I hereby declare that my thesis titled Perceptions into the Cybercrimes and Cybersecurity Measures in Bangladesh: A Quest for Operative Legal Remedies: A study is the result of my own work, and to the best of my knowledge and belief, it contains no material previously published or written by another person.
I also declare that it was not published anywhere in the form of a book or article. The materials from other books, articles, and websites that I have used in my paper are fully acknowledged at the respective places in the text. This thesis cannot be copied without prior permission of the author.
The above-announced statements are completely true. This undergraduate thesis has been submitted for evaluation.
Dedicated
to
My Parents
TABLE OF CONTENTS
Acknowledgement
Table of Content
Abstract
Chapter One
General Introduction
1.1 Background of the study 1
1.2 Statement of the Problem 2
1.3 Research Objective 3
1.4 Research Questions 3
1.5 Significance of the Study 3
1.6 Scope and Limitation of the Study 4
1.7 Motivation 4
1.8 Chapterization 5
1.9 Conclusion 5
Chapter Two
Literature Review
2.1 Introduction 9
2.2 Review of Literature and critical Analysis 10
2.3 Conclusion 12
Chapter Three
Research Methodology
3.1 Introduction 13
3.2 Investigation on Different Methods 14
3.3 Selection of Appropriate Method with Justification 14
3.4 Research Project Management 16
3.5 Finance 16
3.6 Conclusion 16
Chapter Four
Concept and Development of Cyber Law
4.1 Introduction 17
4.2 Meaning 17
4.3 Historical Development of Cyber Law 20
4.4 Cyber Crime 20
4.5 Characteristics of Cyber Crime 21
4.6 Types of Cyber Crime 21
4.7 Cyber Laws Classifications 23
4.8 Causes for Cyber Crime 24
4.9 Conclusion 25
Chapter Five
Legal Framework
5.1 Introduction 27
5.2 Cyber Jurisdiction in Bangladesh 28
5.3 Several Acts for Safeguarding Cyber Security 29
5.4 Cyber Crimes/Offenses and Penalties Under Different Acts in Bangladesh 31
5.5 Weakness of Cyber Law in Bangladesh 39
5.6 Potential Loopholes in Cyber Laws in Bangladesh 40
5.7 Conclusion 40
Chapter Six
Case Studies
6.1 Introduction 42
6.2 Case Study 42
6.3 Challenges of Cyber Law 44
6.4 Conclusion 46
6.4 Conclusion 46
Chapter Seven
Conclusion
7.1 Introduction 47
7.2 Findings 47
7.3 Recommendation 48
7.4 Conclusion 49
Bibliography…………………………………………………………………………………….50
Abstract
This thesis investigates the intricate dynamics of cybercrimes and cybersecurity measures in Bangladesh, highlighting the pressing need for effective legal remedies amidst the rising tide of digital threats. As Bangladesh embraces rapid digital transformation, the dual-edged nature of Information and Communication Technology (ICT) emerges, fostering economic growth while simultaneously exposing critical vulnerabilities to cyber threats. The authors conduct a thorough analysis of the current cybersecurity landscape, emphasizing the human factor as a significant weakness in the defense against cybercrime. By critically reviewing existing legal frameworks, including the Telecommunication Regulation Act, ICT Act, and Digital Security Act, the paper reveals the inadequacies of current laws and advocates for comprehensive reforms. It underscores the necessity of public-private partnerships and international collaboration to enhance cybersecurity awareness and education among citizens. The research proposes actionable recommendations for improving legal structures and fostering cross-border cooperation, serving as a vital resource for policymakers, law enforcement, and civil society in building a resilient cybersecurity framework. Ultimately, this paper not only contributes to the discourse on cybercrime but also establishes a foundation for future research, addressing the urgent challenges posed by the digital age.
Keywords: Cybercrime, Cybersecurity, Bangladesh, Legal Framework, ICT, Public Awareness, International Cooperation, Digital Security, Legal Reforms, Human Factor.
Chapter One
General Introduction
1.1 Background of the study
In this digital age, the increasing reliance on technology has rendered our societies increasingly vulnerable to cyber threats, necessitating a focused examination of their implications. The internet has become an integral part of our daily lives, the way we communicate, work, and interact with the world.The advancement of Information and Communication Technology (ICT) in recent decades has provided the world with countless scientific benefits, as the innovation of modern devices, applications, and software has expanded the global communication system, transforming the world into a global village. Communication via Facebook, Twitter, WhatsApp, Instagram, and other social networking platforms has eliminated geographical barriers and facilitated social interaction globally. The contemporary world is progressing towards digitalization due to advancements in internet and computer technology; yet, this growth has facilitated several abusive and immoral applications of these technologies for criminal activities. Data breaches, dissemination of false information, identity theft, credit card fraud, online harassment, cyber laundering, child exploitation, and intellectual property theft are significant examples of cybercrime globally. The rapid expansion of ICT has led to an increase in cybercrime, which poses a significant threat to national security, as numerous countries rely on computer networking systems to safeguard their security information and confidential policies.Cybercrime encompasses any illicit activity facilitated by computers, the internet, or social media. Cyberspace is a virtual environment of computer networks that enables cybercriminals to perpetrate illicit actions from a different country. This crime primarily targets hospitals, government offices, police stations, banks, and telecommunications companies. The evolving nature of cybercrime has made the determination of jurisdiction for prosecution a complex technical and legal task globally. The number of internet users in Bangladesh is continuously increasing at an alarming rate. Capitalizing on this significant financial potential, broadband and mobile network carriers have provided high-speed internet access across. Business organizations, educational institutions, and other social facilities are provided with Wi-Fi service on their grounds. These reasons have significantly augmented the number of internet users, with over 91 million residents of Bangladesh becoming internet subscribers and nearly 90 million utilizing smartphones. Banks are now offering rapid services to their consumers through mobile banking, which has gained significant popularity in the country. The remarkable rise in the utilization of contemporary technology has rendered both individuals and major enterprises vulnerable to cyberattacks, which can undermine national security and stability. An essential aspect of the "Digital Bangladesh" agenda has been initiated; nonetheless, the country's ICT infrastructure remains inadequately developed. Consequently, the nation has already faced numerous cybersecurity issues. A variety of cybercrimes perpetrated via social media are addressed, including defamation, religious intolerance, obsessive romantic pursuits, online sales fraud, dissemination of rumors, and pornography.
In 2001, the Parliament of Bangladesh promulgated the Telecommunication Regulation Act to mitigate cybercrime via telecommunication instruments. Subsequently, the Information and Communication Technology (ICT) Act of 2006 was enacted, which specifically delineated the investigative and judicial processes for online offenses. The ICT Division implemented the Information Security Guidelines and the National Cyber Security Strategy (NCSS) in 2014 to safeguard national cyberspace against unforeseen threats. Nevertheless, no substantial national advancement was observed with the ICT Act and NCSS, despite the relentless increase in internet usage. Consequently, the government implemented the Digital Security Act, 2023, to address the swift proliferation of crimes involving computers, the internet, or social media. It is regrettable that none of these national cybercrime regulations constitute a comprehensive statute to address the varied instances of cybercrime. Moreover, these fragmented legislations have expanded the prevalence of cyber violence in Bangladesh by inadequately holding offenders accountable under the law.The ineffectiveness and deficiencies in national legislation, the relative novelty of cybercrime, and the lack of public awareness have placed the nation's cybersecurity in a significant crisis.
1.2 Statement of the Problem
The problem statement in this study should include a thorough explanation of the specific issue or problem related to cybercrime in Bangladesh. The availability of internet access is the most significant factor contributing to cybercrime. Millions of people are suffering and losing their lives as a result of it. Many of them have suffered serious injuries as a result of cybercrime. According to my research, adults and children make up the majority of cybercrime victims. Pornographic websites, the availability of illegal substances, unlawful access, and other issues all have a significant impact on the younger generation. These concerns make individuals more curious about criminal subjects that they should not be aware of, which pushes them to commit crimes out of curiosity.
1.3 Research Objective
The core objective of this paper is to explore the diverse nature of cyber violence and ways to prevent cybercrimes in Bangladesh. The paper further focused to achieve the following objectives:
1.4 Research Questions
This segment indicates what questions would arise while reading this paper, and solving these questions would give the purpose of this research. The following research questions are:
i. Which types of cybercrimes are currently occurring in Bangladesh?
ii. What are the current legal remedies to prevent cybercrimes in Bangladesh?
iii. Why public consciousness important about cybercrimes and cybersecurity measures?
iv. How can cybercrimes be prevented through the statutory laws of Bangladesh?
1.5 Significance of the Study
This study holds immense significance in the context of Bangladesh's digital transformation. By tackling the weaknesses in cybersecurity, it establishes a basis for safeguarding individuals, enterprises, and governmental bodies against cyber threats. The analysis underscores the socio-economic impacts of cybercrimes, stressing the necessity for a robust legal and policy framework to cultivate trust in digital systems. Moreover, it highlights the necessity of harmonizing national initiatives with international cybersecurity benchmarks to effectively address cross-border cyber threats. This study's findings will provide valuable insights for policymakers, legal practitioners, and cybersecurity professionals in developing comprehensive strategies to strengthen cybersecurity resilience in Bangladesh.
