Rajib Kumar Deb :
Global economic strength depends not only on strong digital communication infrastructure and hi tech digital technologies but also on state measurements in respect of Cyber law. There is no exhaustive definition of the term Cyber law but the growth of cyberspace has resulted in the development of a new and highly specialized branch of law called cyber laws-laws of the internet and the World Wide Web. Cybercrime refers to illegal internet-mediated activities that often take place in global electronic networks. Illegal banking transactions through Internet to any dangerous person who might threaten national security, download materials without acquiring proper permissions, sending malicious codes such as viruses and worms through websites and e-mails are the instances of cyber crime.
One may find the auspices of Cyber law over the international instruments: United Nations Convention against Transnational Organized Crime (2000) also known as the Budapest Convention, Convention on the Rights of the Child (1989), Optional Protocol to the Convention on the Rights of the Child (2001), Convention on Cybercrime (2001), Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse (2007). All of international instruments obligate state parties to enact domestic criminal offences that target organized criminal groups and to adopt new frameworks for extradition, mutual legal assistance and law enforcement cooperation with a view to reducing computer related crime by harmonizing national laws. Cybercriminals are hacking different e-accounts to steal money while many others are blackmailing people in various ways. Such an organised crime have skyrocketed in Bangladesh recently posing a new spectrum of security challenges for state authorities.
Giving a parallel effect to the international law and governing the cyberspace, Information &
Communication Technology Act, 2006 (lCT) along with Rules of 2010 and Digital Security Act, 2018 (DSA) have been introduced in the auspices of Cyber law in Bangladesh. To make the Cyber law more effective, Criminal Procedure Code, 1898, Penal Code, 1860, Evidence Act, 1872, Banker’s Books Evidence Act, 1891, Crime Related Interpersonal Assistance Act, 2012 have been referred thereto. With a collateral line up with the legal regime of Cyber law, our honourable High Court Division in a decision recorded in Criminal Appeal No. 1037 of 2017 in Md Sabuj Ahmad vs State has come forward with explanatory guidelines in respect of bail hearing under this law.
Cyber law defines all publications, propagations and expressions for communication made in digital media in digital process, all users, all electronics device and system, all equipment and outputs, illegal entrance, stay and leave, all personnel involved in digitalisation, law of procedure, administrative and judicial agency.
Cyber law formed Certifying Authorities (CA), National Digital Security Council (NDSC) and Digital Security Agency (DSA). The law introduced Bangladesh Telecommunication and Regulatory Authority (BTRA) as a watchdog and linked up with National Computer Emergency Response Team under DSA, Bangladesh Computer Samity, Bangladesh Association of Software and Information Services, Internet Service Providers Association of Bangladesh, National Telecommunication Monitoring Centre as ancillaries to trace out the cybercrime and Cyber security.
Cyber law recognises cyber offences out of which some are cognizable and the rest are non-cognizable. Cyber law stipulates a maximum punishment of 14 years’ imprisonment or a maximum fine of Taka 1 crore or both for cybercrime recognising second time offence with maximum punishment of imprisonment for life or Taka 5 crore or with both. This law established one “Cyber Crime Tribunal” (CCT) and “Cyber Appellate Division” (CAP). CCT shall take cognizance upon police report or prior approval or authorised person and conduct trial of all offences under this law. Any person may bring a complaint of offence, cognizable or non-cognizable, into Tribunal and ejahar only in cognizable offence into police station and the Tribunal may go for investigation or direct for FIR and the police station may record FIR. Since respective cognizance magistrate under this law will act as post box, hence. he cannot forward any complaint petition, if filed before his court, to the concerned police station for taking lawful action upon investigation which will be bad practice of law. Besides the honourable HCD settling a confusing and controversial issue decided that before submission of police report and before taking cognizance Tribunal cannot entertain any prayer for bail but a magistrate, thereby empowered by law, may dispose of bail petition under this Act.
Cyber law requires investigation to be concluded within prescribed time by police officer not below the rank of Sub Inspector even prescribed the provision to hold investigation by the specialised authority or organisation or joint investigation team. The Investigating Officer shall have all the powers as are prescribed for General Registrar case with the power of search, seizure, arrest. The ancillary units of law enforcing agency: Counter Terrorism Unit, Organised Crime Unit of cm, Special Unit of RAB Anti-cyber Crime Department of police may be legal hands to trace out the culprits and assist the court to put him to justice.
