CHAPTER 1

INTRODUCTION OF RESEARCH

1.1 Introduction
Research in common parlance refers to a search for knowledge. Once can also define research as
a scientific and systematic search for pertinent information on a specific topic. In fact, research is
an art of scientific investigation. The Advanced Learner’s Dictionary of Current English lays
down the meaning of research as “a careful investigation or inquiry specially through search for
new facts in any branch of knowledge.”1 Redman and Mary define research as a “systematized
effort to gain new knowledge.”2 Some people consider research as a movement, a movement
from the known to the unknown. It is actually a voyage of discovery. We all possess the vital
instinct of inquisitiveness for, when the unknown confronts us, we wonder and our
inquisitiveness makes us probe and attain full and fuller understanding of the unknown. This
inquisitiveness is the mother of all knowledge and the method, which man employs for obtaining
the knowledge of whatever the unknown, can be termed as research. Research is an academic
activity and as such the term should be used in a technical sense

1.2 Justification of Research Title

I was chosen of this topic as my dissertation for concusses of public who are the Cyber Crime.
And also their right because of they are not concusses about their right as a Cyber Crime. I am
trying to given knowledge of them about the Information and Communication Technology on
protection of the rights of all Cyber Crime. How to different rights apply to categories of Cyber
Crime.

1.3 Objectives of Research

Actually, I am taking this topic as my dissertation for concern to the public, who are the Cyber
Crime. I try to find out the problem and solution Cyber Crime. Now I am following objectives of
my dissertation.

1
The Advanced Learner’s Dictionary of Current English, Oxford, 1952, p. 1069.
2 L.V. Redman and A.V.H. Mory, The Romance of Research, 1923, p.10.

1
1. To ensure there right
2. To concuss of their duty
3. To concuss of Cyber Crime
4 To security of their human

1.4 Methodology of Research

This is a qualitative research. I have collected all the information from secondary sources like
books, articles of referred journals in national and international arena, periodicals, magazines,
newspaper. Collected data therefore I analyzed systematically to achieve the objective of the
research.

1.5 Scope and Limitation of Research

There were many limitation arising out for perform of may research activities. I am term by term
try to following it’s….
Time Limitation: Because it is a higher study, Research is an important issue in this situation.
So within a fixes period of tome four months this is quite impossible to perform research
perfectly, which is the main problem for a research activities.
Resource Limitation: There is on sufficient resource for complete of my research work. This is
most important problem for a researcher. Because of, if there is on sufficient resource for
perform a research then the recharge shall not fond out main view point of his research. So it is
an important issue for a research.
Browsing Problem: This is a scientific world, any document is available in the internet, and if
any person is able to browsing internet then he can perform his research perfectly. So it is a
problem.
Typing Problem: If a recharger is not adopt in typing then he cannot finishes his work in an
appropriate way. So it is an important issue for typing.
Insufficient of Documents: There is no sufficient document for real survey on research topic. It
is most important problem for a recharger. Without documentary issue a research shall not
perform in an appropriate from. If it is insist than it can be possible for comparative study on
research topic. ding of them. So it is a qualitative basis of dissertation.

2
1.6 Conclusion
Capacity of human mind is unfathomable. It is not possible to eliminate cybercrime from the
cyber space. It is quite possible to check them. The only possible step is to make people aware of
their rights and duties and further making the application of the laws more stringent to check
crime. Undoubtedly the Act is a historical step in the cyber world. Further it cannot be denied
that there is a need to bring changes in the Information Technology Act to make it more effective
to combat cybercrime.

3
 CHAPTER 2
INTRODUCTION TO CYBER CRIME

2.1 Introduction
Cybercrime has had a short but highly eventful history. Apart from being an interesting study by
itself, observing the history of cybercrime would also give the individual and society the
opportunity to avoid the mistake made in past. The past recorded cyber crime took place in the
year 1820! That is not surprising considering the fact that the abacus, which is thought to be the
earliest form of a computer, has been around since 3500 B.C. in India, Japan and China. The era
of modern computers, however, began with the analytical engine of Charles Babbage. In 1994
the first online bank opened, called First Virtual. This opened up a lot of opportunities for
hackers. Cybercrime was slowly becoming more popular. In 1995 the Secret Service and Drug
Enforcement Agency (DEA) obtained the first Internet wiretap, which is exactly like a phone
wiretap. The DEA was able to shut down a company who was selling illegal cell phone cloning
equipment. There is sharp rise in the Cybercrimes in Bangladesh and the Law enforcement
machinery is finding it really it really difficult to manage these technical crimes in Bangladesh.
Cybercrime has already become a going concern in both private as well as public sector in
Bangladesh. During the last decade private and public sector has done a revolution with the use
of technical enhancement. Due to unauthorized intervention to the system, company loses huge
confidential information which caused a large amount of financial lose. It has already been
identified that especially Financial Institutions are in the most threading organization for
cybercrime that at the same time reflects to the personal life. Some development partners have
started working how to tackle cybercrime and improve effective communications.3

2.2 Definition of Cyber Crime

A cyber-crime may be defined as any criminal activity that uses a computer either as an
instrumentality, target or means of perpetrating further crime. In other words, cyber-crime is an
unlawful act wherein the computer is either a tool or a target or both.4

3
Lecturer, Department of Law, Britannia University, Comilla-3500, Bangladesh and M. Phil Research Fellow
under the Faculty of Law, Chittagong University, Bangladesh. Volume 2
4
rof. N.V. Paranjape, Criminology and Penology, 14th ed. (Allahabad: Central Law
Publications, 2009), p. 133.

4
 Cyber-crime may be defined as E-crime. E-crime covers offences where a computer or
other information and communication technology are used to commit an offence. The actual
offence committed may be a traditional offence. These are theft, fraud, identify crimes,
harassment, threatening violence, possessing, making or distributing objectionable material, e.g.
child pornography, criminal breach of copyright.
E-crime is a type of offence specifically related to computers. Hacking, unauthorized
access to a computer system, distributing an electronic virus designed to damage to access a
computer system, distributing software for the commission of crime, launching a denial of
service attack intentionally or causing a computer system to deny service to any authorized user.
So we defined it as, “E-crime are almost conventional crimes in nature committed by using
computer and ICT with an intention to make social disorder”5
Computer crime or cyber-crime is a form of crime where the Internet or computers are
used as a medium to commit crime. It is criminal activity done using computers and the Internet.
This includes anything from downloading illegal music files to stealing millions of dollars from
online bank accounts. Cyber-crime is a broadly used term to describe criminal activity
committed on computers or the Internet. Some of it is punishable by the laws of various
countries, whereas others have a debatable legal status.6

2.3 History and Background of Cyber Crime

Cyber-crime has had a short but highly eventful history. Apart from being an interesting study by
itself, observing the history of cyber-crime would also give the individual and society the
opportunity to avoid the mistakes made in the part. Appropriate action can also be taken in the
future. The first recorded cyber-crime took place in the year 1820! That is not surprising
considering the fact that the abacus, which in through to be the curliest form of a computer, has
been around since 3500 BC.
In India, Japan and China, The era of modern computers, however, began with the
analytical engine of Charles Babbage. A Textile manufacturer in France named Joseph-Marie
Jacquard was hindered to accept new technology in the wearing of special fabrics by traditional

5
Md. Borhan Uddin, Principles of Cyber Law and other related laws, 3rd ed. (Dhaka: Shams
Publication, 2011), p. 33.
6
[http://www.techterms.com/definition/cybercrime, Last visited 30 August 2015].

