law, serve a real and urgent need, be strictly necessary rather than excessive, and fiercely protect users’ private data.
For now, Sri Lanka’s Online Safety Act sits at a crossroads. Recent edits are a signal that change is possible. But the toughest challenge—crafting a law that actually protects people’s rights while keeping them safe online—still lies ahead. As the debate rumbles on, eyes across the region are watching to see if Sri Lanka can set a standard for democratic, rights-respecting digital governance in Asia.