Cyber law prescribes provision for Digital Forensic Lab with the purpose of forensic investigation of digital evidence. It helps the incident handling, building capacity on Cyber Security, criminal prosecutors, civil litigation, financial Organizations, law enforcement officials. It can be used in computer, Mobile and Network Forensic. It follows service workflow of Evidence Detection, Evidence Acquisition, Evidence Analysis/ Examination, Documenting and Reporting.
Cyber law prescribes preventive measures by way of removing or block some data-information and Emergency response team. BRTA upon application may remove or block so if any data-information threatens the Digital Security or hampers the nation in terms of unity, financial activities, security, defense, religious values, and Public discipline or incites racism and hatred. Emergency Response Team may take immediate necessary remedial measures if there is any or possibility of cyber or digital attack or if the cyber or if cyber or digital security is hampered.
Cyber law prescribes for provision of interstate application as well as regional and international cooperation. In case of any offence under this Act outside or within Bangladesh, this Act shall apply as such the entire process of the offence or contravention took place in Bangladesh. If regional or international assistance becomes necessary while conducting an investigation or trial of an offence under this Act, then, the provisions of Crime Related Interpersonal Assistance Act, 2012 will be applicable.
Cyber law contains speciality in respect of protection of action done in good faith, the persons functioning in good faith on behalf of the agency shall be exempted from any legal proceedings and network service provider shall not be liable if he proves that the offence or, contravention was committed without his knowledge or that he had exercised due diligence to prevent the commission of such offence or contravention.
Cyber law provides for confiscation of alamots, the computer, computer system, floppy disk by the order of the tribunal seized during investigation. This law makes legal recognition and use of electronics records and digital signature. It also provides provision for independent opinion from an expert in computer science, cyber forensic, electronic communication, data security. This law further provides for secrecy of the information obtained during investigation is considered as offence.
Cyber law has been enacted to provide legal recognition and security of Information & Communication Technology and to ensure National Digital Security. A report published in online news “Dhaka Tribine” on date 20th April, 2019 says, that only conviction rate of Cybercrime is 3% and analyzing data of the country’s lone Cyber Tribunal (Bangladesh) in Dhaka, it was found that charges against the accused were proven in only 15 out of 495 cases, where the accused in 480 cases were relieved of charges since the tribunal’s inception in February 2013. Referring to the opinion of experts the report says that most of the accused are released mostly due to out of court settlements, lack of skilled lawyers and the inexperience of law enforcement in handling cybercrime cases, faulty police probe reports due to lack of skills in handling digital crimes. Forensic reports, electronic devices, and URLs and samples of published incidents, are most important to prove charges against cybercriminals but all of them remain absent due to prosecution weakness.
With the increasing number of social media and boundary less internet jurisdiction, the implementation of Cyber law has become more challenging. The attacks of spamming, phishing, spoofing, Pharming, denial-of-service attacks, distributed, denial of service attacks, viruses, Trojan horse, worms, malware, spyware, and Bonnets have become alarming as the cyber law doesn’t provide for any protection thereto. Since the internet is all over the world the rules and regulations are a bit cloudy. Due to the scarcity of trained specialist assisting the court, it has become very much impossible for the judge to trace the crime as well as the criminal and to punish him. Insiders say there is a need for advanced technology to investigate cybercrime as the current technical support is inadequate in dealing with these new types of crimes. But it is very much appreciable and hope for the best that in line up with international conventions and information and technologically developed state, progressive framework of legal auspices has been made but also given a shape of advancement towards accessible cyberspace.
To sum up, key recommendations are expected to be made for effective implementation of Cyber law. Offence relating to certain violations of privacy should be reviewed and clarified, Particularly a public interest disclosure exemption should be added and its scope should be more clearly limited to public officials. The protection of personal data undergoing automated processing should properly be addressed as part of comprehensive ‘data protection legislation. Professional and developers of ICT-software, middleware and hardware and others responsible for ICT innovations should be made connected with home users and small and medium-sized enterprises in providing the knowledge and professional skill to design ICT systems in face of the growing number of cyber incidents. Tribunal should be made available at district level.