5
employees of won textile on 1820. This is the first rewarded cyber-crime in ward. And the
modern age cyber-crime is originated in new method.7

In this 1980s companies such as CompuServe, prodigy, and AOL_ began to emerge.
These were commercial providers who would change a monthly fee to users if they wanted to
access the in “community”. In the 1980s the fee to dial into CompuServe was $25 per hour (wall
2001). Users chose to connect through these companies due to case of use. There was no
configuration, inserting a disk and tuning a program would have the user, “Wired” in the early
1990s the fees for dial up internet decreased to $ 25 per month for unlimited access. The decline
in cost made it possible to more online crime to emerge in the anonymous online community.
In 1990 and 1991 users began to ponder the thought of privacy. They were not sure if a
third party would intercept their Internet communications. As a result Phillip Zimmermann
created an encryption program called Pretty Good Privacy (PGP). PGP was used to hide
sensitive information, but criminals also used to crimes they had committed to the police. In
1994 the first online bank opened, called First Virtual. In 1995 the secret service and Drug
Enforcement Agency (DEA) abstained the First Internet Wiretap, which is exactly like a phone
wiretap. The DEA was able to shut down a company who was selling illegal cell phone cloning
equipment.8

February 6th, 7th and 8th of year 2000 were the days of cyber-criminal and amongst the
darkest nights ever for the Internet and ecommerce some of the big web site such yahoo,
Buy.com, eBay Amazon.com and E-Invade were chocked and shut down for hours. Entering the
millennium caused a huge description for companies due to a denial of service attach. Major web
sites like MSN, Yahoo and Apache were shut down and hacked. The code red virus and sitcom
virus spanned to millions or e-mail account worldwide. Cyber-crime has only accelerated
through the years, and has no plans to slow. There is a sharp rise in the Cyber-crimes in
Bangladesh and the Law enforcement machinery is finding it really difficult to manage these
technical crimes in Bangladesh.9

7
Zulfiquar Ahmed, Cyber law in Bangladesh, (Information and Communication Technology Act, 2006),
2nd ed. (Dhaka: National Law Book, 2009), p. 221.
8
Ibid, p. 222.
9
Ibid, p. 223.

6
2.4 Reason behind of Cyber Crimes
The overall purpose of the study was to identify the impact of cybercrime in Bangladesh with
regard to technological enhancement. The study has embarked upon the specific objectives are to
assess:
 Types of cybercrime with the profile of cyber criminals and victims
 Impact of cybercrime against individuals
 Impact of cybercrime against organizations
 Impact of cybercrime against the Government

Scopes and Limitation of Cyber Crimes

Cybercrime does not know the border. The same technology that brings people of the world
closer together has a darker side, making it easier for criminal or malicious elements to steal,
destroy, corrupt, defraud and exploit. They do not have to be near they can do so from another
country or continent. Internet technology has come to Bangladesh quite late. But, the country
does not leg behind when it comes to cybercrimes. As most of the organizations in Bangladesh
are very keen to use the opportunity of the internet technology, the potential threats cannot be
ruled out. Due to availability and cheaper prize of a personal computer, interest to use them for
day to day personal business is being grown up. Considering the above views, the study was
conducted at all levels (corporate and/or personal) in where ICT has arrived with its prospect.
The study has suffered certain limitations as below:

 The duration of the study was very short. More in-depth investigation would have
resulted better outputs
 Lack of resources has hampered the study to some extent;

 Access to information is very difficult. In most cases, concerned persons were very rigid
to share adequate information.

2.5 Nature of Cyber Crime

A cyber-criminal can destroy websites and portals by hacking and planting viruses, carry out
online frauds by transferring funds from one corner of the globe to another, gain access to highly

7
confidential and sensitive information, cause harassment by e-mail threats or obscene material,
play tax frauds, indulge in cyber pornography involving children and commit innumerable other
crimes on the Internet. It is said that none is secure in the cyber world. The security is only for
the present moment when we are actually secure. With the growing use of the Internet, cyber-
crime would affect us all, either directly or indirectly.

2.5.1 Study Area

The study has been carried out in all sectors where technological intervention has already
become as essential. The below table shows the organizations covered within the purview of the
study:

Sl. Details
Cyber
i Hotspot Cyber Cafe in Mirpur
ii Blue Planet.Com in Dhanmondi
iii Global Windows in Uttara

Banks
iv Dhaka Bank
Private University
v Eastern University
vi University of Asia Pacific
Government Agencies.
vii Cybercrime Unit at CID, BP10

2.5.2 Target Audiences

In order to collect relevant information for the study following target audiences were brought
within purview of the study (Appendix 1):
 Manager of Cybercafé
 Technical Experts of Cybercafé

10
http://www.scribd.com.Last visited 2 september 2015

8
  Automatic Trailer Machine administrator in Bank
 Students of Computer Science of Different Universities
 Members of Cybercrime Unit at CID, Bangladesh Police11

2.5.3 Data Collection Method

Employing the following qualitative methods has collected the relevant information:

 Literature Review (secondary source of information; journals, reports etc.)

 In-depth interviews were made with the Manager and others of Cybercafé.
 Focus Group Discussion with the students of private university
 Key Informant Interview with the Member of Cybercrime unit.

2.6 Causes for Cyber Crime

MR. Hart in his work “The Concept of Law” has said ‘human beings are vulnerable so rule of
law is required to protect them’. Applying this to the cyberspace we may say that computers are
vulnerable so rule of law is required to protect and safeguard them against cyber-crime. The
reasons for the vulnerability of computers may be said to be:

2.6.1 Capacity to store data in comparatively small space

The computer has unique characteristic of storing data in a very small space. This affords to
remove or derive information either through physical or virtual medium makes it much easier. 12

2.6.2 Easy to access

The problem encountered in guarding a computer system from unauthorised access is that there
is every possibility of breach not due to human error but due to the complex technology. By
secretly implanted logic bomb, key loggers that can steal access codes, advanced voice
recorders; retina imagers etc. that can fool biometric systems and bypass firewalls can be utilized
to get past many a security system.

