Documente Academic
Documente Profesional
Documente Cultură
INTRODUCTION OF RESEARCH
1.1 Introduction
Research in common parlance refers to a search for knowledge. Once can also define research as
a scientific and systematic search for pertinent information on a specific topic. In fact, research is
an art of scientific investigation. The Advanced Learner’s Dictionary of Current English lays
down the meaning of research as “a careful investigation or inquiry specially through search for
new facts in any branch of knowledge.”1 Redman and Mary define research as a “systematized
effort to gain new knowledge.”2 Some people consider research as a movement, a movement
from the known to the unknown. It is actually a voyage of discovery. We all possess the vital
instinct of inquisitiveness for, when the unknown confronts us, we wonder and our
inquisitiveness makes us probe and attain full and fuller understanding of the unknown. This
inquisitiveness is the mother of all knowledge and the method, which man employs for obtaining
the knowledge of whatever the unknown, can be termed as research. Research is an academic
activity and as such the term should be used in a technical sense
1
The Advanced Learner’s Dictionary of Current English, Oxford, 1952, p. 1069.
2 L.V. Redman and A.V.H. Mory, The Romance of Research, 1923, p.10.
1
1. To ensure there right
2. To concuss of their duty
3. To concuss of Cyber Crime
4 To security of their human
2
1.6 Conclusion
Capacity of human mind is unfathomable. It is not possible to eliminate cybercrime from the
cyber space. It is quite possible to check them. The only possible step is to make people aware of
their rights and duties and further making the application of the laws more stringent to check
crime. Undoubtedly the Act is a historical step in the cyber world. Further it cannot be denied
that there is a need to bring changes in the Information Technology Act to make it more effective
to combat cybercrime.
3
CHAPTER 2
INTRODUCTION TO CYBER CRIME
2.1 Introduction
Cybercrime has had a short but highly eventful history. Apart from being an interesting study by
itself, observing the history of cybercrime would also give the individual and society the
opportunity to avoid the mistake made in past. The past recorded cyber crime took place in the
year 1820! That is not surprising considering the fact that the abacus, which is thought to be the
earliest form of a computer, has been around since 3500 B.C. in India, Japan and China. The era
of modern computers, however, began with the analytical engine of Charles Babbage. In 1994
the first online bank opened, called First Virtual. This opened up a lot of opportunities for
hackers. Cybercrime was slowly becoming more popular. In 1995 the Secret Service and Drug
Enforcement Agency (DEA) obtained the first Internet wiretap, which is exactly like a phone
wiretap. The DEA was able to shut down a company who was selling illegal cell phone cloning
equipment. There is sharp rise in the Cybercrimes in Bangladesh and the Law enforcement
machinery is finding it really it really difficult to manage these technical crimes in Bangladesh.
Cybercrime has already become a going concern in both private as well as public sector in
Bangladesh. During the last decade private and public sector has done a revolution with the use
of technical enhancement. Due to unauthorized intervention to the system, company loses huge
confidential information which caused a large amount of financial lose. It has already been
identified that especially Financial Institutions are in the most threading organization for
cybercrime that at the same time reflects to the personal life. Some development partners have
started working how to tackle cybercrime and improve effective communications.3
3
Lecturer, Department of Law, Britannia University, Comilla-3500, Bangladesh and M. Phil Research Fellow
under the Faculty of Law, Chittagong University, Bangladesh. Volume 2
4
rof. N.V. Paranjape, Criminology and Penology, 14th ed. (Allahabad: Central Law
Publications, 2009), p. 133.
4
Cyber-crime may be defined as E-crime. E-crime covers offences where a computer or
other information and communication technology are used to commit an offence. The actual
offence committed may be a traditional offence. These are theft, fraud, identify crimes,
harassment, threatening violence, possessing, making or distributing objectionable material, e.g.
child pornography, criminal breach of copyright.
E-crime is a type of offence specifically related to computers. Hacking, unauthorized
access to a computer system, distributing an electronic virus designed to damage to access a
computer system, distributing software for the commission of crime, launching a denial of
service attack intentionally or causing a computer system to deny service to any authorized user.
So we defined it as, “E-crime are almost conventional crimes in nature committed by using
computer and ICT with an intention to make social disorder”5
Computer crime or cyber-crime is a form of crime where the Internet or computers are
used as a medium to commit crime. It is criminal activity done using computers and the Internet.
This includes anything from downloading illegal music files to stealing millions of dollars from
online bank accounts. Cyber-crime is a broadly used term to describe criminal activity
committed on computers or the Internet. Some of it is punishable by the laws of various
countries, whereas others have a debatable legal status.6
5
Md. Borhan Uddin, Principles of Cyber Law and other related laws, 3rd ed. (Dhaka: Shams
Publication, 2011), p. 33.
6
[http://www.techterms.com/definition/cybercrime, Last visited 30 August 2015].
5
employees of won textile on 1820. This is the first rewarded cyber-crime in ward. And the
modern age cyber-crime is originated in new method.7
In this 1980s companies such as CompuServe, prodigy, and AOL_ began to emerge.
These were commercial providers who would change a monthly fee to users if they wanted to
access the in “community”. In the 1980s the fee to dial into CompuServe was $25 per hour (wall
2001). Users chose to connect through these companies due to case of use. There was no
configuration, inserting a disk and tuning a program would have the user, “Wired” in the early
1990s the fees for dial up internet decreased to $ 25 per month for unlimited access. The decline
in cost made it possible to more online crime to emerge in the anonymous online community.
In 1990 and 1991 users began to ponder the thought of privacy. They were not sure if a
third party would intercept their Internet communications. As a result Phillip Zimmermann
created an encryption program called Pretty Good Privacy (PGP). PGP was used to hide
sensitive information, but criminals also used to crimes they had committed to the police. In
1994 the first online bank opened, called First Virtual. In 1995 the secret service and Drug
Enforcement Agency (DEA) abstained the First Internet Wiretap, which is exactly like a phone
wiretap. The DEA was able to shut down a company who was selling illegal cell phone cloning
equipment.8
February 6th, 7th and 8th of year 2000 were the days of cyber-criminal and amongst the
darkest nights ever for the Internet and ecommerce some of the big web site such yahoo,
Buy.com, eBay Amazon.com and E-Invade were chocked and shut down for hours. Entering the
millennium caused a huge description for companies due to a denial of service attach. Major web
sites like MSN, Yahoo and Apache were shut down and hacked. The code red virus and sitcom
virus spanned to millions or e-mail account worldwide. Cyber-crime has only accelerated
through the years, and has no plans to slow. There is a sharp rise in the Cyber-crimes in
Bangladesh and the Law enforcement machinery is finding it really difficult to manage these
technical crimes in Bangladesh.9
7
Zulfiquar Ahmed, Cyber law in Bangladesh, (Information and Communication Technology Act, 2006),
2nd ed. (Dhaka: National Law Book, 2009), p. 221.
8
Ibid, p. 222.
9
Ibid, p. 223.
6
2.4 Reason behind of Cyber Crimes
The overall purpose of the study was to identify the impact of cybercrime in Bangladesh with
regard to technological enhancement. The study has embarked upon the specific objectives are to
assess:
Types of cybercrime with the profile of cyber criminals and victims
Impact of cybercrime against individuals
Impact of cybercrime against organizations
Impact of cybercrime against the Government
The duration of the study was very short. More in-depth investigation would have
resulted better outputs
Lack of resources has hampered the study to some extent;
Access to information is very difficult. In most cases, concerned persons were very rigid
to share adequate information.
7
confidential and sensitive information, cause harassment by e-mail threats or obscene material,
play tax frauds, indulge in cyber pornography involving children and commit innumerable other
crimes on the Internet. It is said that none is secure in the cyber world. The security is only for
the present moment when we are actually secure. With the growing use of the Internet, cyber-
crime would affect us all, either directly or indirectly.
Sl. Details
Cyber
i Hotspot Cyber Cafe in Mirpur
ii Blue Planet.Com in Dhanmondi
iii Global Windows in Uttara
Banks
iv Dhaka Bank
Private University
v Eastern University
vi University of Asia Pacific
Government Agencies.
vii Cybercrime Unit at CID, BP10
10
http://www.scribd.com.Last visited 2 september 2015
8
Automatic Trailer Machine administrator in Bank
Students of Computer Science of Different Universities
Members of Cybercrime Unit at CID, Bangladesh Police11
11
Ibid
12
[https://sites.google.com/site/cybercrimezbd/reasons-for-cyber-crime, Last visited 12 August
2015].
12
Md. Borhan Uddin, ibid, p. 35
9
2.6.3 Complex
The computers work on operating systems and these operating systems in turn are composed of
millions of codes. Human mind is fallible and it is not possible that there might not be a lapse at
any stage. The cyber criminals take advantage of these lacunas and penetrate into the computer
system.
2.6.4 Negligence
Negligence is very closely connected with human conduct. It is therefore very probable that
while protecting the computer system there might be any negligence, which in turn provides a
cyber-criminal to gain access and control over the computer system.