1.6 Scope and Limitation of the Study
The principal objectives of the study are to ascertain the principal risks associated with cybercrimes in Bangladesh and devise strategies for their prevention. Large-scale crimes that regularly happen in Bangladesh also impact common people since cybercrimes have a wider scope than traditional crimes. The dark web and hidden networks make it impossible to find justice in these situations because of their great harm and anonymity. There is a limit to the examples that are discussed in this research. This study is restricted by the present Bangladeshi laws and regulations that are being prosecuted. There are indeed many obstacles to conducting research in Bangladesh, including missing or lacking data, occasional delays by law enforcement committees or agencies, a lack of interest among victims in providing information, a lack of interest in studying this field, and a shortage of jobs in the field.
1.7 Motivation
This thesis is motivated by the rising incidence of cybercrimes in Bangladesh and the urgent necessity for appropriate legal and policy measures. As technology becomes essential to everyday life, the ramifications of cyber attacks encompass not only financial losses but also violations of privacy, deterioration of public trust, and risks to national security. This research is motivated by my academic interest in cyber law and digital governance, as well as my aspiration to enhance the safety of the digital ecosystem in Bangladesh. Moreover, witnessing the challenges faced by individuals and organizations in addressing the intricacies of cybercrime situations underscores the imperative for a comprehensive legal framework. This study seeks to reconcile theoretical knowledge with practical solutions, providing actionable insights for politicians, legal experts, and cybersecurity professionals.
1.8 Chapterization
The technique of segmenting a larger work is called "chapterization." I've broken up my analytical investigation into different segments. There are seven distinct chapters in this work.
Chapter One: General Introduction
Chapter Two: Literature Review
Chapter Three: Research Methodology
Chapter Four: Conceptual Framework
Chapter Five: Legal Framework
Chapter Six: Case Studies and Challenges
Chapter Seven: Recommendations and Conclusion
1.9 Conclusion
Bangladesh is becoming more and more dependent on technology and the internet, which has led to an increase in cybercrime. Bangladesh confronts enormous hurdles in maintaining cybersecurity, defending vital infrastructure, and preserving the security and privacy of its people in light of the growth in cybercrime. The purpose of this thesis is to investigate the reasons behind cybercrime in Bangladesh as well as its effects and potential remedies.
Chapter Two
Literature Review
2.1 Introduction
Here, every piece of information, source, and material in the literature review has been collected from Genie, Safari, Wikipedia, Google, and other research articles, studies, essays, and papers to get more ideas about my research. Those pieces of information were taken for additional research work and altered; that's why all the data could be understood smoothly. Some information is from "A Textbook in Cyber Law in Bangladesh" by Dr. Zulfiquar Ahmed and other textbooks on cybersecurity-related cases that are ongoing and settled. Various materials have been collected from the existing laws of Bangladesh regarding cyber law and various domestic and foreign cases, especially in Canada, the USA, the UK, and India. Sometimes some information is taken from DLR. The materials for the Bangladeshi case have been taken from the media or newspapers mentioned, such as Bdnews24, Banglanews24, Samakal, Jago News, Prothom Alo, Jugantar, Naya Digant, Ittefaq, The Daily Star, and others.
2.2 Review of Literature and critical Analysis
2.2.1 Cyber Security Awareness in Bangladesh: An Overview of Challenges and Strategies
The authors aim to address the challenges and strategies related to cybersecurity awareness in Bangladesh, emphasizing the need for improved education, government policies, and community engagement to enhance the overall security environment in the context of increasing ICT usage. They highlight the importance of understanding the human factor in cybersecurity and propose actionable measures to build a culture of awareness and resilience against cyber threats.
2.2.2 An Insight Into The Cybercrimes And Cyber Security Measures In Bangladesh
The authors aim to address the growing challenges of cybercrime in Bangladesh, highlighting the inadequacies of current legal frameworks and cybersecurity measures. They advocate for comprehensive legal reforms, enhanced public awareness, and international cooperation to effectively combat cyber threats and protect individual rights in the digital space.
2.2.3 Cyber law: Bangladesh perspective
The paper focuses on the challenges posed by cybercrimes in Bangladesh and evaluates the country's legal frameworks, such as the ICT Act 2006 and Digital Security Act 2023. It aims to explore gaps, propose solutions to enhance cybersecurity measures, and ensure the protection of digital rights while addressing enforcement, policy gaps, and international collaboration.
2.2.4 Ahmed Dr. Zulfiqar, March 2009, A Textbook on Cyber Law in Bangladesh
Dr. Zulfiqar Ahmed's A Textbook on Cyber Law in Bangladesh addresses the foundational principles and evolving challenges of cyber law in Bangladesh. The author focuses on providing a comprehensive overview of the legal frameworks, highlighting key issues like cybercrime prevention, legal enforcement, and the intersection of digital governance with individual rights in cyberspace. The book also emphasizes the need for continuous legal advancements to address the dynamic nature of cyber threats.
2.2.5 Bhuiya Md. Mubarak Hossain, A Textbook on Digital Security Act and Rules, 2023, edition 2023.
Md. Mubarak Hossain's Digital Security Act and Rules, 2023 offers an in-depth exploration of the latest legal provisions under Bangladesh's Digital Security Act. The author aims to elucidate the updated legal framework, its application to contemporary digital threats, and its implications for balancing cybersecurity enforcement with the protection of civil liberties.
2.2.6 A Textbook on Theory and Practice of Cyber Security Measures in Bangladesh Perspective, University Publications.
Ahmed Rizvi's Theory and Practice of Cyber Security Measures in Bangladesh Perspective examines the theoretical underpinnings and practical applications of cybersecurity in Bangladesh. The author highlights the challenges of implementing effective measures and advocates for robust policies to strengthen the nation's defense against cyber threats while ensuring adaptability to evolving digital landscapes.
2.2.7 Islam Md. Shahidul, BAUET JOURNAL, Major Threats of Cyber Crime in the Current Scenario: A Study on Bangladesh Perspective, Volume 01. Issue 01, 2017.
A Study on Bangladesh Perspective by Dr. Md. Shahidul Islam focuses on identifying significant cyber threats in Bangladesh. It aims to highlight vulnerabilities in the nation's digital landscape. Analyze emerging cybercrime trends and propose measures for enhancing cybersecurity preparedness and policy responses.
2.2.8 M. M. Islam & M. M. Rahman, "Cyber Law in Bangladesh: A Critical Appraisal of the Information and Communication Technology Act, 2006," International Journal of Cyber Criminology.
The authors discuss its strengths and limitations, particularly in addressing cybercrimes within Bangladesh's legal framework. They highlight areas for improvement, emphasizing the need for a more comprehensive and updated approach to effectively combat evolving digital threats.
2.2.9 K. Mahmood & M. A. Hossain, "Cyber Laws in Bangladesh: An Analysis of the Information and Communication Technology Act, 2006." International Journal of Cyber Security and Digital Forensics 6, Issue 3. 2017.
The author critically examines the ICT Act, focusing on its application to cybercrimes in Bangladesh. The authors analyze the Act's effectiveness, identify its shortcomings, and recommend enhancements to ensure better alignment with modern cybersecurity needs and international standards.
2.2.10 Cyber Security in the Globalized World: Challenges for Bangladesh
The authors of the paper aim to address the significant challenges Bangladesh faces in cybersecurity due to globalization, lack of advanced technology, and insufficient public awareness. They emphasize the need for improved legal frameworks, international cooperation, and individual responsibility to combat cyber threats effectively and protect national security.
2.3 Conclusion
In conclusion, we can see that while existing works on cybercrimes and cybersecurity legal measures underscore the critical importance of upholding legal principles, they also reveal significant limitations in practical implementation. The exploration of corruption as a violation of fundamental rights demonstrates its pervasive impact on democratic institutions and social equity. Weak transparency measures, inadequate enforcement of accountability, and the obsolescence of legal frameworks undermine efforts to address this menace. Justifications for these studies rest on the undeniable necessity of safeguarding privacy rights, as enshrined in legal and international charters. They provide a foundational basis for advocating systemic reforms. Similar studies of cyber rights violations in Bangladesh, particularly by law enforcement agencies, underscore critical flaws, such as the lack of accountability. The escalating threat of cybercrimes in Bangladesh necessitates a multifaceted response involving public awareness, robust legal frameworks, and enhanced law enforcement capabilities. This thesis underscores the urgent need for actionable measures and provides a roadmap for ensuring a secure digital environment in Bangladesh.
Chapter Three
Research Methodology
3.1 Introduction
Methodology forms the core of any research, providing a systematic framework to collect, analyze, and interpret data. It is the structured approach that ensures research is conducted in a logical, consistent, and reliable manner. This section serves as a roadmap, detailing the strategies and processes employed to achieve the research objectives and answer the study's key questions. In essence, methodology serves as the link between theory and practical application. It encompasses the design of the study, the methods of data collection, and the techniques used for data analysis. By clearly defining the methodology, researchers enhance the transparency and reproducibility of their work, allowing others to critically evaluate and build upon their findings. The choice of methodology is closely tied to the nature of the research question. Broadly, methodologies are categorized into qualitative, quantitative, and mixed methods. Qualitative methods focus on understanding complex, subjective phenomena through interviews, observations, and textual analysis. Quantitative methods, on the other hand, rely on numerical data and statistical tools to test hypotheses and identify patterns. Mixed methods combine these approaches to provide a more comprehensive understanding of the research problem. This study's methodology is designed to align with its objectives, ensuring that the data collected is relevant, reliable, and valid. It includes the justification for the selected approach, a description of data sources, sampling techniques, and tools for analysis. Additionally, measures to address ethical considerations and minimize biases are highlighted to ensure the integrity of the research process. By providing a detailed account of the methodology, this section establishes a foundation for credible and meaningful results, ensuring that the research contributes effectively to the broader body of knowledge.