11
Ibid
12
[https://sites.google.com/site/cybercrimezbd/reasons-for-cyber-crime, Last visited 12 August
2015].
12
Md. Borhan Uddin, ibid, p. 35

9
2.6.3 Complex
The computers work on operating systems and these operating systems in turn are composed of
millions of codes. Human mind is fallible and it is not possible that there might not be a lapse at
any stage. The cyber criminals take advantage of these lacunas and penetrate into the computer
system.

2.6.4 Negligence
Negligence is very closely connected with human conduct. It is therefore very probable that
while protecting the computer system there might be any negligence, which in turn provides a
cyber-criminal to gain access and control over the computer system.

2.6.5 Loss of evidence

Loss of evidence is a very common & obvious problem as all the data are routinely destroyed.
Further collection of data outside the territorial extent also paralyses this system of crime
investigation.13

2.7 Conclusion
Capacity of human mind is unfathomable. It is not possible to eliminate cybercrime from the
cyber space. It is quite possible to check them. The only possible step is to make people aware of
their rights and duties and further making the application of the laws more stringent to check
crime. Undoubtedly the Act is a historical step in the cyber world. Further it cannot be denied
that there is a need to bring changes in the Information Technology Act to make it more effective
to combat cybercrime.

13
[https://sites.google.com/site/cybercrimezbd/reasons-for-cyber-crime, Last visited 24 August
2015

10
 CHAPTER 3
MODE AND MANNER OF COMMITING CYBER CRIME

3.1 Introduction
Cyber-crime is accomplishment done using internet and computers. Cyber-crime includes
anything from downloading banned software's, movies or music files to robbery money from
online bank accounts. Cyber-crime also creating and share out viruses on other computers or
redeployment private business information on the Internet. The most well-known form of cyber-
crime is identity theft, in which criminals use the Internet to filch private information from other
end user. Two of the most regular ways this is done is through pharming and phishing. Both of
these methods attract users to false websites (that appear to be genuine), where users are asked to
enter secret information. The users should always check the URL or Web address of a site to
make sure it is genuine before entering your secret information

3.2 Types of Cyber Crime

We are living in a digital world where computers are not just an ordinary thing anymore but a
“necessity” to our everyday lives. Most of us only knew a little about computer security threats,
the most common were “virus” and “worm”. Let us examine the acts wherein the computer is a
tool or a target for an unlawful act. This kind of activity usually involves a modification of a
conventional crime by using computers. Here is the list of the prevalent cyber-crimes, some of
which are more widely spread and harmful.

3.2.1 Classification based on role of computer in cyber crime

Computerization significantly eases the performance of many tasks. For example, the speed and
ability to communicate with people is fostered by the Internet, a worldwide network that is used
to send communiqués and provide access to the world-wide web. But this same speed and ability
to communicate also opens the door to criminal conduct. Computer crime plays a significant role
in the criminal law of the information age. Accompanying the influx of computers is an increase
in criminal acts and, as a result, an increase in the number of statutes to punish those who abuse
and misuse this technology.

11
Computer crime, sometimes known as cyber-crime, is a serious concern. The crime can be
perpetrated instantaneously and its effects can spread with incredible quickness. Furthermore, the
ever-increasing use of computers, especially in serving critical infrastructure, makes computer
criminality increasingly important.
There is an endless list of possible crimes that can occur through use of the Internet. For
example, the Internet can be a medium used for committing hate crimes, pornography, consumer
fraud, stalking, terrorism, theft of security or trade secrets, software piracy, economic espionage,
and financial institution fraud. The threat of computer crime is underlined by the fact that a
security organization such as the Federal Bureau of Investigation was forced to temporarily take
down its Internet site in 1991 after an attack by hackers. Companies have been equally
vulnerable and have incurred millions of dollars in damage due to the effect of certain viruses.
Misuse of the computer threatens individual and business privacy, public safety, and national
security. There have been considerable efforts made by state, federal, and international
governments to curb computer crime.

3.2.2 Classification based on perpetrators of cyber crime

3.2.2.1 Hacking
This kind of offence is normally referred as hacking in the generic sense. However the framers of
the information technology Act 2000 have nowhere used this term so to avoid any confusion we
would not interchangeably use the word hacking for ‘unauthorized access’ as the latter has wide
connotation.14

3.2.2.2 Intellectual Property crimes

These include software piracy, copyright infringement, trademarks violations, theft of computer
source code etc. some cyber squatters are registering domain with Network solution under
different fictitious names, Transfer of domain names to any third party should be restricted. 15

14
Ibid, p. 37.
15
Ibid, p. 36.

12
3.2.3 Classification based on victims of cyber crime
3.2.3.1 Financial crimes
This would include cheating, credit card frauds, money laundering etc. To cite a recent case, a
website offered to sell Alphorns mangoes at a throwaway price. Distrusting such a transaction,
very few people responded to or supplied the website with their credit card numbers. These
people were actually sent the Alphorns mangoes. The word about this website now spread like
Wild fire. Thousands of people from all over the country responded and ordered mangoes by
providing their credit card numbers. The owners of what was later proven to be a bogus website
then fled taking the numerous credit card numbers and proceeded to spend huge amounts of
money much to the chagrin of the card owners.16

3.2.3.2 Cyber pornography

This would include pornographic websites; pornographic magazines produced using computers
(to publish and print the material) and the Internet (to download and transmit pornographic
pictures, photos, writings etc).

3.2.3.3 Sale of illegal articles

This would include sale of narcotics, weapons and wildlife etc., by posting information on
websites, auction websites, and bulletin boards or 167 simply by using email communication.
E.g. many of the auction sites even in India are believed to be selling cocaine in the name of
'honey'.17

3.2.3.4 Online gambling

There are millions of websites; all hosted on servers abroad, that offer online gambling. In fact, it
is believed that many of these websites are actually fronts for money laundering.

3.2.3.5 Email spoofing

A spoofed email is one that appears to originate from one source but actually has been sent from
another source. Email spoofing can also cause monetary damage. In an American case, a
teenager made millions of dollars by spreading false information about certain companies whose

16
Md. Borhan Uddin, ibid, p. 35.
17
Ibid, p. 36.

13
shares he had short sold. This misinformation was spread by sending spoofed emails, purportedly
from news agencies like Reuters, to share brokers and investors who were informed that the
companies were doing very badly. Even after the truth came out the values of the shares did not
go back to the earlier levels and thousands of investors lost a lot of money.

3.2.3.6 Forgery
Counterfeit currency notes, postage and revenue stamps, mark sheets etc can be forged using
sophisticated computers, printers and scanners. Outside many colleges across India, one finds
touts soliciting the sale of fake mark sheets or even certificates. These are made using computers,
and high quality scanners and printers. In fact, this has becoming a booming business involving
thousands of Rupees being given to student gangs in exchange for these bogus but authentic
looking certificates.