2.7 Conclusion
Capacity of human mind is unfathomable. It is not possible to eliminate cybercrime from the
cyber space. It is quite possible to check them. The only possible step is to make people aware of
their rights and duties and further making the application of the laws more stringent to check
crime. Undoubtedly the Act is a historical step in the cyber world. Further it cannot be denied
that there is a need to bring changes in the Information Technology Act to make it more effective
to combat cybercrime.
13
[https://sites.google.com/site/cybercrimezbd/reasons-for-cyber-crime, Last visited 24 August
2015
10
CHAPTER 3
MODE AND MANNER OF COMMITING CYBER CRIME
3.1 Introduction
Cyber-crime is accomplishment done using internet and computers. Cyber-crime includes
anything from downloading banned software's, movies or music files to robbery money from
online bank accounts. Cyber-crime also creating and share out viruses on other computers or
redeployment private business information on the Internet. The most well-known form of cyber-
crime is identity theft, in which criminals use the Internet to filch private information from other
end user. Two of the most regular ways this is done is through pharming and phishing. Both of
these methods attract users to false websites (that appear to be genuine), where users are asked to
enter secret information. The users should always check the URL or Web address of a site to
make sure it is genuine before entering your secret information
11
Computer crime, sometimes known as cyber-crime, is a serious concern. The crime can be
perpetrated instantaneously and its effects can spread with incredible quickness. Furthermore, the
ever-increasing use of computers, especially in serving critical infrastructure, makes computer
criminality increasingly important.
There is an endless list of possible crimes that can occur through use of the Internet. For
example, the Internet can be a medium used for committing hate crimes, pornography, consumer
fraud, stalking, terrorism, theft of security or trade secrets, software piracy, economic espionage,
and financial institution fraud. The threat of computer crime is underlined by the fact that a
security organization such as the Federal Bureau of Investigation was forced to temporarily take
down its Internet site in 1991 after an attack by hackers. Companies have been equally
vulnerable and have incurred millions of dollars in damage due to the effect of certain viruses.
Misuse of the computer threatens individual and business privacy, public safety, and national
security. There have been considerable efforts made by state, federal, and international
governments to curb computer crime.
14
Ibid, p. 37.
15
Ibid, p. 36.
12
3.2.3 Classification based on victims of cyber crime
3.2.3.1 Financial crimes
This would include cheating, credit card frauds, money laundering etc. To cite a recent case, a
website offered to sell Alphorns mangoes at a throwaway price. Distrusting such a transaction,
very few people responded to or supplied the website with their credit card numbers. These
people were actually sent the Alphorns mangoes. The word about this website now spread like
Wild fire. Thousands of people from all over the country responded and ordered mangoes by
providing their credit card numbers. The owners of what was later proven to be a bogus website
then fled taking the numerous credit card numbers and proceeded to spend huge amounts of
money much to the chagrin of the card owners.16
16
Md. Borhan Uddin, ibid, p. 35.
17
Ibid, p. 36.
13
shares he had short sold. This misinformation was spread by sending spoofed emails, purportedly
from news agencies like Reuters, to share brokers and investors who were informed that the
companies were doing very badly. Even after the truth came out the values of the shares did not
go back to the earlier levels and thousands of investors lost a lot of money.
3.2.3.6 Forgery
Counterfeit currency notes, postage and revenue stamps, mark sheets etc can be forged using
sophisticated computers, printers and scanners. Outside many colleges across India, one finds
touts soliciting the sale of fake mark sheets or even certificates. These are made using computers,
and high quality scanners and printers. In fact, this has becoming a booming business involving
thousands of Rupees being given to student gangs in exchange for these bogus but authentic
looking certificates.
18
Ibid, p. 36.
19
Ibid, p. 37.
14
3.2.3.10 Email bombing
This kind of activity refers to sending large numbers of mail to the victim, which may be an
individual or a company or even mail servers there by ultimately resulting into crashing of the
entire system.
3.3 Conclusion
Finally we can say that any criminal doings that uses a computer either as an instrumentality,
objective or a means for propagating further crimes comes within the influence of cybercrime".
Unlawful acts wherein the computer is either a tool or target or both. The computer can be used
in the following kinds of actions - financial crimes, intellectual property crime, pornography, sale
of banned articles, cyber aggravation, online betting, cyber defamation, e-mail spoofing, forgery.
The computer can be used to target for unlawful acts in the following cases- computer networks /
computer system/ unauthorized right of entry to computer, e-mail bombing, stealing of
20
Sheikh Hafizur Rahman Karzon, Theoretical and Applied Criminology, 1st ed. (Dhaka: Palal
Prokashoni, 2008), pp. 414-417.
15
information contained in the electronic form, theft of computer system ,data diddling, salami
attacks, logic bombs, Trojan attacks, internet time thefts, web jacking, physically damaging the
computer system.
16
CHAPTER 4
CYBER CRIME IN BANGLADESH
4.1 Introduction
In Bangladesh Internet was first introduced in 1996. In 2000, the number of Internet users was
100,000 and it shot up to 450,000 in 2007. In another report says about 2 million people use
internet in Bangladesh. In 2013 According to Bangladesh Telecommunication Regulatory
Commission (BTRC), there are at least 30 million internet users and 3.2 million Facebook users
in Bangladesh. So the internet user day by day increasing in Bangladesh and now cyber-crime is
a major problem in our country.21
21
[http://nolet.com/tags/email-address/chadbraywsjcom , Last visited 24 August 2015].
22
Hamidur Rashid, Internet History of Bangladesh, http://ezinearticles.com/?Internet-Historyof-
Bangladesh&id=2327010, last visited 01.10.2009.
17
holders23 and there are approximately 4.5 million users connected to them which is about 0.32%
of our total population.
23
Summary of- BTRC licenses,
[http://www.btrc.gov.bd/licensing/operators/summary_of_licenses.pdf , Last visited
06.09.2009]
24
[http://nation.ittefaq.com/issues/2008/11/25/news0088.htm, Last visited 24 August 2015].
18
workers for the future cyber warfare. Extremist organizations also use the Internet to target their
audiences without depending on overt mechanisms such as radio, TV, or the press.
In our country we still do not have any cyber law also. Now a day in Bangladesh lot of
people use Face book on internet. Face book is a social utility that connects people. Students
are blind fan of face book. Students use face book almost all day long. They upload their
pictures , they send their message through this site to their friends . But the problem is
some people use face book for business purpose . They post illegal things and advertise it
in face book. They invite students to join so many fake clubs. Some group invite students
community to come and join different restricted night club of Dhaka city. Student community
becomes influenced by this type of advertisement. So many crimes have been occurred already
through face book.25
25
[http://www.bangladeshnews24.com/prothomalo/newspaper/, Last visited 24 August 2015].
19
identified that especially Financial Institutions are in the most threading organization for
cybercrime that at the same time reflects to the personal life. Some development partners has
started working how to tackle cybercrime and improve effective communications.
Now in Bangladesh there are many call centers. The main point is that, the call centers
are involved with cyber-crime. The call center employee involved with credit card fraud. The
employee calls to the Bangladesh or foreign country peoples about sell some product by calling
conversation by internet.26
26
[http://www.scribd.com/doc/27042582/Cybercrime-and-its-Impact-in-Bangladesh, Last
visited 27 August 2015].
20
In the last few years, there have been major cases of cyber-crimes in reputed
organizations involved in the field of IT but remained hidden from the public eye to maintain
positive image of the organization; customers of the concerned institutions were also left in dark.
Some examples of cyber-crime in Bangladesh are anonymous death threats to the prime minister
through email, hacking website run by law enforcing agencies and defamation of private
information of respected and popular individuals of the country in September, 2008. 27
Rapid Action Battalion (RAB) discovered that their website had been hacked! But RAB was
successful in catching the hackers which proved that Bangladesh was not far behind in detecting
and catching cyber criminals.
Some criminals take pictures or collect pictures from facebook of female students and then
write blogs to publish or distribute the obscene content in facebook to embarrass them.28
21
The humiliation Irene, Sumana and Nasrin faced is emerging as a big social problem in
Bangladesh. The number of such incident is increasing day by day. This growing menace has
added a new dimension to the already social violence against women like torture for dowry, acid
attack, rape, abduction and trafficking. With the easy availability of computers, cyber cafes have
sprung up across the country — even in rural areas. School and college students spend hours
together in such cafes every day. Most of them spend time chatting online and seeing
pornographies.29
29
[http://www.newsnetwork-bd.org/cyber-crimes-up-against-women-in-bangladesh/,Lastvisited
29 August 2015].
22
Hacker group also start counter attack against India. However, some Pakistani hacker group also
raises their hand against India. Pakistani hacker group also leave a message about this war.
Pakistani hacker group say” ''They f**ked hard from Pakistan. Now they want to f**ked again
from Bangladesh, lolx”. Already they deface more than 2000 Indian web site.30
Traditionally, crime and punishment are largely local, regional, or national. Today, many
differences confronting us are associated with the transnational character of cybercrimes. It is
therefore important to have international legal instruments ready to serve anti-crime efforts.