3.2 Investigation on Different Methods
i. Quantitative research methodology focuses on measuring and testing numerical data. This approach is good for reaching a large number of people in a short amount of time. This type of research helps in testing the causal relationships between variables, making predictions, and generalizing results to wider populations.
ii. Qualitative research methodology examines the opinions, behaviors, and experiences of people. It collects and analyzes words and textual data. This research methodology requires fewer participants but is still more time-consuming because the time spent per participant is quite large. This method is used in exploratory research where the research problem being investigated is not clearly defined.
iii. Mixed-method research methodology uses the characteristics of both quantitative and qualitative research methodologies in the same study. This method allows researchers to validate their findings, verify if the results observed using both methods are complementary, and explain any unexpected results obtained from one method by using the other method.
3.3 Selection of Appropriate Method with Justification
Selecting the appropriate research method is a critical step in the research process, as it directly impacts the quality, reliability, and relevance of the study's findings. The choice depends on several factors, including the nature of the research problem, the objectives of the study, and the type of data needed to address the research questions.
i. Research Objectives:
The goals of the study significantly influence the choice of method. If the aim is to explore complex, subjective phenomena, a qualitative approach may be more suitable. For studies that seek to measure variables or test hypotheses, a quantitative approach is appropriate.
ii. Nature of the Research Question:
Open-ended questions like "Why do individuals behave in a certain way?" often require qualitative methods. Conversely, questions such as "What is the relationship between X and Y?" are best addressed through quantitative methods.
iii. Type of Data Needed:
Qualitative data is ideal for understanding behaviors, experiences, and perspectives. Quantitative data is used to measure, compare, or predict outcomes based on statistical analysis.
iv. Resources and Constraints:
Practical considerations, such as time, budget, and availability of resources, play a role in method selection. Qualitative methods are often time-intensive, while quantitative methods may require access to specific tools or large sample sizes.
v. Audience and Purpose:
If the findings need to be generalizable or used for policy-making, quantitative methods may be preferred. For studies aiming to generate detailed insights or theories, qualitative methods are advantageous.
vi. Mixed-Methods Approach:
In cases where neither qualitative nor quantitative methods alone suffice, combining both approaches can provide a comprehensive perspective, leveraging the strengths of each.
My research type is more quantitative method. My research paper is based on documents, online searches, suggested information from Google, and other search engines. After analyzing files and other research papers, I finished the research paper. There is a huge area of using qualitative methods in this type of research paper. But according to the above criteria, the objective is to show the threats to the fundamental rights, and that's why the quantitative method is best for collecting more information rather than the qualitative method. And also, qualitative methods are more time-consuming than quantitative methods. So, for this reason, I choose to continue with the quantitative method.
3.4 Research Project Management
This is an individual research project managed by the author of this paper, completed under the supervision of the Department of Law and Justice, Bangladesh Army University of Engineering and Technology (BAUET). The duration of this research is six months.
3.5 Finance
Every research project needs proper funding. Without proper funding, a research project cannot fulfill its purpose or otherwise lacks proper resources. This research is also funded. And it is funded by the Bangladesh Army University of Engineering and Technology (BAUET). As this research is undergoing in this university is under the supervision of the Department of Law and Justice.
3.6 Conclusion
A well-structured methodology is pivotal in ensuring the validity, reliability, and overall success of a research study. The methodology serves as the blueprint that guides the research process, defining the strategies, techniques, and tools employed to collect, analyze, and interpret data. In this study, the methodological approach was meticulously chosen to align with the research objectives, ensuring that the data collected were both relevant and comprehensive. Quantitative methods provided robust numerical insights, enabling the establishment of patterns and correlations, while qualitative techniques offered a deeper understanding of contextual factors and subjective experiences. The integration of both methods, when applicable, allowed for a more holistic examination of the research questions. Sampling strategies, whether random, stratified, or purposive, were carefully designed to ensure representativeness and mitigate biases. Additionally, ethical considerations, such as informed consent and confidentiality, were rigorously upheld throughout the research process, fostering trust and integrity. The tools and instruments used for data collection, including surveys, interviews, or observational techniques, were selected for their relevance and reliability. Data analysis methods were tailored to suit the nature of the data, employing statistical software for quantitative data and thematic analysis for qualitative insights. This methodological rigor ensured that the findings are not only credible but also replicable by other researchers. In conclusion, the methodology adopted in this study provides a structured and transparent framework that underpins the reliability and validity of the results. By addressing potential limitations and incorporating measures to mitigate them, the methodology enhances the robustness of the study. This systematic approach ensures that the findings contribute meaningfully to the existing body of knowledge, paving the way for further research and practical applications in the field.
Chapter Four
Concept and Development of Cyber Law
4.1 Introduction
The expansion of cyberspace in the digital age has made the establishment of legal frameworks to control online activities necessary. Cyber law, sometimes known as internet law or digital law, addresses a broad variety of legal issues relating to the internet, cyberspace, and emerging technologies. This study looks at the progress and significance of cyber legislation in Bangladesh by analyzing its past, present, and possible future developments.
4.2 Meaning
Cyber Law: The expansion of cyberspace in the digital age has made the establishment of legal frameworks to control online activities necessary. Cyber law, sometimes known as internet law or digital law, addresses a broad variety of legal issues relating to the internet, cyberspace, and emerging technologies. This study looks at the progress and significance of cyber legislation in Bangladesh by analyzing its past, present, and possible future developments.
Cybersquatting: Cybersquatting is the term used to describe the potentially profitable practice of registering well-known brand names or names that are strikingly similar to a trademark as domain names for the Internet. then charging businesses that own the trademarks exorbitant prices for them.
Encryption: The process of transforming data into a format that only the intended recipient can read is called encryption. The recipient of the encrypted data must possess the appropriate decryption key in order to decode the message. In conventional encryption techniques, data is encrypted and decrypted using the same key by both the sender and the recipient. Two keys are used in public-key encryption schemes: a public key that is accessible to all users and a private key that is unique to the person who generated it.
Cryptography: These days, it's difficult to distinguish between something and nothing that is cryptography. however, to the majority of people. as well as for this class's objectives. The secret nature of communication is the focus of cryptography. For example, preventing Internet snoopers from accessing the electronic transfer of your Visa number.
Cyber Threat: A threat that specifically targets computer networks, systems, and user data is known as a cybersecurity threat. Malware, phishing, and other malicious activity are some of the ways that these dangers might manifest. A threat that specifically targets computer networks, systems, and user data is known as a cyber security threat.
Digital Signature: A digital signature means data in an electronic form that (a) is related with any other electronic data directly or logically, and (b) is able to satisfy the following conditions for validating the digital signature- (i) affixing with the signatory uniquely; (ii) capable to identify the signatory, (iii) created in safe manner or using a means under the sole control of the signatory, and (iv) related with the attached data in such a manner that is capable to identify any alteration made in the data thereafter.
Digital Signature Certificate: Digital Signature Certificate means a certificate issued under section 36.
Electronic Form: Electronic Form with reference to information means any information generated, sent, received or stored in media, magnetic, optical, computer memory, microfilm, computer generated microfiche or similar device or technology.
Electronic Gazette: Electronic Gazette means the official gazette published in the electronic form in addition to official printed & published gazette.
Electronic Record: Electronic Record means data, record, or data-generated image or sound stored, received or sent in an electronic form or microfilm or computer-generated microfiche.
Internet: The Internet means such an international computer network by which users of computer, cellular phone or any other electronic system around the globe can communicate with one another and interchange information and can browse the information presented in the websites.
Electronic Mail: Electronic Mail means information generated electronically and transmitted using the internet.
Data: Data means a representation of information, knowledge, facts, concepts or instructions which are being prepared or have been prepared in a formalized manner, and is intended to be processed, is being processed, or has been processed in a computer system or computer network, and may be in any form including computer printouts, magnetic or optical storage media, punch cards, punched tapes or stored internally in the memory of the computer.
Data Message: Data Message means electronic, electronic data interchange including optical, electronic mail, telegram, telex, fax, telecopy, short message or created something similar, sent, received or stored information. Website: Website means document and information stored in computer and web server which can be browsed or seen by the user through internet.
Computer: Computer means any electronic, magnetic, optical or other high-speed data processing device or system that performs logical, arithmetical and memory functions by manipulations of electronic, magnetic, or optical impulses, and includes all input, output, processing, storage, computer software or communication facilities which are connected or related to the computer in a computer system or computer network.
Computer Network: Computer computer network means the interconnection of one or more computers through the use of satellite, microwave, terrestrial line, wireless equipment, wide area network, local area network, infrared, WiFi, Bluetooth or other communication media; and terminals or a complex consisting of two or more interconnected computers whether or not the interconnection is continuously maintained.
4.3 Historical Development of Cyber Law
Historical Development of Cyber Law: When internet usage in Bangladesh started to rapidly increase in the early 2000s, the nation's legal framework for cyberspace began to take shape. The government passed the Information and Communication Technology (ICT) Act in 2006 after realizing the necessity for legislative measures to combat new cyber-threats and control online behavior. The goals of this Act were to prevent cybercrime, safeguard digital data, and enable electronic commerce. Bangladesh's cyber legal framework has been further modified by subsequent revisions and laws, bringing it into line with global best practices and changing technological trends.