3.2.3.7 Cyber Defamation

This occurs when defamation takes place with the help of computers and / or the Internet. E.g.
someone publishes defamatory matter about someone on a website or sends e-mails containing
defamatory information to all of that person's.18

3.2.3.8 Cyber stalking

The Oxford dictionary defines stalking as "pursuing stealthily". Cyber stalking involves
following a person's movements across the Internet by posting messages (sometimes threatening)
on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the
victim, constantly bombarding the victim with emails etc.19

3.2.3.9 Theft of information contained in electronic form

This includes information stored in computer hard disks, removable storage media etc. Theft
may be either by appropriating the data physically or by tampering them through the virtual
medium.

18
Ibid, p. 36.
19
Ibid, p. 37.

14
3.2.3.10 Email bombing
This kind of activity refers to sending large numbers of mail to the victim, which may be an
individual or a company or even mail servers there by ultimately resulting into crashing of the
entire system.

3.2.3.11 Data diddling

This kind of an attack involves altering raw data just before a computer processes it and then
changing it back after the processing is completed.

3.2.3.12 Salami attacks

This kind of crime is normally prevalent in the financial institutions or for the purpose of
committing financial crimes. An important feature of this type of offence is that the alteration is
so small that it would normally go unnoticed.

3.2.3.13 Logic bombs

These are event dependent programs. This implies that these programs are created to do
something only when a certain event (known as a trigger event) occurs. E.g. even some viruses
may be termed logic bombs because they lie dormant all through the year and become active
only on a particular date (like the Chernobyl virus).20

3.3 Conclusion
Finally we can say that any criminal doings that uses a computer either as an instrumentality,
objective or a means for propagating further crimes comes within the influence of cybercrime".
Unlawful acts wherein the computer is either a tool or target or both. The computer can be used
in the following kinds of actions - financial crimes, intellectual property crime, pornography, sale
of banned articles, cyber aggravation, online betting, cyber defamation, e-mail spoofing, forgery.
The computer can be used to target for unlawful acts in the following cases- computer networks /
computer system/ unauthorized right of entry to computer, e-mail bombing, stealing of

20
Sheikh Hafizur Rahman Karzon, Theoretical and Applied Criminology, 1st ed. (Dhaka: Palal
Prokashoni, 2008), pp. 414-417.

15
information contained in the electronic form, theft of computer system ,data diddling, salami
attacks, logic bombs, Trojan attacks, internet time thefts, web jacking, physically damaging the
computer system.

16
 CHAPTER 4
CYBER CRIME IN BANGLADESH

4.1 Introduction
In Bangladesh Internet was first introduced in 1996. In 2000, the number of Internet users was
100,000 and it shot up to 450,000 in 2007. In another report says about 2 million people use
internet in Bangladesh. In 2013 According to Bangladesh Telecommunication Regulatory
Commission (BTRC), there are at least 30 million internet users and 3.2 million Facebook users
in Bangladesh. So the internet user day by day increasing in Bangladesh and now cyber-crime is
a major problem in our country.21

4.2 First Situation of Bangladesh

In late 1995, the government of Bangladesh invited applications to subscribe the VSAT (Very
Small Aperture Terminal) data circuits and on June 4, 1996 the VSAT connection was
commissioned and the internet was launched in Bangladesh for the first time and the first usage
of internet was the publication of the National Polls Result in 1996.22 But this introduction could
not create a good market at the very initial stage. After the year 1996, there were only two ISPs
(Internet Service Providers) and about one thousand of users in the country. But the year 1997 is
a landmark in this field as it recorded a tremendous advancement in internet using. The number
of ISPs increased into twelve and users into ten thousand. Afterwards some new ISPs started
their service which fuels the proportional advancement of this sector. However, the government
adopted more liberal national policies for a sustainable and rapid growth of this industry and as a
result we had 180 ISPs by 2005. In 2006 Bangladesh got connected with Submarine Cable (SEA-
ME-WE 4 Submarine Cable) which afforded big bandwidth and low cost than ever before. After
this, over the years Bangladesh Telecommunications Company Ltd., BTCL (Now BTRC,
‘Bangladesh Telecommunication Regulatory Commission’) reduced the bandwidth price at
regular intervals which attracted more and more users towards the internet world. As of now
BTRC has about three hundred and forty five (ISP Natiowide-94, ISP Central Zone-79, ISP
Zonal-53, ISP Category A-99, ISP Category B-16, ISP Category C-04) registered ISP license

21
[http://nolet.com/tags/email-address/chadbraywsjcom , Last visited 24 August 2015].
22
Hamidur Rashid, Internet History of Bangladesh, http://ezinearticles.com/?Internet-Historyof-
Bangladesh&id=2327010, last visited 01.10.2009.

17
holders23 and there are approximately 4.5 million users connected to them which is about 0.32%
of our total population.

4.3 Present Situation of Bangladesh

Development of Science and ICT depends on the expansion of telecommunication sector. This
sector is still under developed due to lack of deregulation and open competition. The impact of
cyber-crime is not alarming Bangladesh because financial transactions have not yet been fully
facilitated in online. As soon as financial transactions are allowed online computer crimes will
increase at an unprecedented rate unless the Government acquires the tools and infrastructure to
prevent, detect and prosecute them. But our government still not aware of the fact . Internet
services provided through the local area network are vulnerable to similar attacks and intrusions
by hackers more often when the security level is inadequate. Now a day in Bangladesh some
people send malicious mail to different foreign diplomatic Mission and other VIPs which
sometimes cause serious problem for the police and also for the government.
Some people use internet for transmitting false and malicious information. Some of them
use internet for women and child trafficking. Pornography is another dangerous business
weapon of the cyber criminals. But In spite of this the Government of Bangladesh is not alert.24

4.4 Bangladesh is in Danger

The police force of our country is not still developed. They are not expert like American federal
bureau of investigation. That’s why it is very easy for the cyber criminals to commit
crime in Bangladesh . Cyber terrorists are very expert. It is not possible for the normal police to
arrest them.
Cyber warfare is a complex aspect of the modern war, but it is not a new feature. It has
been called by various names in the past - intelligence and electronic warfare. Some of the cyber
warfare notions are absurd, such as bringing a society to its knees through an exotic electronic
disruption to banking systems or air traffic control networks. Extremist groups train their

23
Summary of- BTRC licenses,
[http://www.btrc.gov.bd/licensing/operators/summary_of_licenses.pdf , Last visited
06.09.2009]
24
[http://nation.ittefaq.com/issues/2008/11/25/news0088.htm, Last visited 24 August 2015].