This article looks at international harmonizing efforts to fortify the legal battle against
cybercrime, categorizing the actions into four aspects: professional law-enforcement efforts,
regional efforts, multi-national efforts, and global international efforts. Subsequently, the article
also categorizes the international actions according to the subject-matters into additional aspects,
including the promotion of security awareness at both international and national levels, the
harmonization of legislation, coordination and cooperation between law-enforcement agencies,
and direct anti-cybercrime actions. The article will also examine the nations' attitudes toward the
Convention on Cybercrime. Based on the analysis, the article will briefly evaluate the
effectiveness of previous attempt at international harmonization.
30
[http://www.mediafire.com/?sbo2dd75rf0g7s8 , Last visited 30 August 2015].
23
structures and investigative abilities, where the advanced APEC economies support other
member-economies in training legislative and investigative personnel.31
After the 9/11 attacks on the U. S., the APEC Leaders issued a Statement on Counter-Terrorism,
condemning terrorist attacks and considering it urgent to reinforce collaboration at different
layers to fight against terrorism. The Leaders called for reinforcing APEC activities to protect
critical infrastructure.32
The Telecommunications and Information Ministers of the APEC economies issued the
Statement on the Security of Information and Communications Infrastructures and a Programme
of Action in 2002,33 supporting measures taken by members to fight against misuse of
information. The Senior Officials' Meeting has made a recommendation which designates six
areas that can serve as the foundation for the APEC's endeavor for cybercrime prevention,
comprising legal development, information sharing and cooperation, security and technical
guidelines, public awareness, training and education, and wireless security. The Ministers and
Leaders of APEC have made a commitment to "endeavor to enact a comprehensive set of laws
relating to cyber security and cybercrime that are consistent with the provisions of international
legal instruments, including the UN General Assembly Resolution 55/63 and Convention on
Cybercrime by October 2003."34
31
Cybercrime Expert Group, Proposal, Doc No: telwg29/ESTC/12, APEC Telecommunications and Information
Working Group, 29th Meeting, 21-26 March 2004, Hong Kong, China.
32
APEC Leaders Statement on Counter-terrorism, APEC Economic Leaders' Meeting, Shanghai, 21 October 2001.
33
APEC, Recommendation by the APEC Telecommunications and Information Working Group (TEL) to APEC
Senior Officials (SOM) for an APEC Cyber security Strategy, 2002/CSOM/052, Concluding Senior Officials
Meeting, Los Cabos, B.C.S., Mexico, 21-22 October, 2002.
34
Cybercrime Expert Group, Proposal, Doc no: telwg29/ESTC/12, APEC Telecommunications and Information
Working Group, 29th Meeting, Hong Kong, China, 21-26 March 2004
24
desirability "to extend the safeguards for everyone's rights and fundamental freedoms, and in
particular the right to the respect for privacy, taking account of the increasing flow across
frontiers of personal data undergoing automatic processing," and the necessity "to reconcile the
fundamental values of the respect to privacy and the free flow of information between peoples"
(Preamble). The Convention covers the protection of personal data in both the public and private
sectors.
35
Ibid.
36
Ibid.
25
4.5.9 The Organization of American States (OAS)
As other regional organizations, the Organization of American States (OAS) with 35 member
states is also highly concerned about the issue of cybercrime. Through its forum for the Ministers
of Justice or of the Ministers or Attorneys General of the Americas (REMJA), the OAS has long
recognized the central role that a sound legal framework plays in combating cybercrime and
protecting the Internet. Such recognition has prompted the REMJA to recommend the creation of
the Group of Governmental Experts on Cybercrime (The Group of Experts) in March 1999.37
The Group of Experts has been devoted to analyzing cybercrimes, to inspecting the domestic
cybercrime law, and to finding ways of cooperating in the Inter-American system of combating
cybercrime. The Group of Experts has held four meetings.
The Meeting of the Ministers of Justice or of the Ministers or Attorneys General of the Americas
(REMJA III) has urged member states to take steps to endorse cybercrime law; harmonize
cybercrime laws to make international cooperation possible. The Meeting of the Ministers of
Justice or of the Ministers or Attorneys General of the Americas (REMJA V) has recommended
that member states evaluate the advisability of implementing the principles of the Convention on
Cybercrime, and consider the possibility of acceding to that Convention.
In 2004, the Fourth Plenary Session of the Organization of American States General Assembly
passed the resolution on "Adoption of a Comprehensive Inter-American Strategy to Combat
Threats to Cyber security: A Multidimensional and Multidisciplinary Approach to Creating a
Culture of Cyber security," proposing that "An effective cyber security strategy must recognize
that the security of the network of information systems that comprise the Internet requires a
partnership between government and industry."38
37
Meeting of Ministers of Justice or of Ministers or Attorneys General of the Americas (REMJA II), Chapter V.
38
AG/RES. 2040 (XXXIV-O/04), Adopted at the fourth plenary session of the Organization of American States
General Assembly held on 8 June 2004 in Quito, Ecuador.
26
territorial environment. This section recounts the efforts of three of the multi-national
organizations.
39
Ibid.
40
Legal and Constitutional Affairs Division Commonwealth Secretariat, Report on Law and Technology Workshop
for the Caribbean, Kingston, Jamaica, 3-7 November, 2003, published in January, 2004.
27
to and implement the Convention on Cybercrime as a basis for mutual legal assistance between
Commonwealth member states and non-Commonwealth states.
41
G7, Chairman's Statement, 17 June 1995, Halifax Summit, 15-17 June 1995.
42
G8, Okinawa Charter on Global Information Society, Okinawa, 22 July 2000.
28
and criminal-law reform (Schlosberg, 2005). Offences against confidentiality, integrity or
availability listed in the 1985 OECD document included unauthorized access, damage to
computer data or computer programmers, computer sabotage, unauthorized interception, and
computer espionage.43 In December 1999, the OECD officially approved the Guidelines for
Consumer Protection in the Context of Electronic Commerce (Department of Justice, 2000, p.
27), representing member states' consensus in the area of consumer protection for e-commerce:
consumers should be protected in e-commerce not less than the protection they enjoyed within
traditional commerce (Department of Justice, 2000, p. 27). The OECD adopted Guidelines for
the Security of Information Systems and Networks in July 2002, calling on member governments
to "establish a heightened priority for security planning and management", and to "promote a
culture of security among all participants as a means of protecting information systems and
networks" (OECD, 2002a, Part I).
The guidelines established nine principles, including awareness, responsibility, response, ethics,
democracy, risk assessment, security design and implementation, security management, and
reassessment (OECD, 2002a, Part III). Because of the nature of the guidelines and the distance
from the legal actions, practical endeavors were left to the member countries to make.
4.6 Conclusion
Cyber-crime is obviously the latest form of the crimes which is very difficult to suppress. But, its
difficulty must not prevent us from taking adequate measures against the cyber-criminals. Only
law is not enough and so, we must nurture ethics and morality in our private and communal
lives. As our youngsters are prone to misdirection, they must be given proper guidance and care.
The state has to take all possible measures to thwart any kind of cyber-invasion which may put
the lives of people in danger. Continuous vigilance and upgrading counter-measures are some of
the must-dos for the government. Common people should also be careful in using computer
systems and online facilities. Hopefully, our awareness and constant battle against cyber-crime
will result in success.
43
Computer-Related Crime: Analysis of Legal Policy, ICCP Series No. 10, 1986. Cited in UN, Crimes related to
Computer Networks: Background Paper for the Workshop on Crimes Related to the Computer Network, Tenth UN
Congress on the Prevention of Crime and the Treatment of Offenders, Vienna, 10-17 April 2000, A/CONF. 187/10.
29
CHAPTER 5
CYBER LAW IT’S CHALLENGE IN BANGLADESH
5.1 Introduction
Now the people use the technology also for political and religious purpose. As well as day by
day Cyber-crimes are increasing in the world as well as our country. In 2013 we’ve seen that,
Technology is getting more frequently used and seems like a blessing going cover Bangladesh.
Therefore in Bangladesh a bundle of laws has been enacted to protect the people.44
44
[http://pastebin.com/WFhmnqPB, Last visited 31August 2015].
30
Since cyber-crime are crimes of technology, the law enforcement agencies ought to be
trained in the intricacies of technology so as to properly and effectively conduct investigations,
A cyber cop has to be at least a half IT engineer to be a competent cyber-crime investigator.
Since the criminal has the tendency of jumping geographical borders also called jurisdictional
jumping, there has to be co-operation between law enforcement agencies of different countries.
Effective laws of extradition and their implementation are necessary to bring to trial
cyber criminals across borders. These existing extradition treaties ought to be strengthened by
co-operation in the International community. The most effective weapon to counter cyber-crime
is the use of encryption and other security technologies. It has been said that we need better locks
on computers and not on jails to prevent cyber-crime.
The IT industry must assume responsibility of protecting its own computer systems and
networks by using security technologies and should be not depend upon the law enforcement
agencies to track cyber criminals which are extremely difficult given the anonymity provided by
the Internet. The Government should encourage the use of security technology’ and should work
in close partnership with the private sector. It must facilitate and encourage research and
developing of new security technologies. Govt. should fund and support research and
development and facilities education about the measure to counter cyber-crime. Since
most cyber-crime is not reported by victims in the IT Industry, it gives protection to cyber
criminals. Cyber-crimes are not reported by victims for fear of eroding the confidence of
customers and the consequent loss of business. It needs to be understood that to suppress
information about cyber-crime having been victimized by cyber-crime amounts to protection of
and encouraging cyber-crime. The private sector must share information about cyber-crime so as
to understand its various forms and ways to deal with them more effectively.45 Last but not least
suggestion is that identification of citizens. Anonymity facilities cyber-crime and thus must yield
to the large interest of the society. It is not being advocate that all contents and interactions on
the Internet should be censored. Technological modes of easy identification of citizens in their
interaction should be used only when necessary while investigation into allegations of cyber-
crime thought privacy concerns arc important it has to be realized that identification of citizens
in certain areas such as cyber-crime is equally necessary.