4.4 Cyber Crime
Including a range of illegal actions carried out online, cybercrime represents a substantial problem for Bangladesh. Cyberbullying, online fraud, identity theft, hacking, and the spread of malicious content are examples of common cybercrimes.Strong regulatory measures are required to discourage offenders and protect digital assets, since the spread of social media platforms and digital financial services has increased the scope of cybercrime.
Cybercrimes provide serious obstacles for Bangladeshi citizens, companies, and the government. These crimes cover a broad spectrum of illegal actions carried out via digital platforms, such as identity theft, online fraud, cyberbullying, hacking, and the distribution of harmful content. The prevalence of cyber crimes highlights how crucial it is to have strong legal frameworks and law enforcement to properly counter these threats. The ICT Act of Bangladesh identifies different types of cyber crimes and lays forth punishments for violators. Furthermore, the government assigned specific sections within law enforcement agencies the responsibility of looking into and prosecuting cyber criminals. Nevertheless, in spite of these initiatives, cyber crimes persist and require ongoing modifications to legal frameworks and law enforcement tactics in order to remain ahead of their perpetrators.
4.5 Characteristics of Cyber Crime
The characteristics of cybercrime are discussed below:
1. Global Reach: Cyber crimes can be easily perpetrated from anywhere in the world and across international borders.
2. Anonymity: It might be difficult for law authorities to track down offenders because they frequently choose to stay anonymous or conceal their real identity online.
3. Speed and Efficiency: Cyber crimes can be carried out quickly and effectively, giving offenders the opportunity to immediately target several victims.
4. Invisibility: Since cyber crimes may leave no physical trace, they can be more difficult to identify than regular crimes.
5. Low Risk, High Reward: Compared to more conventional criminal operations, cyber-criminals may be able to make substantial gains at a comparatively low risk.
6. Constantly Changing. To take advantage of emerging weaknesses, cyber-criminals strategies and techniques are constantly modifying and adapting.
4.6 Types of Cyber Crime
There are many different types of cyber crime in Cyber Space, but some of the most common include:
Phishing: A type of cyber attack where attackers impersonate trusted entities to steal sensitive information such as usernames, passwords, credit card details, etc.
Malware: malicious software designed to damage, disrupt, or gain unauthorized access to computer systems, devices, or networks.
Ransomware: A form of malicious software that locks users out of their systems or encrypts their data, demanding payment (usually in cryptocurrency) for the release of the data or system.
Cybersquatting: The practice of registering domain names with the intent of selling them at a higher price, often infringing on trademarks or established brand names.
Identity theft: The unlawful use of someone’s personal information, such as Social Security numbers or financial details, to commit fraud or other crimes.
Cyber Threat: Any potential occurrence that could cause harm to computer systems, networks, or data, such as viruses, hacking attempts, or data breaches.
DDoS attacks: Distributed Denial of Service attacks, where multiple systems flood a network or server with traffic to overwhelm and shut down its availability.
Cyberstalking: Repeated and unwanted online behavior aimed at harassing, intimidating, or controlling a victim through electronic communications.
Viruses: Malicious programs that replicate themselves and spread to other systems, often causing harm to data, systems, or networks.
Hacking: Unauthorized access to computer systems or networks, usually to extract, alter, or damage data or disrupt services.
Credit card fraud: The use of stolen credit card information to make unauthorized transactions or purchases.
Harassment: Unwanted, aggressive behavior online, including sending threats, offensive messages, or bullying someone through digital means.
Software Piracy: The illegal copying, distribution, or use of software without permission from the owner or developer.
Botnets: Networks of connected devices (computers, IoT devices, etc.) infected and controlled remotely to carry out malicious activities, like sending spam or DDoS attacks.
Cyberbullying: The use of digital platforms to harass, intimidate, or embarrass someone repeatedly, often targeting vulnerable individuals.
Social media: Online platforms for sharing information, communication, and social interaction, which can also be used for various forms of cybercrime.
Worms: Self-replicating malware that spreads independently from system to system, exploiting vulnerabilities to propagate and cause damage.
Fraud: The use of deceit or trickery, typically in a financial context, to gain an advantage or cause loss to another party.
Cyber espionage: The act of using computer networks to gain unauthorized access to confidential information from governments, companies, or organizations for competitive or political advantage.
Data breach: An incident where sensitive, confidential, or protected data is accessed or stolen without authorization.
Copyright infringement: Unauthorized use or distribution of copyrighted content, such as music, videos, images, or software, which violates copyright laws.
Email scams: Fraudulent emails designed to trick recipients into revealing sensitive information, transferring money, performing other actions that benefit the scammer.
Cyber crimes: Illegal activities that involve computers, networks, or the internet, ranging from hacking to identity theft and beyond.
Online job fraud: Scams where victims are offered fake job opportunities that require payments for things like training, materials, or upfront costs, leading to financial loss.
Illegal gambling: Placing bets or wagers on games of chance through unauthorized or unregulated online platforms.
Spreading hate and inciting terrorism: Using digital platforms to propagate hate speech, extremist views, or violence against others, which can lead to severe consequences
4.7 Cyber Laws Classifications
Cyber laws in Bangladesh can be divided into a number of groups according to their goals and areas of application. These include rules controlling cybersecurity, data security, intellectual property rights, data protection, and internet governance. The cornerstone of Bangladesh's cyber law framework is the ICT Act, which offers legal tools to manage a range of cyber-related issues. It has since been amended, and additional rules have been added.
Based on their areas of attention, cyber laws in Bangladesh can be divided into multiple categories:
Cyber-security Laws: The purpose of these regulations is to guard against unauthorized access, disruption, or damage to computer systems, networks, and data. They contain clauses pertaining to the creation of incident response systems, cyber- security frameworks, and cyber-attack fines.
Electronic Transactions Laws: These rules provide electronic contracts and documents with legal legitimacy and validity. They also regulate digital signatures. online transactions, and electronic commerce. They safeguard privacy and protect consumers while encouraging the expansion of e-commerce.
Intellectual Property Laws: Trademarks, patents, copyrights, and other forms of intellectual property are all protected in cyberspace by these laws. They facilitate the enforcement of intellectual property rights in the digital sphere by addressing problems including online piracy, counterfeiting, and infringement.
Privacy Laws: In order to protect people's right to privacy, these rules govern the gathering, storing, and use of personal information online. Companies are required to protect sensitive information and get permission before processing it.
4.8 Causes for Cyber Crime
Modern technology is slowly increasing the number of cyber threats, and these attacks can sometimes be unpredictable. This crime has the potential to affect anyone. In Bangladesh, 73% of women are victims of cybercrime, according to an online newspaper.
The main factors contributing to cyber crime and cyber-vulnerability are as follows:
1. Lack of schooling and illiteracy: Bangladeshi internet users are subject to some limitations on their ability to access online information because of their high rate of illiteracy. It is therefore difficult for them to access and use the internet. The main issues are education and the lack of an integrated computer safety measures system. Their understanding of computer network usage is inadequate.
2. Private information is online: Cyber trespass occurs when someone purposefully and without authorization enters, modifies, removes, breaks, destroys, or interrupts any computer, computer network, or computer programme. The majority of the time, it was discovered that internet users kept private or secret information online. Cyber- criminals can therefore gain unauthorized access to the other accounts. Spam emails, website hacking, computer break-ins, etc. are a few examples.
3. A relatively small amount of data storage space: A computer is a device with the unusual ability to condense internet content into a very small amount of breathing room. RAM, ROM, hard disc, CD, pen drive, etc, are a few examples. People may so quickly discard or infer knowledge, whether it be objective or subjective, depending on which order they start with.
4. Inadequate operating system and negligence: It has a very tight relationship to solo performance. Therefore, it is discovered that the user either improperly logged out or neglected to close the network (internet) after utilizing the computer system. As a result, thieves were able to simply divide into the network system. This is a result of computer operators' lack of sufficient understanding to properly manage any computer network.
4.9 Conclusion
In summary, Bangladesh has made an effort to adapt to the advantages and drawbacks of the digital era, as shown in the creation and development of cyber laws. The government's dedication to establishing a safe and supportive atmosphere for digital innovation and economic expansion is demonstrated by the passing of the ICT Act and the ensuing legislative changes. However, because cyberspace is constantly changing, frameworks for cyber law must be continuously improved and adjusted in order to handle new risks and safeguard stakeholders' interests. Bangladesh can successfully reduce cyber threats and capitalize on the revolutionary possibilities of the digital revolution by fostering awareness, cooperation, and enforcement.
Chapter Five
Legal Framework
5.1 Introduction
Bangladesh has implemented several pieces of legislation to combat cybercrime, including the Information and Communication Technology (ICT) Act of 2006, which covers cyber terrorism, hacking, data manipulation, identity theft, and online pornography distribution. The Digital Security Act of 2018, which replaced some provisions of the ICT Act, introduced stricter measures against online defamation, hate speech, fake news dissemination, and rumors. However, it has raised concerns about potential impacts on freedom of expression and press freedom. Bangladesh also has the Money Laundering Prevention Act of 2012, which deals with financial fraud and money laundering, and the Copyright Act, which safeguards intellectual property rights in the digital sphere. Despite these legal actions, Bangladesh still faces challenges in efficiently preventing and maintaining cybersecurity. To combat transnational cyber threats and defend the digital economy and society, enforcement measures, capacity building, and international cooperation are needed. Policymakers and stakeholders must regularly assess and update legal frameworks to effectively address new cyber threats as the digital ecosystem changes.