18
workers for the future cyber warfare. Extremist organizations also use the Internet to target their
audiences without depending on overt mechanisms such as radio, TV, or the press.
In our country we still do not have any cyber law also. Now a day in Bangladesh lot of
people use Face book on internet. Face book is a social utility that connects people. Students
are blind fan of face book. Students use face book almost all day long. They upload their
pictures , they send their message through this site to their friends . But the problem is
some people use face book for business purpose . They post illegal things and advertise it
in face book. They invite students to join so many fake clubs. Some group invite students
community to come and join different restricted night club of Dhaka city. Student community
becomes influenced by this type of advertisement. So many crimes have been occurred already
through face book.25

4.5 Effect on Cyber Crime in Bangladesh

4.5.1 Cyber-crime on financial sector
Most of the financial sector of Bangladesh like bank, business institution not safe from cyber-
crime. Bangladesh's financial institutions are risk from hackers. In the country financial
institutions have introduced various online features like online banking, stock exchange
transactions but are not able to provide the highest security. Source said the cyber-criminal
networks through Internet have attacked our country's technology infrastructure. Recently,
hackers interrupted the DSE transaction, Bangladesh police & High court website. In recent Brac
Bank had attacked by hackers. In 2013 Bangladesh financial sector had faced a new problem that
was Credit Card Fraud. You simply have to type credit card number into www page of the
vendor for online transaction. If electronic transactions are not secured the credit card numbers
can be stolen by the hackers who can misuse this card by impersonating the credit card owner.
Cyber-crime has already become a going concern in both private as well as public sector
in Bangladesh. During the last decade private and public sector has done a revolution with the
use of technical enhancement. Due to unauthorized intervention to the system, company loses
huge confidential information which caused a large amount of financial lose. It has already been

25
[http://www.bangladeshnews24.com/prothomalo/newspaper/, Last visited 24 August 2015].

19
identified that especially Financial Institutions are in the most threading organization for
cybercrime that at the same time reflects to the personal life. Some development partners has
started working how to tackle cybercrime and improve effective communications.
Now in Bangladesh there are many call centers. The main point is that, the call centers
are involved with cyber-crime. The call center employee involved with credit card fraud. The
employee calls to the Bangladesh or foreign country peoples about sell some product by calling
conversation by internet.26

4.5.2 Cyber-crime on social networking websites

The young generation must be conscious about cyber-crime. In 2013 the use of cell phone,
computer and the Internet in Bangladesh is growing rapidly. It has opened a new window in
every segment of our life. The revolutionary changes in the information technology sector by the
present government have accelerated significantly the efforts to digitalize Bangladesh. Today’s
young generation is known as facebook or blog generation. Now in our country internet used for
religious purpose and held cyber-crime for this purpose.
The social networking websites like facebook, twitter and blog have become very popular
in the last few years. We can collect a lot of information about blood donor clubs, crafts, visual
arts, poetry, comics, recipes, restaurants, hotels, parenting, baby, mom, nutrition, medicine,
journal, news, gardening, nature, TV, music, radio, shopping, culture, law, sports, cars,
transportations, life science, technology, engineering and business from the Internet blog and
also facebook.
One of the most worrisome disadvantages is cyber-crime. In our country cyber-crimes
probably started with spam mails and Trojan attacks, but now it has extended to different issues.
Now it has become quite easy for someone to access another’s privacy and steal anything he
wants. By using the Internet one can steal information from another’s computer which is much
more valuable than money. Every day, millions of users become helpless victims of cyber-crime.
It is not anything new as far as crimes are concerned; only the form of crime has changed. It can
be said that, “The modern thief can steal more with a computer than with a gun. Tomorrow’s
terrorist may be able to do more damage with a keyboard than with a bomb.”

26
[http://www.scribd.com/doc/27042582/Cybercrime-and-its-Impact-in-Bangladesh, Last
visited 27 August 2015].

20
 In the last few years, there have been major cases of cyber-crimes in reputed
organizations involved in the field of IT but remained hidden from the public eye to maintain
positive image of the organization; customers of the concerned institutions were also left in dark.
Some examples of cyber-crime in Bangladesh are anonymous death threats to the prime minister
through email, hacking website run by law enforcing agencies and defamation of private
information of respected and popular individuals of the country in September, 2008. 27
Rapid Action Battalion (RAB) discovered that their website had been hacked! But RAB was
successful in catching the hackers which proved that Bangladesh was not far behind in detecting
and catching cyber criminals.
Some criminals take pictures or collect pictures from facebook of female students and then
write blogs to publish or distribute the obscene content in facebook to embarrass them.28

4.5.3 Cyber-crimes against women in Bangladesh

Dhaka, 19 June, 2012 (News Network): – Shumona Sharmin (not her real name) had maintained
a facebook account for the last several years but recently she opted out because she found it
unpleasant. One day she saw a number of indecent messages on her wall. Last of all she closed
her account. Another female facebook user Irene Akhter (also not her real name) had married her
classmate after a long affair. Their relations got estranged soon after their marriage. Her
husband, a vindictive man, posted some indecent pictures of her on the internet in retaliation.
After the incident, she collapsed mentally. Having being rejected by her own family, Irene now
leaves alone.
Another such victim is Nasrin Akhter (this name has also been changed to protect
privacy). She is a garment worker. She had developed an affair with a young man who raped her
one day taking advantage of their relation. She was not aware that the rape incident was tapped
technically. The rapist then distributed it among his friends and accomplices, causing a huge
humiliation to her and her family.
Later, Nasin’s family filed a case under the Women and Children Repression Prevention
Act. Though the young man was arrested after the filing of the case, Nasrin does not know
whether she will get justice.
27
[http://www.newsnetwork-bd.org/cyber-crimes-up-against-women-in-bangladesh/.]
28
[http://www.thedailystar.net/beta2/news/cyber-crime-the-growing-menace/, Last visited 28
August 2015].