45
Ibid
31
Criminal justice system all over the world, must also remember that because of certain
inherent difficulties in the real cyber-criminal, criminal laws must be applied so as distinguish
between the innocent and the deviant. A restrain must be exercised on the general tendency to
apply the principle of deterrence as a response to rising cyber-crime, without being sensitive to
the right of the accused. Our law makers and the criminal laws system must not forget the basic
difference between an accused and a convict. A delicate difference between the need to ensure
that no innocent is punished and the need to punish the cyber-criminal.46
46
[http://www.scribd.com , Last visited 31 August 2015]
47
[http://www.ncpc.org/resources/files/pdf/internet-safety/13020-Cybercrimes-revSPR.pdf]
32
protect against and prevent cybercrime. Do not respond to email messages that contain
misspellings, poor grammar, odd phrases, or web sites with strange extensions. When in doubt
about responding to an email, consider a telephone call to the organization to verify authenticity.
Type the address for the website in the browser instead of clicking on a link. Any financial
transaction website should have an “s” after the letters “http” (e.g., https:// www.mystore.com
not http:// www.mystore.com). The “s” stands for secure and should appear when you are in an
area requesting you to login or provide other sensitive data. Another sign that you have a secure
connection is the small lock icon in the bottom of your web browser (usually the right-hand
corner.) might try to gain access to crash it, delete information, or steal passwords and other
sensitive information. Software firewalls are widely recommended for single computers. The
software is prepackaged on some operating systems or can be purchased for individual
computers. For multiple networked computers, hardware routers typically provide firewall
protection. (www.fbi.gov/ scams-safety/, How to Protect Your Computer, www.fbi.gov/ scams-
safety/computer_protect)
33
and possibly preventing them from accessing certain web content. Using the “help” feature
of the operating system can often address many of the questions in this area.
34
from “passive residual income a few hours each day working out of your home.” Many of these
crimes go unreported because the victim is too embarrassed to admit to law enforcement that
they were duped.
5.4 Conclusion
The policy maker may formulate a baseline security procedures policy outlining the minimum
requirements which must be met by agencies regarding information security and may also
develop especial analysis site which will be observed 24/7 and will provide real-time monitoring
of cyber activities. ‘Cyber incident response unit’ and ‘a cyber crime investigation cell’ may be
built within law enforcement authority to fight cyber crime successfully by adopting the
enhancing ‘capacity’, good police work, Skilled investigators by sharing the ‘too few’
professionals skilled in cyber-security and by training new officers to become experts in the field
and providing adequate logistic support/equipment. Moreover, to keep the national security
uninterrupted and avoid hacking, web servers running public sites must be physically separate
protected from internal corporate network and web site owners should watch traffic and check
any inconsistency on the site by installing host-based intrusion detection devices on servers.
Finally, we can say that the collective effort of state and nations is only a possible way to see the
peoples’ dream of a Digital Bangladesh in existence and could protect individuals and national
security of the state from the aggression of cyber criminals
35
CHAPTER 6
EXISTING LAWS REGARDING CYBERCRIME
6.1 Introduction
This paper is expected to provide the activists and global leaders of cyber security & policy
makers to assess how best Bangladesh is applying the initiated measures for a secured, accessible
cyber world for the information society. In today’s world information system and network
security has become a rights issue for the reason that rights to information has become more and
more important to everyone as information protects and develops human life every day.
Understanding the essential need of security all developed countries have taken steps to address
the problem on the other hand developing countries are far away from being able to guarantee
this rights. Threats to the Information Society were emerging on the content level as well as on
the network level and on the physical level. Information security could however not be achieved
by technology alone.
36
In recent years, the Government of Bangladesh has taken some policy initiatives to strengthen
scientific and technological research and ICT activities. The services required more partnership
with the international code and systems for which Bangladesh is trying to attain with sincere,
utmost commitment The average age of almost 50 percent of the population is below 25 years.
This is a very positive aspect for our country, because the youths are able to acquire and
assimilate science, ICT education and technological skill and training very easily and very fast.
Many of them have already demonstrated extraordinary capability and embraced success in the
field of science and ICT. Not only has that publication of research findings of our undergraduate
students in internationally renowned journals also pointed to the commendable innovative
capability of our young students. The policy regulations are considering here as a part of its
national goal; Bangladesh is new in the cyber world only by accessing and using the cyber
resources with immense interest by the society where technology development and growth is
merely in progress although in highest attention. 48
48
http://www.itu.int/osg/spu/cybersecurity/contributions/Bangladesh_Salim_paper.pdf
37
National ICT Policy includes issues of human resource development, creation of ICT
infrastructure, facilitating research and development on ICT, development of ICT industries on a
priority basis. It has also highlighted importance of hardware industries, e-Commerce, e- The
Government has been patronizing science and ICT and shown its commitment through forming
high-powered National Taskforce on ICT, Biotechnology, and National Council for Science and
Technology for harmonious growth and expansion of scientific and technological development
throughout the country.
The Government has already shown its commitment to ICT through sending high powered
delegation headed by the Honb'le Prime Minister to World Summit on the Information Society
(WSIS) and sharing the common vision of developing an Information Society, harnessing
potential of ICT to promote development goals of the Millennium Declaration, which include
eradication of extreme poverty and hunger, achievement of universal primary education and
development of global partnerships for the attainment of more peaceful, just and prosperous
world. Along with other countries, Bangladesh Government has recognized the central role of
science in the development of Information Society, the indispensable role of education,
knowledge, information and communication in human progress, endeavor and welfare.
Government has expressed its determination to empower the poor, particularly those who are
living in remote, rural and marginalized urban areas, to access information and to use ICTs as a
tool to support their efforts to lift themselves out of poverty.
Bangladesh realizes that science and technology has unprecedented impact on economic growth
and social development. Knowledge has become a source of economic might and power, and
therefore, has caused increased restrictions on sharing of knowledge, new norms of intellectual
property rights. The ongoing globalization and the intensely competitive environment have a
significant impact on the production and services sectors. Because of all this, Bangladesh science
and technology system has to be infused with new vitality if it is to play a decisive and beneficial
role in advancing the welfare of all sections of the population, in particular of the poor people.
Keeping the aims and objectives of the Government in view, MoSICT has formulated some
policies on protection of its growing cyber world from the unsolicited consequences. The
National ICT Policy, Cyber Law, Electronic Transaction Act are already adopted by the highest
authority. Appropriate education on Computer Alert and Emergency Responses are underway by
the different agencies including government, civil society/NGOs and private sector.
38
Bangladesh is a country with tremendous potential for development through science and
technology. Our limited land and high population density implies application of modern
scientific methods and technology for cultivation and give thrust to development of industries.
Historically this land has been proved very fertile in giving birth to and nourishing the
litterateurs, engineers and scientists, minds that kept their marks on the development of human
civilization.
Governance, legal issues related to ICT, application of ICT in health care, application of ICT in
agriculture to exploit the potential for development of rural economy and agro-business.
Application of ICT in other areas like social welfare, transportation and the judiciary system is
also highlighted. 49
49
http://www.itu.int/osg/spu/cybersecurity/contributions/Bangladesh_Salim_paper.pdf
39
This period may be extended for three months. Tribunal shall pronounce its judgment within ten
days after the conclusion of trial which may be deferred for ten days.
40
(e) to help to establish uniformity of rules, regulations and standards regarding the
authentication and integrity of electronic records; and50
(f) to promote public confidence in the integrity and reliability of electronic records and
electronic commerce, and to faster the development of electronic commerce through the use of
electronic signatures to lend authenticity and integrity to correspondence in any electronic
medium.51
50
Ibid
51
[http://news.priyo.com/tech/2011/06/25/efficiencies-cyber-law-banglad-29806.html, Last
visited 02 September 2015].
41
the said procedure where it clearly states that the offences are non-cognizable. However, we have
not seen a single instance of following the correct procedure in the past.
The amendment of 2013 vide section 76(1)(Kha) made Sections 54, 56, 67 and 61
cognizable and non-bailable and Sections 55, 58, 59, 60, 62, 63, 64 and 65 as non-cognizable and
bailable. This has made significant changes in the initiation of proceedings and who can decide
which falls under the purview of the penal sections under the Act. This essentially raises the
question whether the police have the required educational and technical expertise to consider a
comment posted on the internet or a logical explanation posted in a blog to be offensive and
derogatory as described loosely by the Section 57 of the Act? The usual recruitment process of
the police inspectors clearly shows otherwise. This major change gives unfettered power to the
police and this will give them a free-hand to interfere in private-personal life of the citizens more
frequently, one step ahead of creating controlled society. Where other democratic countries are
trying to reduce police interference in private life to ensure the fundamental rights, this new
52
police empowerment will definitely obstruct that effort.