Global economic strength depends not only on strong digital communication infrastructure and hi tech digital technologies but also on state measurements in respect of Cyber law. There is no exhaustive definition of the term Cyber law but the growth of cyberspace has resulted in the development of a new and highly specialized branch of law called cyber laws-laws of the internet and the World Wide Web. Cybercrime refers to illegal internet-mediated activities that often take place in global electronic networks. Illegal banking transactions through Internet to any dangerous person who might threaten national security, download materials without acquiring proper permissions, sending malicious codes such as viruses and worms through websites and e-mails are the instances of cyber crime.
One may find the auspices of Cyber law over the international instruments: United Nations Convention against Transnational Organized Crime (2000) also known as the Budapest Convention, Convention on the Rights of the Child (1989), Optional Protocol to the Convention on the Rights of the Child (2001), Convention on Cybercrime (2001), Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse (2007). All of international instruments obligate state parties to enact domestic criminal offences that target organized criminal groups and to adopt new frameworks for extradition, mutual legal assistance and law enforcement cooperation with a view to reducing computer related crime by harmonizing national laws. Cybercriminals are hacking different e-accounts to steal money while many others are blackmailing people in various ways. Such an organised crime have skyrocketed in Bangladesh recently posing a new spectrum of security challenges for state authorities.
Giving a parallel effect to the international law and governing the cyberspace, Information &
Communication Technology Act, 2006 (lCT) along with Rules of 2010 and Digital Security Act, 2018 (DSA) have been introduced in the auspices of Cyber law in Bangladesh. To make the Cyber law more effective, Criminal Procedure Code, 1898, Penal Code, 1860, Evidence Act, 1872, Banker’s Books Evidence Act, 1891, Crime Related Interpersonal Assistance Act, 2012 have been referred thereto. With a collateral line up with the legal regime of Cyber law, our honourable High Court Division in a decision recorded in Criminal Appeal No. 1037 of 2017 in Md Sabuj Ahmad vs State has come forward with explanatory guidelines in respect of bail hearing under this law.
Cyber law defines all publications, propagations and expressions for communication made in digital media in digital process, all users, all electronics device and system, all equipment and outputs, illegal entrance, stay and leave, all personnel involved in digitalisation, law of procedure, administrative and judicial agency.
Cyber law formed Certifying Authorities (CA), National Digital Security Council (NDSC) and Digital Security Agency (DSA). The law introduced Bangladesh Telecommunication and Regulatory Authority (BTRA) as a watchdog and linked up with National Computer Emergency Response Team under DSA, Bangladesh Computer Samity, Bangladesh Association of Software and Information Services, Internet Service Providers Association of Bangladesh, National Telecommunication Monitoring Centre as ancillaries to trace out the cybercrime and Cyber security.
Cyber law recognises cyber offences out of which some are cognizable and the rest are non-cognizable. Cyber law stipulates a maximum punishment of 14 years’ imprisonment or a maximum fine of Taka 1 crore or both for cybercrime recognising second time offence with maximum punishment of imprisonment for life or Taka 5 crore or with both. This law established one “Cyber Crime Tribunal” (CCT) and “Cyber Appellate Division” (CAP). CCT shall take cognizance upon police report or prior approval or authorised person and conduct trial of all offences under this law. Any person may bring a complaint of offence, cognizable or non-cognizable, into Tribunal and ejahar only in cognizable offence into police station and the Tribunal may go for investigation or direct for FIR and the police station may record FIR. Since respective cognizance magistrate under this law will act as post box, hence. he cannot forward any complaint petition, if filed before his court, to the concerned police station for taking lawful action upon investigation which will be bad practice of law. Besides the honourable HCD settling a confusing and controversial issue decided that before submission of police report and before taking cognizance Tribunal cannot entertain any prayer for bail but a magistrate, thereby empowered by law, may dispose of bail petition under this Act.
Cyber law requires investigation to be concluded within prescribed time by police officer not below the rank of Sub Inspector even prescribed the provision to hold investigation by the specialised authority or organisation or joint investigation team. The Investigating Officer shall have all the powers as are prescribed for General Registrar case with the power of search, seizure, arrest. The ancillary units of law enforcing agency: Counter Terrorism Unit, Organised Crime Unit of cm, Special Unit of RAB Anti-cyber Crime Department of police may be legal hands to trace out the culprits and assist the court to put him to justice.