21
 The humiliation Irene, Sumana and Nasrin faced is emerging as a big social problem in
Bangladesh. The number of such incident is increasing day by day. This growing menace has
added a new dimension to the already social violence against women like torture for dowry, acid
attack, rape, abduction and trafficking. With the easy availability of computers, cyber cafes have
sprung up across the country — even in rural areas. School and college students spend hours
together in such cafes every day. Most of them spend time chatting online and seeing
pornographies.29

4.5.4 Bangladesh vs. India Cyber War

In 2012 a group of Bangladeshi hackers reportedly hacked more than 7000+ Indian websites to
protest against the killings of Bangladeshi people on borders by Indian Border Security Force
(BSF). The group was identified as “BANGLADESH BLACK HAT HACKERS (BBHH)”.
According to sources, the group members hacked 56 sites, including some important website of
Indian government on January 25-2012 and kept complete control over it till January 28-2012 in
order to stop killings of Bangladeshi people on borders. They want to destroy Indian cyber space.
The hackers changed the contents of the homepage of those sites by breaking their security
systems and wrote “The sites are being hacked protesting killings of Bangladeshis by Indian
BSF.” In the meantime, they have uploaded the picture of the hanging body of Felani, a
Bangladeshi adolescent who was killed in BSF firing. Report shows that, Indian Border Security
Force (BSF) killed more than 1 thousands Bangladeshi citizens; thousands of people have been
robbed by Indian BSF. In the title ‘About Us’ they wrote “Hacked by back bone, BD black hat
hackers” and “This site is hacked” one after another. Meanwhile, they wrote under the picture
“We never forget, we never forgive, we never give up hackers also wrote, “Stop hacking
Bangladeshi sites and stop border killings, else we will destroy your cyber space.” Asking where
is humanity, they wrote, “Shame on BSF…..BSF shame.” The hackers warned that they would
not stop hacking Indian sites until BSF stop killing innocent Bangladeshis on border.
In addition, some Indian hacker group also declared war against Bangladesh. Indian
hacker group also attack 100+ government website in Bangladesh .They also give a warning to
destroy Bangladesh cyber space. Indian hackers, led by a hacker group indicial Bangladeshi

29
[http://www.newsnetwork-bd.org/cyber-crimes-up-against-women-in-bangladesh/,Lastvisited
29 August 2015].

22
Hacker group also start counter attack against India. However, some Pakistani hacker group also
raises their hand against India. Pakistani hacker group also leave a message about this war.
Pakistani hacker group say” ''They f**ked hard from Pakistan. Now they want to f**ked again
from Bangladesh, lolx”. Already they deface more than 2000 Indian web site.30

Traditionally, crime and punishment are largely local, regional, or national. Today, many
differences confronting us are associated with the transnational character of cybercrimes. It is
therefore important to have international legal instruments ready to serve anti-crime efforts.
This article looks at international harmonizing efforts to fortify the legal battle against
cybercrime, categorizing the actions into four aspects: professional law-enforcement efforts,
regional efforts, multi-national efforts, and global international efforts. Subsequently, the article
also categorizes the international actions according to the subject-matters into additional aspects,
including the promotion of security awareness at both international and national levels, the
harmonization of legislation, coordination and cooperation between law-enforcement agencies,
and direct anti-cybercrime actions. The article will also examine the nations' attitudes toward the
Convention on Cybercrime. Based on the analysis, the article will briefly evaluate the
effectiveness of previous attempt at international harmonization.

4.5.5 Regional efforts

There are many regional international organizations, with a narrow or broad coverage of states,
more or less making efforts to maintain cyber security and harmonize international measures to
combat cybercrime. This section will introduce only four of these organizations, which have
taken typical actions in combating cybercrime.

4.5.6 The Asia-Pacific Economic Cooperation (APEC)

In the Asia-Pacific region, the APEC coordinates its 21 member economies to promote cyber
security and to tackle the risks brought about by cybercrime (APEC, 2003). The APEC has
conducted a capacity-building project on cybercrime for member economies in relation to legal

30
[http://www.mediafire.com/?sbo2dd75rf0g7s8 , Last visited 30 August 2015].

23
structures and investigative abilities, where the advanced APEC economies support other
member-economies in training legislative and investigative personnel.31
After the 9/11 attacks on the U. S., the APEC Leaders issued a Statement on Counter-Terrorism,
condemning terrorist attacks and considering it urgent to reinforce collaboration at different
layers to fight against terrorism. The Leaders called for reinforcing APEC activities to protect
critical infrastructure.32
The Telecommunications and Information Ministers of the APEC economies issued the
Statement on the Security of Information and Communications Infrastructures and a Programme
of Action in 2002,33 supporting measures taken by members to fight against misuse of
information. The Senior Officials' Meeting has made a recommendation which designates six
areas that can serve as the foundation for the APEC's endeavor for cybercrime prevention,
comprising legal development, information sharing and cooperation, security and technical
guidelines, public awareness, training and education, and wireless security. The Ministers and
Leaders of APEC have made a commitment to "endeavor to enact a comprehensive set of laws
relating to cyber security and cybercrime that are consistent with the provisions of international
legal instruments, including the UN General Assembly Resolution 55/63 and Convention on
Cybercrime by October 2003."34

4.5.7 The Council of Europe (COE)

The Council of Europe has been working to tackle rising international anxiety over the risks
brought about by the automatic processing of personal data since the early 1980s. In 1981, the
Council of Europe implemented the Convention for the Protection of Individuals with Regard to
Automatic Processing of Personal Data (ETS No. 108, 26 January 1981), which was revised
according to the Amendment to Convention ETS No. 108 Allowing the European Community to
Accede, 15 June 1999, and the Additional Protocol to Convention ETS No. 108 on Supervisory
Authorities and Trans-border Data Flows, 8 June 2000. The Convention recognized the

31
Cybercrime Expert Group, Proposal, Doc No: telwg29/ESTC/12, APEC Telecommunications and Information
Working Group, 29th Meeting, 21-26 March 2004, Hong Kong, China.
32
APEC Leaders Statement on Counter-terrorism, APEC Economic Leaders' Meeting, Shanghai, 21 October 2001.
33
APEC, Recommendation by the APEC Telecommunications and Information Working Group (TEL) to APEC
Senior Officials (SOM) for an APEC Cyber security Strategy, 2002/CSOM/052, Concluding Senior Officials
Meeting, Los Cabos, B.C.S., Mexico, 21-22 October, 2002.
34
Cybercrime Expert Group, Proposal, Doc no: telwg29/ESTC/12, APEC Telecommunications and Information
Working Group, 29th Meeting, Hong Kong, China, 21-26 March 2004

24
desirability "to extend the safeguards for everyone's rights and fundamental freedoms, and in
particular the right to the respect for privacy, taking account of the increasing flow across
frontiers of personal data undergoing automatic processing," and the necessity "to reconcile the
fundamental values of the respect to privacy and the free flow of information between peoples"
(Preamble). The Convention covers the protection of personal data in both the public and private
sectors.