5.2 Cyber Jurisdiction in Bangladesh
Jurisdiction means the authority which a court has to decide matters that are litigated before it or to take cognizance if matters are presented in a formal way for its decisions. it could be said that it is the power/authority of the court to decide matters that are brought before him. In this context, jurisdiction over activities on the Intermet has become a battleground for the struggle to establish the rule of law in the Information Society.
The rise of the global computer network is destroying the link between geographical location and The power of governments to assert control over online behavior, The effects of online behavior on individuals or things,The legitimacy of the efforts of a local sovereign to enforce rules applicable to global phenomena, and The ability of physical location to give notice of which sets of rules to apply. The net thus radically subverts a system of rule-making based on borders between physical spaces, at least with respect to the claim that cyberspace should naturally be governed by territoriality defined rules.
The Internet explosion has generated many jurisdictional disputes, putting the onus on courts to determine how to apply historic concepts regarding personal jurisdiction to the boundary-less world of the Internet. With so many outsourcing activities in India and the popularity of networking websites, a fresh continuum of cases related to "Personal Victimization" and "Economic Offences" in the nature of data protection. cyber defamation, security, ete have evolved. Hacking initiated at one place adversely affects any other place/institution and brings them to limbo.
Relevant Legislations of Cyber Jurisdiction in Bangladesh:
1) Information & Communication Technology Act, 2006: Section 4 of the ICT Act, 2006 implies that the Act shall apply to an offence or contravention committed outside India by any person if the act or conduct constituting the offence involves a computer, computer system or computer network located in Bangladesh.
2) The Penal Code, 1860: Section 3 and 4 of the Penal Code, 1860, provide extra-jurisdictional power to Bangladeshi courts. Section 3 punishes offenses committed beyond Bangladesh, which can be tried within Bangladesh. The same provisions apply to acts committed outside Bangladesh as if they were committed within Bangladesh. Section 4 extends the Code to extra-territorial offenses, affecting any offense committed by any person on a registered ship or aircraft in Bangladesh. The term "offence" includes any act committed outside Bangladesh that would be punishable under the Code.
3) The Code of Criminal Procedure, 1898: Section 188 of the Bangladesh Penal Code states that even if a citizen outside the country commits an offense, the same offense is subject to the jurisdiction of courts in Bangladesh. This jurisdiction is similar to traditional crimes in Bangladesh, and subjective territoriality prevails. Liability for offenses committed outside Bangladesh is the same as if the offense had been committed within Bangladesh. Political agents must certify the fitness of inquiry into charges, and no charge for such offenses shall be investigated in Bangladesh without government sanction. Any proceedings against a person under this section that would bar subsequent proceedings for the same offense if committed in Bangladesh will also bar further proceedings under the Extradition Act, 1974.
5.3 Several Acts for Safeguarding Cyber Security
5.3.1 Cyber Crime & ICT ACT, 2006
The rise of the cyber world has led to increased technological advancements and the term "cyber" being used. The development of Information and Communication Technology (ICT) has led to the rise of cyberspace, providing equal access to high-tech tools for data storage and analysis. However, technology misuse has led to a surge in both domestic and foreign cyber crimes. The German State of Hesse passed the Data Protection Act, 1970, the first computer-specific law in history. As technology advances, so does its potential for misuse, necessitating stringent legal frameworks to control illegal activity online and safeguard the system of technological growth. The Indian parliament passed the "INFORMATION & COMMUNICATION TECHNOLOGY ACT, 2006" to address technology in banking, e-commerce, and e-governance, as well as the penalties and punishments associated with cyber crimes. Cyber crimes encompass not only financial crimes but also illegal activities carried out through the use of computers, such as pornography, online gambling, financial crimes, cyber-defamation underestimation, cyber stalking, unauthorized access to computer systems, theft of information, email bombing, and physical damage to computer systems.s.
5.3.2 Cyber Laws in Bangladesh
Information and Communication Technology Act, 2006
In order to stop cyber crimes The Information and Communication Technology Act 2006 (ICT Act) was first passed by the government of Bangladesh. In order to give information and communication technology legal status and security, the government established the aforementioned Act. The government has also made multiple amendments to the Act.
The purpose of the 2006 ICT Act is to:
Providing legal recognition for e-commerce and e-transactions;
Promoting the growth of electronic-based transactions;
Enabling e-governance;
To maintain security procedures and stop crimes using computers;
The acknowledgment of digital signatures and electronic documents;
Reasons for coming into existence: ICT Act 2006; there are several causes for this:
*Widespread use of social media platforms
Computers are used extensively for banking and financial transactions.
All businesses keep their records digitally.
Forms are filed electronically for all applications.
Plastic and digital money are used extensively for shopping.
Email and SMS communication is common.
Products are purchased through e-commerce platforms.
Digital signatures are often used
Pornography, viewing, and creation of offensive content
Objectives of ICT Act 2006:
To give transactions legal recognition
frequently known as electronic commerce, and conducted using electronic data interchange (EDI) and other electronic communication methods;
To make electronic payments and document filing with government entities easier;
The Act additionally calls for the establishment of the Cyber;
Regulations Advisory Committee: This body advises the government on regulations and other matters pertaining to the aforementioned act.
Pornography Control Act, 2012
Pornography Control Act 2012 is a law of Bangladesh which prohibits the carrying. exchange, use, sale, etc. of pornography. The law was first approved in the form of a proposal (Bill) by the Council of Ministers. During the 1st session of the Ninth National Parliament, Home Minister Sahara Khatun on 29th January. Raised the bill. The Bill was referred to the Home Ministry-related Parliamentary Standing Committee for scrutiny. The Pornography Control Act 2012 was then approved on 28 February 2012.
The Copyright Act, 2005
The Copyright (Amendment) Act 2005 (Act No. 14 of 2005) was enacted on May 18, 2005, amending the Copyright Act, 2000, which had superseded the Copyright Ordinance, 1962. This Act states that copyright registration in Bangladesh is optional rather than required. The registration creates proof of ownership in the event that copyright is contested. The Act complies with both the TRIPS Agreement and the Bern Convention. It has many clauses about copyrights for digital media and computer programmes, databases, movie theatre, broadcasting, performers' rights, phonograms, and other things.
5.4 Cyber Crimes/Offenses and Penalties Under Different Acts in Bangladesh
5.4.1 Offences & Penalties Under Section (54-67) Information and Communication Technology Act, 2006
Section 54. Penalty for damage to computer, computer system, etc:
Unauthorized access to computer systems or networks for information destruction or retrieval.
Extracting or downloading data or information from such systems.
Introduction of computer contaminants or viruses into computer systems or networks.
Damage or intentional damage to computer systems or networks.
Disruption of any computer system or network.
Denying access to authorized users.
Facilitating access to computers or networks without proper permission.
Generating spam or unwanted electronic mails without permission.
Charging services by tampering with or manipulating any computer system or network.
Penalties include imprisonment for up to ten years, fines up to Taka ten lakh, or both.
Definitions of "computer contaminant," "computer database," "computer virus," and "damage" are provided.
Section 55. Punishment for tampering with computer source code:
• Offence involves concealing, destroying, altering, or causing others to do so, when the source code is required by law.
• Penalties include imprisonment for up to three years, a fine of up to Taka three lakhs, or both.
• "Computer source code" refers to the listing of programs, computer commands, design and layout, and program analysis of computer resources.
Section 56. Punishment for hacking with computer system:
A person who intentionally destroys or alters computer resources, diminishing their value or utility, or causes damage through illegal access to non-owned electronic systems is considered a hacker. This offense can result in imprisonment for up to ten years, a fine of up to Taka one crore, or both. The offender is also liable for damages through illegal access to the system..
Section 57. Punishment for publishing fake, obscene or defaming information in electronic form:
A person who intentionally publishes or transmits fake and obscene material on websites or electronic forms, causing depravity or corruption, deteriorating law and order, prejudiced state image, hurting religious belief, or instigates against any person or organization, is considered an offence. The offender can face imprisonment for up to ten years and a fine of up to Taka one crore. This offense is punishable under the relevant circumstances.
Section 61. Punishment for unauthorized access to protected systems:
• Violations of section 47 of the Act constitute an offence.
• Offences can result in imprisonment up to ten years, a fine up to Taka ten lakhs, or both.
Section 62. Punishment for misrepresentation and obscuring information:
Whoever makes any misrepresentation to, or suppresses any material fact from the Controller or the Certifying Authority for obtaining any licence or Digital Signature Certificate shall be regarded as an offence.
Whoever commits any offence under sub-section (1) of this section he shall be punishable with imprisonment for a term which may extend to two years, or with fine which may extend to Taka two lakhs, or with both.
Section 63. Punishment for disclosure of confidentiality and privacy:
• No one can disclose electronic records, books, registers, correspondence, documents, or other materials without consent.
• Offences under sub-section (1) can result in imprisonment up to two years, a fine up to Taka two lakhs, or both.
Section 64. Punishment for publishing false Digital Signature Certificate:
• Digital Signature Certificates cannot be published or made available if the Certifying Authority, subscriber, or certificate has been revoked or suspended.
• Publication is for verifying a digital signature created before suspension or revocation.