The provisions of Section 29 of the ICT Act, which remained unchanged, states that the
Controller or any officer authorized by him in this behalf shall take up for investigation of any
contravention of the provisions of this Act, rules or regulations made there under. Section 28 of
the same Act further empowers the Controller to delegate his power in writing to the Deputy
Controller, Assistant Controller or any other officer to exercise any of the powers of the
Controller. The police are not in the list of those who may exercise the power of the Controller. It
may be noted that Section 76(1)(Kha) makes certain penal provisions cognizable but the sections
28 and 29 remains the same without including police as an authorised office who could exercise
the power of the Controller. Thus in almost all the recent cases, the police have exceeded their
jurisdictions in undertaking the investigation. This contradictory provision has made the Act
more complex and unworkable.
Furthermore, section 69(6) of the Act empowers the Police or any other authorised
person, by the order of the tribunal or on its own initiative may reinvestigate the case. This is a
clear violation of the express provisions of the CrPC. No criminal cases are allowed to be
reinvestigated. Police may conduct further investigation by the order of the court and definitely
52
Ibid
42
not on own initiative. This clearly undermines the usual legal process and sets up contradictory
standards.
Most of the cases until now were filed under Section 57 of the Act. There are a few other
cases of computer system hacking and publishing obscene materials on the internet coupled with
the Pornography Act. This frequent use of Section 57 raised concern among the writers,
journalists, bloggers and human rights activists as it directly interferes with the freedom of
expression and right to privacy as guaranteed by Articles 39 and 43. Section 57(1) of the Act
very loosely defines the offence which reads as follows:
“If any person deliberately publishes or transmits or causes to be published or transmitted
in the website or in any other electronic form any material which is false and obscene and if
anyone sees, hears or reads it having regard to all relevant circumstances, its effect is such as to
influence the reader to become dishonest or corrupt, or causes to deteriorate or creates possibility
to deteriorate law and order, prejudice the image of the State or person or causes to hurt or may
hurt religious belief or instigate against any person or organization, then this activity will be
regarded as an offence.”
Section 57(2) of the Act contains the punishment for committing offence under sub-
section 1 of section 57 as imprisonment for 14 years or fine for an amount of TK.1.00 crore or
both. The 2013 amendment has increased the term of imprisonment from 10 to 14 years.
If we consider Section 57(1) on its own, then we see that the section failed to state
specific offences: such as, it does not say the age group who will see, hear or read the material.
The level of understanding may not be the same of a minor compared to an adult. Moreover,
after the recent changes, the most likely person to see, hear or read is the police officer. As
discussed earlier, the police with his educational background might not be able to form logical
explanation of what he sees, hears or reads on the internet.
The section also denotes the possibility of being dishonest or corrupt after reading the
content published in the internet. Now this is a basic question of morale. It varies from person to
person. By seeing, hearing or reading any content in the internet one might not react or take it as
seriously to become dishonest or corrupt and on the flip side another person might think as the
section states. This makes the section uncertain and leaves it on the intellect of the reader.53
53
Ibid
43
The section further includes the scope of damaging the image of person and the State. But the
nowhere in the Act, has the image of the State defined and how the image of a person would be
determined. Depending on the social status, image might vary from person to person. Moreover,
how the image of a person and the State comes on the same footing?54
Section 505 and 505A of the Penal Code covers the offence of defamation and the
punishment under the aforesaid sections is only 2 years or fine or both. But Section 3 of the ICT
Act states that the provisions of ICT Act shall prevail over any other laws. Now that the section
57(2) provides for 14 years of imprisonment with TK. 1.00 crore fine then who on earth would
file a case under the Penal Code?55
The section further goes on to include the possibility of hurting or cause to hurt the
religious belief or instigate against any person or organisation. Again the section, surprisingly,
failed to define what would amount to hurting one's religious belief and why would instigation
against any person and organisation be embodied in one single section? The concept of religious
belief is age-old and there are non-believers too. The Constitution of the country ensures the
right of choosing the religious belief. This definitely includes the choice not to believe in any
religious belief and remain free. This interpretation has always been problematic. Due to socio-
political pressure, the liberal interpretation did not get its way far enough. Therefore there is
always scope to victimise someone who doesn't conform to any religious belief. The other State
laws don't also give any space for the non-believers.
Moreover, Section 205 of the Penal Code defines provision for punishment for publishing
any material either in the form of a book or leaflet hurting one's religious belief then he will be
imprisoned for 2 years. If the same is published in the internet then it will be 14 years
imprisonment with TK. 1.00 Crore fine. The section fails to address the issue of publishing a
false or obscene material by impersonation to victimise another person. Anyone can get a fake
ID in the Facebook and can post false and obscene materials pretending to be another person. In
that case the credentials supplied to open the account will direct the investigating officer to the
person it was opened for and there is no way to find out actually who opened the account.
Section 57 stresses upon defaming any person. This is also defined by the Penal Code of
Bangladesh where the punishment is only 2 years. But the ICT Act, 2013 provides for 14 years
54
Ibid
55
Ibid
44
of imprisonment or fine of TK. 1.00 crore or with both. In that case, if someone publishes any
materials (other than in the internet) defaming any person, then he will still be charged with the
provisions of the Penal Code and if someone does the same in the internet, say in his blog or
Facebook account the he will be charged under section 57 and the punishment will be 10 times
higher than the Penal Code. There is no explanation why this discrimination for the same
offence. The section further states the possibility of causing deterioration of the law and order
due to publication of any false and obscene material in the internet56
This is completely a new concept that the law and order situation might deteriorate due to
postings in the any internet. The number of internet users has not reached so high to consider it a
threat which might cause the law and order in the country to deteriorate. Again, after the
amendment, Police will decide whether a particular post in the internet will worsen the law and
order situation or not. If a police officer in the rank of Sub-Inspector is left to decide a comment
or argument posted in the internet by a university graduate or a renowned teacher of a university,
then the future of our freedom of expression is really at stake.
The Act unnecessarily imposed extreme punishment provision without any legal basis.
The bail provision makes the Act monstrous and it will influence people to use it more frequently
than other regular legal provisions when it comes to taking revenge or victimizing a person. As
Section 57 is not specific and covers a wide area of offences, there will be little chance to get
acquittal from any charge.
In India, Section 66(A) of the ICT Act had similar provision of empowering the police to
take cognizance of an offence but later it was modified. Now, if it is in a city then the Inspector
General of Police and in case of village, the Deputy Commissioner has been given authority to
take cognizance. Where other democratic states are decreasing police power, we are increasing it
in the name of control.
The arbitrary exercise of police power will not only impose self-censorship but also
jeopardise the whole idea of establishing a democratic state. Misuse of technology has been
expanded to its optimum level and then arise the need of strict statutory laws to regulate the
criminal activities in the cyber world and to protect technological advancement. But first of all,
we need to know what those offences are that need to be controlled or regulated.
56
Ibid
45
The most common cyber offences in other countries which might creep in gradually in
our country have not yet been addressed by this ICT Act. It remains a tool for oppression and it
is anticipated that the next government will not modify or repeal the Act, as it gives the perfect
tool for oppression.57
57
Ibid
46
49. Penalty for failure to file return, information, book etc.—If any person fails to deliver any
information, books or any other documents under the provisions of this Act, or rules and
regulations made thereunder within stipulated time, the Controller or any officer of the
Government authorized by the Government by special order, as the case may be, can fine the
person which may extend to Taka ten thousand mentioning reasons in written by administrative
order. 14
50. Penalty for failure to maintain books of accounts or record.—If any person fails to
maintain books of accounts or records which is supposed to be preserved under the provisions of
this Act, or rules and regulations made thereunder, the Controller or any officer of the
Government authorized by the Government by special order, as the case may be, can fine the
person which may extend to Taka two lakhs mentioning reasons in written by administrative
order.
51. Residuary penalty.—If any person contravenes any rules of this Act for which the provision
of penalties has not been fixed separately under the provisions of this Act, or rules and
regulations made thereunder, the Controller or any officer of the Government authorized by the
Government by special order, as the case may be, can fine the person for breaching the very rule
which may extend to Taka twenty five thousands mentioning reasons in written by
administrative order.
52. Power of Controller to issue prohibition of possible breaching of rules.—(1) If the
Controller is in the opinion that, any person has attempted or is attempting to do such activities
which is breaching or may breach the provisions of this Act, rules, regulations made thereunder,
or conditions or any order of the Controller then the Controller shall issue a notice within the
stipulated time limit ordering the person to present his statement in written why he should not
refrain himself from doing such activity and if such statement is presented then the Controller
shall issue an order to refrain him from doing such activity or any other instruction about the
activity sthat deems fit to him. (2) If the Controller is satisfied that, the nature of breaching or
possible breaching under sub-section (1) of this section is such that to prevent the person from
that activity immediately, then the Controller shall issue an interim order which deems fit to him
during the time of issuing a notice under that sub-section. (3) If any instruction under sub-
sections (1) and (2) of this section is given to anyone, he
47
shall be bound to obey it. (4) If any person breaches the given instructions of this section, the
Controller can fine the
person which may extend to Taka ten thousand.