4.5.8 The European Union

The EU took a series of actions to tackle cybercrime through impelling a coordinated law
enforcement and legal harmonization policy. Civil liberty has also been a focus in the anti-
cybercrime field.
In 1995, the European Parliament and the Council endorsed Directive 95/46/EC of 24 October
1995 on the protection of Individuals with regard to the Processing of Personal Data and on the
Movement of Such Data. Section VIII of the Directive specifically deals with confidentiality and
security of processing of personal data. The Directive applied to protection of natural persons
(Article 2(a)). The scope of the Directive was limited to the processing of personal data entirely
or partially by automatic means (Article 3-1). The Directive required that appropriate technical
and organizational measures have to be implemented to protect personal data against illegal
destruction, alteration, access and other illegal forms of processing (Article 17-1).
The Directive required the Member States to provide administrative and judicial remedies for the
victim (Article 22), and provided for the compensation liability of (Article 23) and sanctions on
(Article 24) the transgressor.35
In 1997, the European Parliament and the Council endorsed Directive 97/66/EC of 15 December
1997 concerning the Processing of Personal Data and the Protection of Privacy in the
Telecommunications Sector. The Directive was aimed at furthering the protection implemented
in Directive 95/46/EC, and providing for the harmonization of the member states' provision to
attain an equivalent level of protection (Article 1-1). The Directive extended the protection of
legitimate interests to legal persons (Article 1-2). 36

35
Ibid.
36
Ibid.

25
4.5.9 The Organization of American States (OAS)
As other regional organizations, the Organization of American States (OAS) with 35 member
states is also highly concerned about the issue of cybercrime. Through its forum for the Ministers
of Justice or of the Ministers or Attorneys General of the Americas (REMJA), the OAS has long
recognized the central role that a sound legal framework plays in combating cybercrime and
protecting the Internet. Such recognition has prompted the REMJA to recommend the creation of
the Group of Governmental Experts on Cybercrime (The Group of Experts) in March 1999.37
The Group of Experts has been devoted to analyzing cybercrimes, to inspecting the domestic
cybercrime law, and to finding ways of cooperating in the Inter-American system of combating
cybercrime. The Group of Experts has held four meetings.

The Meeting of the Ministers of Justice or of the Ministers or Attorneys General of the Americas
(REMJA III) has urged member states to take steps to endorse cybercrime law; harmonize
cybercrime laws to make international cooperation possible. The Meeting of the Ministers of
Justice or of the Ministers or Attorneys General of the Americas (REMJA V) has recommended
that member states evaluate the advisability of implementing the principles of the Convention on
Cybercrime, and consider the possibility of acceding to that Convention.
In 2004, the Fourth Plenary Session of the Organization of American States General Assembly
passed the resolution on "Adoption of a Comprehensive Inter-American Strategy to Combat
Threats to Cyber security: A Multidimensional and Multidisciplinary Approach to Creating a
Culture of Cyber security," proposing that "An effective cyber security strategy must recognize
that the security of the network of information systems that comprise the Internet requires a
partnership between government and industry."38

4.5.10 Multi-national efforts

Unlike professional organizations that are limited to a more specific field of concern, and unlike
regional organizations that are limited to a more specific location of states, the multi-national
international organizations care for affairs of a broader range and take actions in a broader

37
Meeting of Ministers of Justice or of Ministers or Attorneys General of the Americas (REMJA II), Chapter V.
38
AG/RES. 2040 (XXXIV-O/04), Adopted at the fourth plenary session of the Organization of American States
General Assembly held on 8 June 2004 in Quito, Ecuador.

26
territorial environment. This section recounts the efforts of three of the multi-national
organizations.

4.5.11 The Commonwealth of Nations

The Commonwealth of Nations took a direct and timely action in the harmonizing laws of its
member states. In October 2002, the Commonwealth Secretariat prepared the "Model Law on
Computer and Computer Related Crime" (Bourne, 2002, p. 17). Within the Commonwealth's 53
member countries, the "Model Law" has had a wide influence on domestic legislation. Through
this model law, the Convention on Cybercrime has become one of the legislative choices in
substantive criminal law, covering the offences of illegal access, interfering with data, interfering
with computer systems, and illegal interception of data, illegal data, and child pornography.39
Compared with the Convention on Cybercrime, the Model Law expanded criminal liability - so
as to include reckless liability- for the offences of interfering with data, interfering with
computer systems, and using illegal devices. The Model Law also covered the problem of dual
criminality by stating that the act applied to an act done or an omission made by a national of a
state outside its territory, if the person's conduct would also constitute an offence under a law of
the country where the offence was committed. This may lead to prosecution or extradition based
on dual criminality, but not extradition as it is provided in the Convention on Cybercrime.40
Some of the member countries of the Commonwealth have made efforts to draft domestic law
according to the model law, such as Bahamas and St. Lucia. In Barbados, Belize, and Guyana,
the Model Law is being considered as a guide to the enactment of similar legislation. However,
in many other countries of the Commonwealth, there is still no special legislation for cybercrime.
Besides impelling legislation within the forum, another focus of the Commonwealth is on mutual
assistance in law enforcement between Commonwealth member states and between
Commonwealth member states and non-Common wealth states. In the 2005 Meeting of
Commonwealth Law Ministers and Senior Officials, the Expert Working Group proposed 10
recommendations for member states to adopt suitable measures for improving domestic law
enforcement and trans-national assistance, and encouraged member states to sign, ratify, accede

39
Ibid.
40
Legal and Constitutional Affairs Division Commonwealth Secretariat, Report on Law and Technology Workshop
for the Caribbean, Kingston, Jamaica, 3-7 November, 2003, published in January, 2004.

27
to and implement the Convention on Cybercrime as a basis for mutual legal assistance between
Commonwealth member states and non-Commonwealth states.

4.5.12 The Group of Eight (G8)

Since the mid-1990s, the Group of Eight (G8) has created working groups and issued a series of
communiqués from the leaders and actions plans from justice ministers. At the Halifax Summit
1995, the Group of Seven recognized "that ultimate success requires all governments to provide
for effective measures to prevent the laundering of proceeds from serious crimes, to implement
commitments in the fight against trans-national organized crime."41 The group released 40-point
set of "recommendations to combat Trans-national Organized Crime efficiently" at the G7/P8
Lyon Summit. The recommendations urged the states to increase the level of criminalization,
prosecution, investigation, and international cooperation, while acknowledging in their entirety
human-rights protection.
At the Denver Summit 1997, the Group of Eight proposed to strengthen their efforts to realize
the Lyon recommendations, by concentrating on punishing high-tech criminals, and promoting
the governments' technical and legal abilities to react to trans-territorial computer crimes.
Domestic legislations have to be complemented by international cooperation to criminalize the
abuse of the networks and harmonize the investigative action. At the subsequent summits, the
Group of Eight repeatedly expressed their concern about cyber criminality. At the Okinawa
Summit, the Okinawa Charter on Global Information Society adopted the principle of
international collaboration and harmonization of cybercrime. "In order to maximize the social
and economic benefits of the information society", the Group of Eight agreed on principles and
approaches for the protection of privacy, the free flow of information, and the security of
transactions.42 The Charter recognized that the security of the information society necessitated
coordinated action and effective policy responses.