• Breaching these rules constitutes an offence.
• Offences can result in imprisonment, fines, or both.
Section 65. Punishment for publishing Digital Signature Certificate for fraudulent purpose etc:
Whosoever knowingly creates and publishes or otherwise makes available a Digital Signature Certificate for any fraudulent or unlawful purpose shall be regarded as an offence.
(2) Whoever commits any offence under sub-section (1) of this section he shall be punishable with imprisonment for a term which may extend to two years, or with fine which may extend to Taka two lakh, or with both.
Section 66. Punishment for using computer for committing an offence:
(1) Whosoever knowingly assists committing crimes under this Act, using any computer, e-mail or computer network, resource or system shall be regarded as an offence.
(2) Whoever aids committing any offence under sub-section (1) of this section he shall be punishable with the punishment provided for the core offence.
5.4.2 Cyber Fraud in Bangladesh
In the modern, convergence of communication era, Online payments, online banking, online shopping, In virtually every area of our lives, including online ticket purchases, intermet lotteries, data transfers, data conversations, and auctions, we must traverse a superhighway.
Therefore, we must navigate online. While the ICT Act, 2006 does not define cyber fraud, it does contain certain sections that are pertinent to Bangladesh's efforts to prevent and manage cyber fraud. Any individual who accesses, downloads, copies, or extracts data, computer data base, or information from any computer, computer network, computer system, computer data or data base, or data stored in removable media, such as CDs, Floppy discs, or DVDs, without the owner's permission, or who causes similar damage, faces a minimum sentence of seven years in prison and a maximum sentence of fourteen years in prison, as well as tk. one crore in compensation.
5.4.3 Offences & Penalties Under Section (17-37) The Cyber Security Act, 2023
Section 25. Transmission, publication, ete. of offensive, false or threatening data- information.
• Offences include intentionally transmitting offensive, false, or threatening data-information to annoy, insult, humiliate, or malign a person.
• Offences also include publishing propaganda or false information with the intention to affect the country's image or reputation.
• Penalties for such offenses range from imprisonment for up to three years, or a fine of up to Taka 3 lac.
• Repeated offenses can result in imprisonment for up to five years, or a fine of up to Taka 10 lac.
Section 27. Offence and punishment for committing cyber terrorism.
• Obstructing legal access or illegally accessing computer or internet networks.
• Ensuring state's integrity, security, and sovereignty.
• Creating public fear or panic.
• Pollution or malware in digital devices.
• Potentially causing death or serious injury.
"The Cyber Security Act 2023, s 21,25
Cyber Terrorism Penalties
•Offences include affecting public supply and service, affecting critical information infrastructure, or gaining access to protected data or databases.
• Penalties range from 14 years imprisonment to a fine of Taka 1 crore or both.
• Repeated or repeated offenses can result in life imprisonment or a fine of Taka 5 crore or both.
• Penalties for repeated offenses are also outlined.
Section 28. Publication, broadcast, etc. of information in website or in any electronic format that hurts the religious values or sentiment.
• Offences include publishing or broadcasting anything that hurts religious sentiment or values.
• Penalties range from imprisonment for five years to a fine of Taka 10 lac.
• Repeated offenses result in imprisonment for ten years or a fine of Taka 20 lac.
Section 29. Publication, transmission, etc. of defamatory information.
Penal Code Section 499: Defamation Penalties
• Penalties for publishing or transmitting defamatory information: imprisonment for up to 3 years, fines up to Taka 5 lac, or both.
• Penalties for repeating or committing the offense: imprisonment for up to 5 years, fines up to Taka 10 lac, or both.
Section 32. Offence and punishment for breaching secrecy of the Government.
• Offences committed using digital devices or networks can result in 14 years of imprisonment or a fine of Taka 25 lac.
• Repeated offenses can lead to life imprisonment or a fine of Taka 1 crore.
5.4.4 Offences & Penalties Under Section (82-93) The Copy Right Act, 2005
Section 82. Offences of infringement of copyright or other rights conferred by this Act.
• Infringement of copyright in a work or other rights, except for cinematography film, can result in imprisonment for up to six months and a fine of up to taka two lakh.
• If infringement is not for profit in trade or business, a shorter sentence may be imposed.
• Infringement in cinematograph film can result in imprisonment for up to one year and a fine of up to taka five lakh.
Section 84. Offence relating to publication, use ete of infringing copy of computer program.
• Infringement of copyright can result in imprisonment for up to four years and a fine of up to taka four lakh.
• Use of infringed copy in computer can result in imprisonment up to three years and a fine of up to taka three lakh.
• If infringement is not for profit in trade or business, the court may impose a sentence of less than three months and a fine of less than taka twenty-five thousand.
Section 87. Penalty for making false entries in the Register, ete, or producing or tendering false evidence.
• Making or causing a false entry in the Register of Copyrights.
• Making or causing a writing falsely claiming to be a copy of any entry.
• Producing or tendering an entry or writing as evidence, knowing it to be false.
• Penalties may include imprisonment for up to two years, a fine up to taka ten thousand, or both.
Section 88. Penalty for making false statements for the purpose of deceiving or influencing any authority.
• Deception of authority or officer in Act's functions.
• Influence in Act's omission or making false statements.
• Penalties: imprisonment up to two years, fine up to taka twenty five thousand, or both.
Section 89. False attribution of authorship.
• Inserting or affixing a person's name in a work implying their authorship.
• Publicly exhibiting a work with a person's name implying their authorship or publisher.
• Distributing reproductions of a work with a person's name implying their authorship.
• Publicly performing or broadcasting the work as the work of a particular author.
• Penalties include imprisonment for up to two years, a fine up to taka twenty-five thousand, or both.
Section 90. Penalty for contravention of section 73.
Any person who publishes a record or a video film in contravention of the provision of section 73 shall be punished with imprisonment, which may extend to three years or with fine which may extend to taka three lakh, or with both.
The Proposed Cyber Security Rules, 2024, aim to establish a comprehensive framework for enhancing cyber security in Bangladesh. Here are some key aspects and discussions surrounding these rules:
Narrow Scope:
• The rules focus on specific issues related to the National Cyber Security Agency (NCSA), not providing a comprehensive approach to cyber security.
• The rules lack a robust legal framework for effective data processing and acquisition, which could hinder cross-border data requests and mutual legal assistance treaties (MLATs).
Concerns Over Arbitrary Power:
• Rule 26 of the rules grants the Director General of the NCSA the authority to seek assistance from external experts, potentially leading to arbitrary decision-making.
Language and Clarity:
• The language used in the rules is criticized for being unprofessional and misleading, potentially hindering understanding and implementation.
Human Rights Considerations:
• Concerns are raised about the potential impact of the rules on freedom of expression and privacy.
• The rules do not provide adequate protections against abuse of power, particularly in monitoring and censorship under the guise of cybersecurity.
Comparison with Previous Legislation:
• The rules largely replicate provisions from the earlier Digital Security Rules, 2020, raising questions about the innovation and effectiveness of the new rules.
Need for Comprehensive Reform:
• The thesis advocates for a thorough redraft of the Cyber Security Act and its associated rules, incorporating expert recommendations and best practices.
Key Objectives:
• Strengthening Cyber Security Infrastructure: The rules aim to create a robust institutional framework, particularly through the establishment and empowerment of the National Cyber Security Agency (NCSA).
• Defining Roles and Responsibilities: The rules aim to outline the roles, responsibilities, and powers of the NCSA and other relevant entities involved in cyber security.
• Enhancing Data Protection: The rules aim to improve the legal framework surrounding data protection and privacy.
• Promoting Public Awareness and Education: The rules aim to foster awareness and understanding of cyber security issues among the public and private sectors.
• Aligning with International Standards: The rules aim to align Bangladesh's cyber security framework with international best practices and standards.e.
Review of Proposed Cyber Security Rules, 2024
The Proposed Cyber Security Rules, 2024, represent a significant step towards enhancing the cyber security landscape in Bangladesh. However, a critical examination reveals both strengths and weaknesses that warrant attention.
Strengths:
• Recognize the growing importance of cyber security for national and economic security.
• Establish a framework to address vulnerabilities faced by public and private sectors.
• Align with global trends in cyber security to foster trust and cooperation.
• Focus on the institutional framework with the establishment of the National Cyber Security Agency (NCSA).
• Potential for improvement by building upon the existing legal framework and incorporating comprehensive measures to address evolving cyber threats.
Weaknesses:
• Limited Scope: The rules focus on specific aspects of the NCSA's operations but lack a comprehensive approach to cyber security.
• Lack of Robust Legal Framework: The rules lack a robust legal framework for data processing and acquisition, potentially hindering effective prosecution of cyber criminals and limiting evidence gathering.
Related to the 2002 National ICT Policy
• Foundation for Cyber Security Framework: The 2002 ICT Policy laid the groundwork for the proposed Cyber Security Rules, 2024.
• Focus on ICT as a Development Driver: The rules aim to create a secure digital environment supporting national development goals.
• Emphasis on Data Security: The rules aim to enhance data protection measures and establish protocols for managing cyber incidents.
• Legislative Evolution: The rules reflect ongoing efforts to adapt to new cyber threats and challenges.
• Alignment with National Development Goals: Both the 2002 ICT Policy and the rules aim to enhance governance, public utility services, and online services through improved ICT infrastructure.