Cyber law prescribes provision for Digital Forensic Lab with the purpose of forensic investigation of digital evidence. It helps the incident handling, building capacity on Cyber Security, criminal prosecutors, civil litigation, financial Organizations, law enforcement officials. It can be used in computer, Mobile and Network Forensic. It follows service workflow of Evidence Detection, Evidence Acquisition, Evidence Analysis/ Examination, Documenting and Reporting.
Cyber law prescribes preventive measures by way of removing or block some data-information and Emergency response team. BRTA upon application may remove or block so if any data-information threatens the Digital Security or hampers the nation in terms of unity, financial activities, security, defense, religious values, and Public discipline or incites racism and hatred. Emergency Response Team may take immediate necessary remedial measures if there is any or possibility of cyber or digital attack or if the cyber or if cyber or digital security is hampered.
Cyber law prescribes for provision of interstate application as well as regional and international cooperation. In case of any offence under this Act outside or within Bangladesh, this Act shall apply as such the entire process of the offence or contravention took place in Bangladesh. If regional or international assistance becomes necessary while conducting an investigation or trial of an offence under this Act, then, the provisions of Crime Related Interpersonal Assistance Act, 2012 will be applicable.
Cyber law contains speciality in respect of protection of action done in good faith, the persons functioning in good faith on behalf of the agency shall be exempted from any legal proceedings and network service provider shall not be liable if he proves that the offence or, contravention was committed without his knowledge or that he had exercised due diligence to prevent the commission of such offence or contravention.
Cyber law provides for confiscation of alamots, the computer, computer system, floppy disk by the order of the tribunal seized during investigation. This law makes legal recognition and use of electronics records and digital signature. It also provides provision for independent opinion from an expert in computer science, cyber forensic, electronic communication, data security. This law further provides for secrecy of the information obtained during investigation is considered as offence.
Cyber law has been enacted to provide legal recognition and security of Information & Communication Technology and to ensure National Digital Security. A report published in online news “Dhaka Tribine” on date 20th April, 2019 says, that only conviction rate of Cybercrime is 3% and analyzing data of the country’s lone Cyber Tribunal (Bangladesh) in Dhaka, it was found that charges against the accused were proven in only 15 out of 495 cases, where the accused in 480 cases were relieved of charges since the tribunal’s inception in February 2013. Referring to the opinion of experts the report says that most of the accused are released mostly due to out of court settlements, lack of skilled lawyers and the inexperience of law enforcement in handling cybercrime cases, faulty police probe reports due to lack of skills in handling digital crimes. Forensic reports, electronic devices, and URLs and samples of published incidents, are most important to prove charges against cybercriminals but all of them remain absent due to prosecution weakness.
With the increasing number of social media and boundary less internet jurisdiction, the implementation of Cyber law has become more challenging. The attacks of spamming, phishing, spoofing, Pharming, denial-of-service attacks, distributed, denial of service attacks, viruses, Trojan horse, worms, malware, spyware, and Bonnets have become alarming as the cyber law doesn’t provide for any protection thereto. Since the internet is all over the world the rules and regulations are a bit cloudy. Due to the scarcity of trained specialist assisting the court, it has become very much impossible for the judge to trace the crime as well as the criminal and to punish him. Insiders say there is a need for advanced technology to investigate cybercrime as the current technical support is inadequate in dealing with these new types of crimes. But it is very much appreciable and hope for the best that in line up with international conventions and information and technologically developed state, progressive framework of legal auspices has been made but also given a shape of advancement towards accessible cyberspace.
To sum up, key recommendations are expected to be made for effective implementation of Cyber law. Offence relating to certain violations of privacy should be reviewed and clarified, Particularly a public interest disclosure exemption should be added and its scope should be more clearly limited to public officials. The protection of personal data undergoing automated processing should properly be addressed as part of comprehensive ‘data protection legislation. Professional and developers of ICT-software, middleware and hardware and others responsible for ICT innovations should be made connected with home users and small and medium-sized enterprises in providing the knowledge and professional skill to design ICT systems in face of the growing number of cyber incidents. Tribunal should be made available at district level.