53. Penalties.—(1) The Controller can impose penalties for breaching other rules under this Act
defined by the rules as an addition to imposable penalties under this Act. (2) No penalty shall be
imposed under this Act for breaching this Act or any rules of this Act without giving reasonable
opportunity to the offender on hearing. (3) The accused person can lodge an application to the
Controller for auditing the decision of imposing penalties by the Controller within seven days
from the date the decision is made and if any such application is lodged, the Controller shall give
opportunity to the Applicant for hearing and dissolve it within fifteen days. (4) Unless the
penalties are paid under this Act which is due, is collectable as a Government demand under the
Public Demands Recovery Act, 1913 (Ben. Act III of 1913).
48
(f) denies of causes the denial of access to any person authorized to access any computer,
computer system or computer network by any means;
(g) provides any assistance to any person to facilitate access to a computer, computer system or
computer network, in contravention of the provisions of this Act, rules or regulations made
thereunder;
(h) for the purpose of advertisement of goods and services, generates or causes generation of
spams or sends unwanted electronic mails without any permission of the originator or subscriber;
(i) charges the services availed of by a person to the account of another person by tampering with
or manipulating any computer, computer system or computer network; then the above said
activities shall be treated as offences of the said person.
(2) If any person commits offence under sub-section (1) of this section, he shall be punishable
with imprisonment for a term which may extend to ten years, or with fine which may extend to
Taka ten lakhs, or with both.
Explanation.--For the purpose of this section--
(i) "computer contaminant" means any set of computer instructions that are designed--
(a) to modify, destroy record, transmit data or program residing within a computer, computer
system or computer network; or
(b) by any means to usurp the normal operation of the computer, computer system or computer
network;
(ii) "computer database" means a representation information, knowledge, facts, concepts or
instructions in the form of text, image, audio or video that--
(a) are being prepared or have been prepared in a formalized manner by a computer, computer
system or computer network; and
(b) are intended for use in a computer, computer system or computer network;
(iii) "computer virus" means such computer instruction, information, data or program, that--
(a) destroys, damages, degrades or adversely affects the performance of a computer resource; or
(b) attaches itself to another computer resource and operates when a program, data or instruction
is executed or some other event takes place in that computer;
(iv) "damage" means to destroy, alter, delete, add, modify or rearrange any computer resource by
any means.
49
55. Punishment for tampering with computer source code.--(1) Whoever intentionally or
knowingly conceals, destroys or alters or intentionally or knowingly causes other person to
conceal, destroy or alter any computer source code used for a computer, computer program,
computer system or computer network, when the computer source code is required to be kept or
maintained by any law for time being in force, then this activity of his will be regarded as
offence. (2) Whoever commits offence under sub-section (1) of this section he shall be
punishable with imprisonment for a term which may extend to three years, or with fine which
may extend to Taka three lakhs, or with both.16
Explanation.--For the purpose of this section, "computer source code" means the listing of
programs, computer commands, design and layout and program analysis of computer resources
in any form.
56. Punishment for hacking with computer system.--(1) If any person--
(a) with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the
public or any person, does any act and thereby destroys, deletes or alters any information
residing in a computer resource or diminishes its value or utility or affects it injuriously by any
means;
(b) damage through illegal access to any such computer, computer network or any other
electronic system which do not belong to him; then such activity shall be treated as hacking
offence.
(2) Whoever commits hacking offence under sub-section (1) of this section he shall be
punishable with imprisonment for a term which may extend to ten years, or with fine which may
extend to Taka one crore, or with both.
57. Punishment for publishing fake, obscene or defaming information in electronic form.--
(1) If any person deliberately publishes or transmits or causes to be published or transmitted in
the website or in electronic form any material which is fake and obscene or its effect is such as to
tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances,
to read, see or hear the matter contained or embodied in it, or causes to deteriorate or creates
possibility to deteriorate law and order, prejudice the image of the State or person or causes to
hurt or may hurt religious belief or instigate against any person or organization, then this activity
of his will be regarded as an offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable
50
with imprisonment for a term which may extend to ten years and with fine which may extend to
Taka one crore.
58. Punishment for failure to surrender licence.--(1) Where any Certifying Authority fails to
surrender a licence under section 34 of this Act, the person in whose favour the licence is issued,
the failure of the person shall be an offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable
with imprisonment for a term which may extend to six months, or with fine which may extend to
Taka ten thousands, or with both.
59. Punishment for failure to comply with order.--(1) Any person who fails to comply with
any order made under section 45 of this Act, then this activity of his will be regarded as an
offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to one year, or with fine which may extend to Taka
one lakh, or with both.
60. Punishment for failure to comply with order made by the Controller in emergency --
(1) Any person who fails to comply with any order made under section 46 of this Act, then this
activity of his will be regarded as an offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to five years, or with fine which may extend to Taka
five lakhs, or with both.
61. Punishment for unauthorized access to protected systems.--(1) Any person who secures
access or attempts to secure access to protected system in contraventions of section 47 of this
Act, then this activity of his will be regarded as an offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to ten years, or with fine which may extend to Taka
ten lakhs, or with both.
62. Punishment for misrepresentation and obscuring information.--Whoever makes any
misrepresentation to, or suppresses any material fact from the Controller or the Certifying
Authority for obtaining any licence or Digital Signature Certificate shall be regarded as an
offence. 17
51
(2) Whoever commits any offence under sub-section (1) of this section he shall be punishable
with imprisonment for a term which may extend to two years, or with fine which may extend to
Taka two lakhs, or with both.
63. Punishment for disclosure of confidentiality and privacy.--Save as otherwise provided by
this Act or any other law for the time being in force, no person who, in pursuance of any of the
powers conferred under this Act, or rules and regulations made thereunder, has secured access to
any electronic record, book, register, correspondence, information, document or other material
shall, without the consent of the person concerned, disclose such electronic record, book,
register, correspondence, information, document or other material to any other person shall be
regarded as an offence.
(2) Whoever commits any offence under sub-section (1) of this section he shall be punishable
with imprisonment for a term which may extend to two years, or with fine which may extend to
Taka two lakhs, or with both.
64. Punishment for publishing false Digital Signature Certificate.--No person shall publish a
Digital Signature Certificate or otherwise make it available to any other person knowing that--
(a) the Certifying Authority listed in the certificate has not issued it; or
(b) the subscriber listed in the certificate has not accepted it; or
(c) the certificate has been revoked or suspended;
unless such publication is for the purpose of verifying a digital signature created prior to such
suspension or revocation and by breaching the rules such Digital Signature Certificate is
published or otherwise make it available to others shall be regarded as an offence. (2) Whoever
commits any offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to two years, or with fine which may extend to Taka
two lakhs, or with both.
65. Punishment for publishing Digital Signature Certificate for fraudulent purpose etc.--
Whosoever knowingly creates and publishes or otherwise makes available a Digital Signature
Certificate for any fraudulent or unlawful purpose shall be regarded as an offence. (2) Whoever
commits any offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to two years, or with fine which may extend to Taka
two lakh, or with both.
52
66. Punishment for using computer for committing an offence.--(1) Whosoever knowingly
assists committing crimes under this Act, using any computer, e-mail or computer network,
resource or system shall be regarded as an offence.
(2) Whoever aids committing any offence under sub-section (1) of this section he shall be
punishable with the punishment provided for the core offence.
67. Offences committed by companies etc.--If any offence is committed by a company under
this Act, then each director, manager, secretary, partner, officer and staff of the company who
has directly involvement in committing the said offence shall be guilty of the offence or the
contraventions, as the case may be, unless he proves that the offence or contravention was
committed without his knowledge or that he exercised sue diligence in order to prevent
commission of such offence or contravention.
Explanation.—For the purposes of this section.—
(a) “company” means any body corporate and includes commercial firm, partnership business,
cooperatives, association, organization or other association of individuals; and
(b) “director” in relation to a commercial firm includes a partner or member of Board of
Directors.18
53
Government by notification in the Official Gazette, transfer the case to the Tribunal having
special local jurisdiction. (5) Any Tribunal, taken decision otherwise, shall not be bound to
retaking statement of witness who has already given statement, or taking rehearing or begin
again any other activities already undertaken under sub-section (1) of this section, however, the
Tribunal shall continue the prosecution from where it stood on the basis of already taken or
presented statement from the witness. (6) The Government, by order, shall define the place and
time; accordingly the special Tribunal shall conduct its activities from that place and time.
69. Trial procedure of Cyber Tribunal.--(1) Without written report of a police officer not
below the rank of Sub-Inspector or the prior approval of the Controller or any other officer
authorized by the Controller the special Tribunal shall not accept any offence trial.
(2) The Tribunal shall follow the rules mentioned in the Chapter 23 of the Code of Criminal
Procedure, if they are not inconsistent with the rules of this Act, which is used in Session Court.
(3) Any Tribunal shall not suspend any prosecution without having written reasons and unless it
is required for the sake of just adjudication.