5.5 Weakness of Cyber Law in Bangladesh
According to Section 76(2), the offenses committed under the Bangladesh Information and Communication Technology Act 2006 are not punishable by law. To obtain redress, the victim must report the incident to the law enforcement authorities. This is the stated act's primary flaw. Section 68 of the aforementioned act stated at the time of its implementation that every district in Bangladesh would see the establishment of a cyber tribunal. However, as of right now, Dhaka City has only one constituted tribunal. The resolution of cyber disputes is uncommon due to the reliance on technological specialists, skilled attorneys, and judges." Judges, attorneys, and specialists should have extensive training in order to eliminate this type of case backlog. Under the direction of the Deputy Commissioner of Police, the Bangladeshi police have established a dedicated division known as the "Anti-Cyber Crime Department" to combat email fraud, cyber-attacks, defamation, and the publication of photos without permission. But because there aren't enough skilled workers, the department hasn't been able to meet public demand. The plaintiff's lack of visibility prevents the filing of a case. The state is unable to assume liability in the role of a plaintiff. As of date, no criminal has received a penalty from the Cyber Tribunal. As a result, criminals continue to persist in committing crimes in the belief that they will go unpunished. One of the primary shortcomings in the application of the Bangladesh Information and Communication Technology Act 2006 is this.
5.6 Potential Loopholes in Cyber Laws in Bangladesh
• Lack of Comprehensive Legislation: Absence of a comprehensive and up-to-date cyber law framework may lead to gaps in addressing various cyber-crimes effectively.
• Enforcement Challenges: Limited resources, expertise, and coordination among law enforcement agencies can hinder the enforcement of cyber laws.
• Data Protection and Privacy Concerns: Inadequate provisions for data protection and privacy regulations may leave individuals vulnerable to breaches and misuse of personal information.
• Jurisdictional Issues: Cybercrimes often transcend borders, creating challenges in investigating and prosecuting cyber offenders.
• Lack of Awareness: Insufficient awareness among the general public and legal professionals about cyber laws may impede effective implementation and compliance.
• Lack of Clarity: Ambiguity in certain cyber laws can lead to misinterpretation and exploitation.
• Jurisdictional Challenges: Cyber-crimes often transcend borders, posing challenges in investigation and prosecution.
• Enforcement Issues: Limited resources and expertise can hinder effective enforcement of cyber laws.
• Data Protection: Weak data protection laws may leave individuals vulnerable to data breaches and privacy violations.
• Rapid Technological Advancements: Laws may struggle to keep pace with evolving technologies, creating gaps in addressing new cyber threats.
5.7 Conclusion
In conclusion, laws concerning cyber-crime play a crucial role in safeguarding individuals and businesses in the digital realm, deterring unlawful online activities, and facilitating the prosecution of offenders. These laws are continuously evolving to address the dynamic nature of cyber threats and to ensure a secure and resilient cyberspace for all users. Laws pertaining to cyber-crime are vital for addressing digital offenses, protecting individuals and organizations in the online world, and maintaining the integrity and security of cyberspace. These laws serve as a framework to combat cyber threats, promote accountability, and ensure a safer digital environment for all.
Chapter Six
Case Studies and Challenges
6.1 Introduction
This chapter is crucial since it provides numerous answers to real-world questions regarding the causes of unresolved and unpunished cyber-crime. A brief analysis of Bangladesh's cyber legislation reveals which clauses are used to support cyber-based cases. Case studies that provide insight into the potential consequences of cyber-crime and the outcomes of related court proceedings. Cyber law case studies offer actual instances of legal concerns pertaining to data security, cyber-security, cybercrimes, and internet laws. Professionals and students can benefit from these studies' insightful analysis of how laws are applied in the online environment, which helps them better appreciate the intricacies of legal frameworks in the digital age.
6.2 Case Study
Bangladesh Bank Cyber Heist
In 2016, hackers infiltrated the Bangladesh central bank's computer systems and attempted to steal nearly $1 billion from its account at the Federal Reserve Bank of New York. They used malware to compromise the bank's SWIFT network, which is used for international financial transactions. However, the majority of the transactions were blocked, but $81 million was successfully transferred to accounts in the Philippines.
While the hackers were able to transfer a significant amount of money, a portion of it was eventually recovered. Investigations were conducted by Bangladeshi authorities with assistance from international agencies. In 2019, a court in Bangladesh sentenced eight people to death for their involvement in the cyber heist, including a former bank employee and several IT technicians.
RAB vs. Rumana Manzur
Rumana Manzur, a Canadian-Bangladeshi woman, was the victim of a horrific cybercrime incident in 2011. Her husband, Hasan Sayeed Sumon, brutally attacked her. gouging out her eyes and severely beating her after accusing her of having an affair because of her increased social media activity. Rumana Manzur was a Fulbright scholar and a faculty member at Dhaka University. Her case highlighted the dangers of cyberbullying and domestic violence fueled by suspicions arising from online activities.
Hasan Sayeed Sumon was arrested and charged with attempted murder and torture. In 2013, a court in Bangladesh sentenced him to life imprisonment for his heinous crime against his wife. This case shed light on the intersection of cybercrime and domestic violence, emphasizing the need for stricter laws and better enforcement to protect individuals from such atrocities.
E-mail Threats to Former Prime Minister (2020)
On April 17, 2020, two individuals sent an email threatening to murder Prime Minister Sheikh Hasina. The government of Saudi Arabia assisted in the arrest and deportation. Deen Islam and Kabir Hossain are the people that were taken into custody. They are being held by the police. The CTTC claims that an email with the subject line "Prime Minister Sheikh Hasina will be shot at 4 a.m. on April 27" was forwarded to the Dhaka Metropolitan Police (DMP). The authorities in Bangladesh are powerless to stop this atrocity.
Mahmudur Rahman Case (2012)
This case, which involves broadcasting a private Skype discussion and is regarded as one of the first incidents of cybercrime, raises concerns over information freedom. The chief judge of the International Crimes Tribunal (ICT), which is charged with investigating war crimes committed during the nation's 1971 independence war. resigned as a result of a sensitive Skype conversation that was leaked, among other offences, and Bangladesh police detained Mahmudur Rahman, editor of the Bengali daily Amar Desh, from his office in Dhaka on Thursday.
WannaCry Ransomware Attack (2017)
In May 2017, a ransomware assault known as WannaCry struck systems running Microsoft Windows. The attack encrypts data and demands payment in Bitcoin. It was a global cyberattack. Because of a flaw in the Server Message Block (SMB) protocol, the attack gained momentum very quickly. More than 200,000 machines across more than 150 nations were impacted, including FedEx, the National Health Service (NHS) in the UK, and Telefonica, a Spanish telecommunications business. Before the victims' files could be unlocked, the ransomware demanded money. In addition to demanding payment in Bitcoin, the attackers threatened to remove the encrypted files if the ransom was not paid in a predetermined amount of time. The assault took advantage of a flaw in previous iterations of Windows, for which Microsoft had patched the system months beforehand. Eventually, the attack was linked to the North Korean cyber-criminal group Lazarus Group, which is well-known for carrying out intricate cyber operations. The event made clear how crucial it is to maintain cyber-security hygiene, update software often, and create data backups in order to lessen the effects of cyber-attacks. It also emphasised the necessity of international cooperation in order to successfully defend vital infrastructure from cyber-attacks.
6.3 Challenges of Cyber Law
Accessing electronic evidence is difficult, and service providers don't cooperate. Even though the legislation has this provision, it is not implemented since many law enforcement officials are unaware of it and their authority to require compliance from service providers. The intricate process of gathering proof in order to win cases and obtain a head start on the internet makes the research necessary. Examples include numerous instances of online attacks against young women. Additionally, there have been documented instances of businesses in competition being harmed by the internet.
Finding the information's original source is challenging in this case, considerably within the nation, the Cyber Crime Unit and other law enforcement units frequently cannot access the information source. The situation becomes considerably more complicated when the service provider is not within our jurisdiction, in which case we would need to rely on requests for mutual legal assistance. When information is disseminated over social media sites like WhatsApp, this frequently occurs.
Handling electronic evidence improperly, a few of our investigators are inexperienced in obtaining electronic evidence in accordance with our admissibility guidelines. As a result, the courts dismiss really important evidence.
Chain of custody, maintaining appropriate custody is crucial to ensuring the admissibility of electronic evidence in court when it is transferred between different institutions.
The digital forensic techniques available to law enforcement institutions are insufficient for gathering electronic evidence. Occasionally, investigators need help with digital forensics, and that means turning to private cyber forensic firms.
Lengthy waits related to the collection of evidence. This is typically the situation when dealing with bank frauds enabled by the internet, as attacks on the bank's software originate from outside the nation. Cooperation from foreign nations is required for investigations and prosecutions, and this frequently necessitates a lengthy evidence collection process.
Lack of a trend and skilled labour to design and implement the growing problems in cyberspace.
In addition to giving rise to cyber-terrorism and a lack of societal awareness, cyber-attacks have also made cyber-crime hackers more skilled every day due to the abundance of online resources on hacking and cyber-crime.
Bangladesh Cyber Cell's computer sector understanding is minimal. The majority of candidates in the cyber cell department lack literacy and understanding compared to the younger hackers in the community Compared to other crimes in the nation that require attention, the government budget passed for security purposes in cyber law enforcement and training programmes is less. The government is typically unable to identify the original sources of cyber-crime networks and is also unable to apprehend hackers or cyber-terrorists because of the most recent technologies
and the youthful, updated cyber-hacker population's faster working speed, which consistently outpaces the government departments and sectors in charge of cyber crime.