(4) If the Tribunal is in the opinion that the accused person has been absconded and for that it is
not possible to arrest him and produce him before the Tribunal and there is no possibility to
arrest him immediately, in that case the Tribunal can order the accused person to appear before
the Tribunal by publishing such order in two mass circulated national Bengali dailies and if the
accused person fails to do so, the prosecution shall take place in his absence.
(5) The rules mentioned in sub-section (4) of this section shall not be applicable if the accused
person fails to appear before the Tribunal or absconded after getting bail.
(6) The Tribunal can order any police officer, or the Controller, or any officer authorized by the
Controller, as the case may be, to reinvestigate the case and submit the report within the
stipulated time of its own initiative or any application lodged to the Tribunal,
70. Application of code of criminal procedure in the activities of Tribunal.—(1) Rules of
Code of Criminal Procedure, as far as, are not inconsistent with the rules of this Act shall be
applicable in the activities of this Tribunal and it will have all the power as exercised by the
Session Court.
(2) The person prosecuting the case on behalf of the Government in this tribunal to be known as
public prosecutor.
54
71. Rules relating to bail.—The Judge of Cyber Tribunal shall not bail any person accused in
committing crime under this Act, which is punishable, unless--
(a) Hearing opportunity is given to the Government side on similar bail orders;
(b) The Judge is satisfied that,--19
(i) There is reasonable cause to believe that the accused person may not be proved guilty in the
trial;
(ii) The offence is not severe in relative term and the punishment shall not be tough enough even
the guilt is proved.
(c) He writes down the reasons of similar satisfactions.
72. Time limit to deliver verdict.--(1) The Judge of Cyber Tribunal shall give the verdict within
ten days from the date of completing of taking evidence or debate, what happened later, unless
he extends the time limit no more than ten days with having written reasons. (2) If the verdict is
given by the Cyber Tribunal under sub-section (1) of this section or any appeal is lodged against
the verdict to the Cyber Appellate Tribunal then Cyber Tribunal or Cyber Appellate Tribunal
concerned shall forward the copy of the verdict of the appeal to the Controller for preserving it in
the electronic records repository room established under section 18 (7) of this Act.
73. Prescribed timeframe for dissolving cases by Cyber Tribunal.—(1) The Judge of Cyber
Tribunal shall complete the prosecution within six months since the date of filing the charge
sheet. (2) If the Judge of Cyber Tribunal fails to complete the prosecution within the time limit
fixed under sub-section (1) of this section can extend the time limit another three months having
written the reasons. (3) If the Judge of Cyber Tribunal fails to complete the prosecution within
the timeframe fixed under sub-section (2) of this section can continue the prosecution process
having written the reasons and submitted it as a report to the High Court and the Controller.
74. Prosecution of offence by Session Court.—Whatever is contained in the Code of Criminal
Procedure, until the special tribunal has not been established, the Session Court shall prosecute
any offence committed under this Act.
75. Prosecution procedure followed by the Session Court.—(1) To prosecute any offence
committed under this Act which is trialed in Session Court, Session Court shall follow the rules
mentioned in section 23 of the Code of Criminal Procedure which is applicable in Session Court
trial.
55
(2) Any Session Court shall not accept any prosecution/trial of any offence committed under this
Act without any written report from the police officer not below the rank of Sub-Inspector of the
Police and prior approval of the Controller or any officer authorized by the Controller, whatever
is contained in the Code of Criminal Procedure.
76. Investigation of crime, etc.—(1) Whatever is contained in the Code of Criminal Procedure,
the Controller or any officer authorized by the Controller, or any police officer not below the
rank of Sub-Inspector of the Police shall investigate any offence committed under this Act.
(2) Offence committed under this Act shall be non-cognizable offence.
77. Confiscation.—(1) Any computer, computer system, floppies, compact disks (CDs), tape
drives or any other accessories related thereto, in respect of which any provision of this Act,
rules, orders or regulations made thereunder has been or is being contravened, or in respect of
which any offence has been committed, shall be liable to confiscation by an order of the court
trying an offence or contravention.
(2) If the court is satisfied, that the computer, computer system, floppies, compact disks (CDs),
tape drives or any other accessories belonging to a person or under control of him related thereto,
in respect of which any provision of this Act, rules, orders or regulations made thereunder has
not been responsible to contravene, or committing an offence, then the computer, computer
system, floppies, compact disks (CDs), tape drives or any other accessories shall not be
confiscated. (3) If any legal computer, computer system, floppies, compact disks (CDs), tape
drives or any other accessories is found with the computer, computer system, floppies, compact
disks (CDs), tape drives or any other accessories which is confiscated under sub-section (1) of
this section shall also be confiscated.
(4) Any computer or other relevant accessories belonging to the Government or Body
Government Authority is used to commit an offence under sub-section (1) of this section,
whatever contained in this section, shall not be confiscated.20
78. Penalties or confiscation no bar against other punishments.—No penalty imposed or
confiscation made under this Act shall prevent the imposition of any other punishment to which
the person affected thereby may be liable under any other law for the time being in force.
79. Network service providers not to be liable in certain cases.—For the removal of doubts, it
is hereby declared that no person providing any service as a network service provider shall be
liable under this Act, or rules and regulations made thereunder, for any third party information or
56
data made available by him if he proves that the offence or contravention was committed without
his knowledge or that he had exercised due diligence to prevent the commission of such offence
or contravention.
Explanation.—For the purposes of this section,--
(a) “network service provider” means an intermediary;
(b) “third party information” means any information dealt with by a network service provider in
his capacity as an intermediary.
80. Power of seize or arrest in public place, etc.—Any investigation taken under this Act, the
Controller, or any officer of Government authorized by the Government or any police officer not
below the rank of a Sub-Inspector of Police are in opinion that an offence has been committed or
being committed or offence which is punishable under this Act has been committed, then having
written the reasons, may enter the public place and search and seize the germane materials and
arrest the concerned person or the offender.
81. Procedure of search, etc.—The provisions of the Code of Criminal Procedure shall, subject
to the provisions of this Act, apply, so far as may be, in relation to all investigations, entry,
search and arrest made under this Act.
57
83. Procedure and powers of Cyber Appellate Tribunal.--(1) Cyber Appellate Tribunal shall
have the power to hear appeal and dissolving the verdict and order given by Cyber Tribunal and
Session Court, as the case may be.
(2) In case of hearing and dissolving the appeal, Cyber Appellate Tribunal shall follow the
procedure defined by rules and if the rules do not exist in that case Appellate Tribunal shall
maintain the procedure in relation to hearing and dissolving of criminal appeal followed by the
High Court Division of the Supreme Court.
(3) Cyber Appellate Tribunal shall have the power to retain, revoke, alter, or rectify the verdict
or order made by the Cyber Tribunal.
(4) The decision made by the Appellate Tribunal shall be final.
84. Appeal procedure in case of not establishing Cyber Appellate Tribunal.--If the Cyber
Appellate Tribunal has not been established, whatever contained in the Code of Criminal
Procedure, 21 appeal shall be lodged in the High Court Division of Supreme Court against the
verdict and order given by the Session Court or Cyber Tribunal, as the case may be.
6.5.5 MISCELLANEOUS:
85. Public servants.--The Controller, the Deputy Controller, the Assistant Controller or any
person empowered under this Act to exercise his power and carrying out the tasks shall be
deemed to be public servants within the meaning of section 21 of Penal Code.
86. Protection of action in good faith.--No suit, prosecution or other legal proceedings shall lie
against the Government, the Controller, the Deputy Controller, the Assistant Controller or any
person acting on his behalf, for anything which is in good faith done or intended to be done in
pursuance of this Act or any rule, regulation, order or direction made thereunder.
87. Augmented use of few definitions used in few acts.--For the purpose of this Act,--
(a) The definition of "document" in section 29 of Penal Code, 1860 (Act XLV of 1860) also
includes the document generated or prepared by electronic machine or technology;
(b) The definition of "document" in section 3 of Evidence Act, 1872 (Act I of 1872) also
includes the document generated or prepared by electronic machine or technology;
(c) The definition of "bankers books" in section 2, Clause (3) of Banker's Books Evidence Act,
1891 (Act XVIII of 1891) also includes the books viz. ledgers, day-books, cash-books, account-
books and all other books generated or prepared by electronic machine or technology;
58
88. Power of Government to make rules.--The Government may, by notification in the Official
Gazette and in the Electronic Gazette, make for all or any of the following rules for carrying\ out
of this Act:
(a) the manner in which any information or matter may be authenticated or any document may be
signed by means of digital signature;
(b) the electronic form in which filing, issue, grant or payment;
(c) the manner and format in which electronic records shall be filed, or issued and the method of
payment;
(d) the matters relating to the type of digital signature, manner and format in which it may be
affixed;
(e) the qualifications, experience and terms and conditions of service of the Controller, Deputy
Controllers and Assistant Controllers;
(f) other standards to be observed by the Controller;
(g) the requirements which an applicant must fulfill;
(h) the period of validity of licence;
(i) the format in which an application may be made;
(j) the amount of fees payable with application for licence;
(k) such other document which shall accompany an application for licence;
(l) the form of application for renewal of a licence and the fee payable;
(m) the form in which application for issue of a Digital Signature Certificate and the amount of
fees payable;
(n) the qualifications and experience of Chairman and members of Cyber Appeal Tribunal; 22
(o) the form in which appeal may be filed;
(p) the procedure of investigation;
(q) other such necessary matters.