The government's existing laws and regulations for the improvement of cyber cells in India are insufficient; more work needs to be done, and stricter laws should be passed for the improvement of cyberspace. Internet users also need to be aware of government programs and schemes, as they relate to other criminal activities. The improvement of national privacy and our everyday lives both depend on cyber crime.
6.4 Conclusion
Individuals, companies, and governments all have a role to play in maintaining computer security. A broad topic that is growing more significant these days is computer security. Indeed, terrorists use the internet to communicate, threaten, extort, raise money, and plan their attacks. To decrease the abuse of the internet and illicit websites, the government ought to take more action Individuals, companies, and governments all have a role to play in maintaining computer security. A broad topic that is growing more significant these days is computer security. Indeed, terrorists use the internet to communicate, threaten, extort, raise money, and plan their attacks. To decrease the abuse of the internet and illicit websites, the government ought to take more action.
Chapter Seven
Conclusion
7.1 Introduction
In the culmination of this thesis, synthesizing the insights and findings presented throughout the preceding chapters. In this chapter, we will reflect on the critical issues surrounding cybercrimes and cybersecurity measures in Bangladesh, emphasizing the urgent need for a robust legal framework and effective policy interventions. As the digital landscape continues to evolve, the challenges posed by cyber threats become increasingly complex, necessitating a comprehensive understanding of both the legal and practical dimensions of cybersecurity. This chapter will also explore the implications of the research findings for various stakeholders, including policymakers, law enforcement agencies, and civil society, while proposing actionable recommendations aimed at enhancing the resilience of Bangladesh's cybersecurity framework. By addressing the gaps identified in the existing literature and legal structures, this chapter aims to provide a roadmap for future initiatives that can effectively combat cybercrime and safeguard the digital rights of citizens in Bangladesh.
7.2 Findings
On the basis of my research, I found some problems that
The Information and Communication Technology Act of 2006 is insufficient to address cyber crime.
Only a few provisions of the Information and Communication Technology Act of 2006 address cyber crime, and even then, the details are unclear.
According to the Information and Communication Technology Act of 2006, punishment is not suitable for the type of crime that is being sought after.
Pornography Act 2012 and Child Pornography also enacted for protect the cyber from the pornography. Cyber crime will not be covered by this Act in its entirety. This is the procedure; no one posts porn on the internet, but where is the fix?
Cyber crime is not mentioned in our Penal Code; nonetheless, Section 13 lists comparable offences.
Just cellular networks are covered by the Bangladesh Telecommunication Act of 2001. It is either not very current or does not address cyber crime in any way.
7.3 Recommendation
If the government of Bangladesh wants to tackle cyber crime in a comprehensive manner, a separate agency for cyber crime protection should be created in Bangladesh. This agency will be fully governmental and will be under the Ministry of Home Affairs. The headquarters of the agency will be in the capital Dhaka. The name of the agency is "Cyber Crime Protection Unit" (CCPU). The head of this agency will be the Director General (DG). The main functions of this agency will be to ensure the safety of netizens, arrest cyber criminals and bring them under the law, crack down on all cyber related crimes and take appropriate steps to reduce cyber crimes, along with issuing legal guidelines for public awareness. The responsibilities of a "Cyber crime Protection Unit" typically include investigating cyber-crimes, analyzing digital evidence, tracking cyber-criminals, developing strategies to prevent cyber-attacks, and collaborating with other law enforcement agencies and organizations to improve cyber security systems. The agency will function somewhat like the "Rapid Action Battalion or RAB" organization of the police. This agency will act very quickly wherever cyber crime takes place. This "Cyber Crime Protection Unit" will have one zone in each division of Bangladesh. Like CCPU-1, CCPU-2, CCPU-3, CCPU-4, CCPU-5, CCPU-6, CCPU-7, CCPU-8. Each zone of this agency will have as many sub-zones as there are districts. These sub-zones will tackle all types of cyber related crimes from district level to upazila level and remote areas and the officers of this agency will have powers to arrest cyber criminals, and take further action as per cyber crime laws.The person who can arrest cyber criminals under this agency in remote areas will be of the rank of ASI of Police. So if the government creates a government agency called "Cyber Crime Protection Unit" and specific laws to manage this agency, then cyber related crimes can be curbed and this "Cyber Crime Protection Unit" will play an important role in building a "SMART" Bangladesh.
2. As soon as possible, fix the defects of the ICT Act 2006, and after the amendment, the Act should be implemented in the whole of Bangladesh.
3. Amending existing laws in the country to strengthen cyber laws, introducing new laws, and creating new enforcement mechanisms to deal with growing cyber threats. The input and consultation of legal experts and policymakers are essential for the development of this new enforcement mechanism.
4. Exemplary and effective punishment of criminals for cyber crimes is very important so that cyber criminals will not have the courage to commit such crimes later. Then individuals and organizations can be easily protected from online threats. Cooperating with legal authorities is essential to ensuring appropriate consequences for cyber criminal activity.
5. Ensuring the independence of Cyber Tribunals is essential to maintaining fairness and impartiality in the trial of cyber-related crime cases. According to the jurisdiction of these tribunals as per the cyber law, if the tribunals can conduct trials independently, then it is possible to suppress cyber crime in Bangladesh.
7.4 Conclusion
In conclusion, this thesis has provided a comprehensive examination of the perceptions surrounding cybercrimes and the cybersecurity measures in Bangladesh, highlighting the urgent need for effective legal remedies in an increasingly digital world. The research underscores the complexities of cyber threats, which not only jeopardize individual privacy and financial security but also pose significant risks to national security and public trust. Through a critical analysis of existing legal frameworks, including the ICT Act and Digital Security Act, the study reveals the inadequacies and challenges faced in addressing cybercrime effectively.
The findings emphasize the importance of a multi-faceted approach that includes public awareness, education, and collaboration among government agencies and the private sector stakeholders, and international organizations. By fostering a culture of cybersecurity awareness and enhancing legal structures, Bangladesh can better equip itself to combat the rising tide of cyber threats. The recommendations presented in this thesis aim to guide policymakers and practitioners in developing a resilient cybersecurity framework that not only addresses current challenges but also anticipates future developments in the digital landscape.
Ultimately, this research contributes to the ongoing discourse on cyber law and digital governance in Bangladesh, laying the groundwork for future studies and initiatives aimed at enhancing the safety and security of the digital ecosystem. As the nation continues its journey toward digitalization, the insights and recommendations provided herein will be crucial for building a secure and trustworthy digital environment for all citizens.
Bibliography
A. Statutes
Bangladesh Telecommunication Regulatory Commission Act, 2001
Bangladesh Computer Council, Information and Communication Technology (Amendment) Act, 2018 (Dhaka, Bangladesh: Bangladesh Computer Council, 2020).
The Laws of Cyberspace April 3, 1998 Page 3-4.
Universal Declaration of Human Rights, 10 December 1948, Article 8,12, 19.
International Covenant on Civil and Political Rights. December 2, 1766.
Office of the United Nations High Commissioner for Human Rights, Article
The Constitution of the People's Republic of Bangladesh, Article 39,42.
The International Telecommunication Union (ITU), May 17, 1865.
The Penal Code 1860, Section 3,4.
The Code of Criminal Procedure 1898, 177,178,179.
The Cyber Security Act, 202
The Copy Right Act, 2005
The Digital Security Act, 2018
The Information and Communication Technology Act, 2006
Pornography Control Act, 2012
B. Books
Ahmed Dr. Zulfiqar, March 2009, A Textbook on Cyber Law in Bangladesh
Bhuiya Md. Mubarak Hossain, "Digital Security Act and Rules, 2023, edition 2023
Ahmed Rizvi 11 August 2023, Theory and Practice of Cyber Security Measures in Bangladesh Perspective, University Publications.
C. Journals
Islam Md. Shahidul, BAUET JOURNAL, Major Threats of Cyber Crime in the Current Scenario: A Study on Bangladesh Perspective, Volume 01. Issue 01, 2017.
Sharma Miss Bhumika, LAW MANTRA, Netizens Concept and Rights. Volume 3, Issue 12.
Habibah Siti Maizul, Zahrah Fatimatuz, JURNAL HAM, Freedom of Speech and Human Rights, What Can Civic Education Do?. Volume 13. Number 3, December 2022, Page 495-505.
M. M. Islam & M. M. Rahman, "Cyber Law in Bangladesh: A Critical Appraisal of the Information and Communication Technology Act, 2006," International Journal of Cyber Criminology. Volume 13, Issue 1, 2019, p 55-74
K. Mahmood & M. A. Hossain, "Cyber Laws in Bangladesh: An Analysis of the Information and Communication Technology Act, 2006." International Journal of Cyber Security and Digital Forensics 6, Issue 3. 2017, p 66-79.
D. Newspaper
E. Reports
• United Nations Human Rights Council report, January 2012.
F. Internet Sources
The Daily Star, "Bangladesh Government Plans Stricter Cyber Laws Amid Rising Online Crimes," The Daily Star, 2023, https://www.thedailystar.net. Accessed on 27 December, 2024,
Universal Declaration of Human Rights, adopted and proclaimed by General Assembly resolution 217 A (III) of December 10. 1948. available at http//www.un.org/Overview/rights.html. Accessed on 7 December, 2024.
.jpeg)
Comments
Post a Comment