89. Power of Controller to make regulations.--The Controller with prior approval of the
Government, by notification in the Official Gazette and in the Electronic Gazette, make for all or
any of the following regulations:--
(a) the particulars relating to maintenance of database containing the disclosure record of every
Certify Authority;
59
(b) the conditions and restrictions subject to which the Controller may recognize any foreign
Certifying Authority;
(c) the terms and conditions subject to which a licence may be granted;
(d) other standards to be observed by a Certifying Authority;
(e) the manner in which the Certifying Authority shall disclose the particular matters;
(f) the particulars of statement which shall accompany an application.
90. Original script & English script.--The original script shall be in Bengali and there shall be
a dependable English transcription of it. Provided that any conflict arises between Bengali &
English scripts the Bengali script shall get domination.
60
with publication of obscene material and provides for imprisonment up to a term of 10years and
also with fine up to Rs. 2 lakhs.58
Here I like to present a list of cyber laws existing in different parts of the WORLD: INDIA
Information Technology Act, 2000
Karnataka Cyber Cafe Regulations
Gujarat Information technology Rules, 2004.
IN Domain Name Dispute Resolution Policy (INDRP)
Rules for Information Technology Act 2000
Semiconductor Intergrated Circuits Layout Design Act 2000
Semiconductor Integrated CirCUITS LAYOUT-DESIGN RULES, 2001
IN Domain Name Registration Policy The Information Technology (Amendment) Bill, 2006
MOVED: Req: Indian Telegraph Rules, 1951
USA
THE DIGITAL MILLENNIUM COPYRIGHT ACT OF 1998
Deleting Online Predators Act of 2006
Adam Walsh Child Protection and Safety Act, 2006
CAN-SPAM Act 2003
FTC's Guidelines for Internet Advertising
Uniform Domain Name Dispute Resolution Policy
Computer Fraud and Abuse Act
Federal Trademark Act 1946 (The Lanham Act)
6.7 Conclusion
History is the witness that no legislation has succeeded in totally eliminating crime from the
globe. The only possible step is to make people aware of their rights and duties (to report crime
as a collective duty towards the society) and further making the application of the laws more
stringent to check crime. Undoubtedly the Act is a historical step in the cyber world. Further I all
58
[https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=0ahUKEwjz6Nmz3pDLA
hVWCY4KHR5LAkAQFggtMAI&url=http%3A%2F%2Fwww.academia.edu%2F4488760%2FCyber_Crime_and_Banglades
h_Perspective&usg=AFQjCNERjesIcY7NOy14gvJqmLi97c2k7A&sig2=-o3yKPrVD2jiKKOs1gSP5Q]
61
together do not deny that there is a need to bring changes in the Information Technology Act to
make it more effective to combat cyber-crime. I would conclude with a word of caution for the
pro-legislation school that it should be kept in mind that the provisions of the cyber law are not
made so stringent that it may retard the growth of the industry and prove to be counter-
productive.
62
CHAPTER 7
CONCLUDING REMARKS
7.1 Recommendations
Now a day’s cyber-crime has been spreading all over the world to a great extent. Behind that the
most vital reason is to commit cyber-crime, no physical presence is needed on the spot.
Generally the criminals happen this crime using the highest privileges of the technology sitting
one corner of the world. So it is really difficult to identify the cyber criminals. As the cyber law
is not implemented strictly, the morality of the people is degrading for the random use of
pornography and morph image.
We should take precautions against cyber-crime. To make this a success the Ministry of
Information Technology, along with the IT professionals and the media must work together. The
young generation must be conscious about cyber-crime. Apart from monitoring and controlling
cyber-crimes, Bangladesh Computer Security Incident Response Team should take punitive
measures against the offenders, and in some cases BD-CSIRT should take action directly against
those who engage in carrying out harmful activities or blog against female students, society,
state, political and religious beliefs using phone, website and different social networking sites
under the telecommunication act.
Cyber-crime or electronic blackmail cannot be controlled without proper steps,
application of law, maximum monitoring and punitive steps. So the pace of the investigation
however can be faster; judicial sensitivity and knowledge need to improve. Focus needs to be on
educating the police and district judiciary. IT Institutions can also play a role in this area. We
need to sensitize our investigators and judges to the nuances of the system. We need to move
faster than the criminals. The real issue is how to prevent cyber-crime. For this, there is need to
raise the probability of apprehension and conviction. Bangladesh has a law on evidence that
considers admissibility, authenticity, accuracy, and completeness to convince the judiciary. The
government of our country has taken proper and strong steps against cyber-crime.59
59
[http://www.thedailystar.net/beta2/news/cyber-crime-the-growing-menace/].
63
If they are not consciousness about cyber-crime it will be very dangerous problem in
Bangladesh. For this Bangladesh needs total international cooperation with specialized agencies
of different countries. Bangladesh Government should established one strong cyber police force
squad. It is the duty of the government to provide security to all the citizens. Now it is time to
enact another law and that is cyber law. We need to organize seminar. We need to protest against
the illegal decision of the government.
In Bangladesh, under Information & Communication Technology Act-2006 (ICT Act-
2006) have different types of cyber-crimes. This Act shall given different punishment for these
offences. But I think this is not proper remedy against the cyber-crime from other countries. So,
other countries cyber law is more effective against the cyber-criminal or cyber-crime from
Bangladesh. Because they are proper apply and maintain their cyber law against the cyber-crime.
7.2 Conclusion
The conception of cyber-crime is relating to the age of information super highway of the
contemporary world. Now-a-days crimes are spreading at an alarming rate in the field of online
communication system by the intellectual criminals. At present, modern world largely depends
on technology which means the use of computer, internet and electronic tools. This wide-spread
use of technology has many abuses for which a new kind of crime that is said cyber-crime is
increasing. History is the witness that no legislation has succeeded in totally eliminating crime
from the globe. It is not possible to remove cyber-crime from cyberspace. But we can control it.
Bangladesh also fixed their Mission and Vision for ‘Digital Bangladesh’ with in 2021. But still
the people of Bangladesh are not conscious about cyber-crime. Many people do not know about
the Information Communication Technology Act, 2006. To get proper benefit from computer,
we have to protect abuse of computer system either cyber-crime. So we have to know about
cyber-crime.
64
REFERENCES
BOOKS
1. Md. Borhan Uddin, Principles of Cyber Law and other related laws, 3rded.
(Dhaka: Shams Publication, 2011).
2. Zulfiquar Ahmed, Cyber law in Bangladesh, (Information and Communication
Technology Act, 2006), 2nd ed. (Dhaka: National Law Book, 2009).
3. R. K. Chaubey, An Introduction to Cyber Crime and Cyber Laws, 1st ed.
(Kolkata: Kamal Law House, 2009).
4. Prof. N.V. Paranjape, Criminology and Penology, 14th ed. (Allahabad: Central
Law Publications, 2009).
5. Sheikh Hafizur Rahman Karzon, Theoretical and Applied Criminology, 1sted.
(Dhaka: Palal Prokashoni, 2008).
STATUTES
1. The Information Technology Act 2006.
2. The Information Technology Act 2013
3. The Penal Code of Bangladesh 1860.
JOURNAL
1. M. Abul Hasanat, ‘Cyber Crime: An Ill-going Techno - Culture’, Journal of Law, Vol. i, no.1
(June 2003).
65
ELECTRONIC DATAS
1. [https://sites.google.com/site/cybercrimezbd/reasons-for-cyber-crime].
2. [http://en.wikipedia.org/wiki/International_cybercrime].
3. [http://www.preservearticles.com/201106117816/1306-words-free-sample-essay-on-
cyber-crime.html].
4. [http://www.kpmg.com/Global/en/IssuesAndInsights/ArticlesPublications/Documents/cy
ber-crime.pdf].
5. [http://www.emc.com/collateral/fraud-report/current-state-cybercrime-2013.pdf].
6. [http://online.wsj.com/search/term.html?KEYWORDS=CHAD+BRAY&bylinesearch=tr
ue].
7. [http://nolet.com/tags/email-address/chadbraywsjcom].
8. [http://www.antiessays.com/free-essays/300482.html].
9. [http://www.scribd.com/doc/27042582/Cybercrime-and-its-Impact-in-Bangladesh].
10. [http://www.thedailystar.net/beta2/news/cyber-crime-the-growing-menace/].
11. [http://www.newsnetwork-bd.org/cyber-crimes-up-against-women-in-bangladesh/].
12. [http://www.mediafire.com/?sbo2dd75rf0g7s8].
13. [http://pastebin.com/WFhmnqPB].
14. [https://www.facebook.com/247.bmn.bd/posts/389232124446829].
15. [http://www.newsnetwork-bd.org/cyber-crimes-up-against-women-in-bangladesh/].
16. [http://news.priyo.com/tech/2011/06/25/efficiencies-cyber-law-banglad-29806.html].
17. [http://www.prp.org.bd/downloads/ICTAct2006English.pdf].
18. [http://bdnews24.com/bangladesh/2013/04/02/bloggers-to-be-charged-under-ict-act].
66