4.5.13 The Organization for Economic Cooperation and Development (OECD)

With its 30 member countries, the OECD addressed computer security for several decades. In
1983, an expert committee was appointed by the OECD to discuss computer crime phenomena

41
G7, Chairman's Statement, 17 June 1995, Halifax Summit, 15-17 June 1995.
42
G8, Okinawa Charter on Global Information Society, Okinawa, 22 July 2000.

28
and criminal-law reform (Schlosberg, 2005). Offences against confidentiality, integrity or
availability listed in the 1985 OECD document included unauthorized access, damage to
computer data or computer programmers, computer sabotage, unauthorized interception, and
computer espionage.43 In December 1999, the OECD officially approved the Guidelines for
Consumer Protection in the Context of Electronic Commerce (Department of Justice, 2000, p.
27), representing member states' consensus in the area of consumer protection for e-commerce:
consumers should be protected in e-commerce not less than the protection they enjoyed within
traditional commerce (Department of Justice, 2000, p. 27). The OECD adopted Guidelines for
the Security of Information Systems and Networks in July 2002, calling on member governments
to "establish a heightened priority for security planning and management", and to "promote a
culture of security among all participants as a means of protecting information systems and
networks" (OECD, 2002a, Part I).
The guidelines established nine principles, including awareness, responsibility, response, ethics,
democracy, risk assessment, security design and implementation, security management, and
reassessment (OECD, 2002a, Part III). Because of the nature of the guidelines and the distance
from the legal actions, practical endeavors were left to the member countries to make.

4.6 Conclusion
Cyber-crime is obviously the latest form of the crimes which is very difficult to suppress. But, its
difficulty must not prevent us from taking adequate measures against the cyber-criminals. Only
law is not enough and so, we must nurture ethics and morality in our private and communal
lives. As our youngsters are prone to misdirection, they must be given proper guidance and care.
The state has to take all possible measures to thwart any kind of cyber-invasion which may put
the lives of people in danger. Continuous vigilance and upgrading counter-measures are some of
the must-dos for the government. Common people should also be careful in using computer
systems and online facilities. Hopefully, our awareness and constant battle against cyber-crime
will result in success.

43
Computer-Related Crime: Analysis of Legal Policy, ICCP Series No. 10, 1986. Cited in UN, Crimes related to
Computer Networks: Background Paper for the Workshop on Crimes Related to the Computer Network, Tenth UN
Congress on the Prevention of Crime and the Treatment of Offenders, Vienna, 10-17 April 2000, A/CONF. 187/10.

29
 CHAPTER 5
CYBER LAW IT’S CHALLENGE IN BANGLADESH
5.1 Introduction
Now the people use the technology also for political and religious purpose. As well as day by
day Cyber-crimes are increasing in the world as well as our country. In 2013 we’ve seen that,
Technology is getting more frequently used and seems like a blessing going cover Bangladesh.
Therefore in Bangladesh a bundle of laws has been enacted to protect the people.44

5.2 Prevention of Cyber Crime

Nowadays, the one place that people thought they were secure could be one of the most
dangerous areas in society. Computer use is increasingly spreading and more and more users are
connecting to the Internet. The Internet is a source for almost anybody to access manipulates and
destroys others’ information. These “criminal directly related to the use of computers,
specifically illegal trespass into the computer system or database of another, manipulation or
theft of stored on line data, or sabotage of equipment and data” are defined as computer crimes
according to the American heritage dictionary. Even through companies strive hard to prevent
these criminal activities companies are still fighting a losing war against computer invasions.
Although computer “hacking” has become a growing.
To better understand the situation users and companies must be aware of the indicators
that problems with computer crime exist. One of these indicators is that many companies are
involved in computer crimes. Eighty five percent of computer reported security breaches in their
systems, and 94% detected viruses in their systems in 2001. Furthermore, the U.S. Defense
Department was also hacked many times. It alone was hit by about 250,000 hacks in 1995. These
hacks aren’t minor; hacks cost a lot of money in damage. Hacking resulted in a cost of about 377
million dollars. This problem is also rising and needs to be quelled. Each of the aforesaid
characteristics of cyber-crime ought to be considered while devising effective measures of
checking preventing and punishing cyber cries which threaten the global community. Besides
deterrent laws the following are the strategies which are required to be adopted simultaneously to
deal with the menace of cyber-crime.

44
[http://pastebin.com/WFhmnqPB, Last visited 31August 2015].

30
 Since cyber-crime are crimes of technology, the law enforcement agencies ought to be
trained in the intricacies of technology so as to properly and effectively conduct investigations,
A cyber cop has to be at least a half IT engineer to be a competent cyber-crime investigator.
Since the criminal has the tendency of jumping geographical borders also called jurisdictional
jumping, there has to be co-operation between law enforcement agencies of different countries.
Effective laws of extradition and their implementation are necessary to bring to trial
cyber criminals across borders. These existing extradition treaties ought to be strengthened by
co-operation in the International community. The most effective weapon to counter cyber-crime
is the use of encryption and other security technologies. It has been said that we need better locks
on computers and not on jails to prevent cyber-crime.
The IT industry must assume responsibility of protecting its own computer systems and
networks by using security technologies and should be not depend upon the law enforcement
agencies to track cyber criminals which are extremely difficult given the anonymity provided by
the Internet. The Government should encourage the use of security technology’ and should work
in close partnership with the private sector. It must facilitate and encourage research and
developing of new security technologies. Govt. should fund and support research and
development and facilities education about the measure to counter cyber-crime. Since
most cyber-crime is not reported by victims in the IT Industry, it gives protection to cyber
criminals. Cyber-crimes are not reported by victims for fear of eroding the confidence of
customers and the consequent loss of business. It needs to be understood that to suppress
information about cyber-crime having been victimized by cyber-crime amounts to protection of
and encouraging cyber-crime. The private sector must share information about cyber-crime so as
to understand its various forms and ways to deal with them more effectively.45 Last but not least
suggestion is that identification of citizens. Anonymity facilities cyber-crime and thus must yield
to the large interest of the society. It is not being advocate that all contents and interactions on
the Internet should be censored. Technological modes of easy identification of citizens in their
interaction should be used only when necessary while investigation into allegations of cyber-
crime thought privacy concerns arc important it has to be realized that identification of citizens
in certain areas such as cyber-crime is equally necessary.

45
Ibid

31
 Criminal justice system all over the world, must also remember that because of certain
inherent difficulties in the real cyber-criminal, criminal laws must be applied so as distinguish
between the innocent and the deviant. A restrain must be exercised on the general tendency to
apply the principle of deterrence as a response to rising cyber-crime, without being sensitive to
the right of the accused. Our law makers and the criminal laws system must not forget the basic
difference between an accused and a convict. A delicate difference between the need to ensure
that no innocent is punished and the need to punish the cyber-criminal.46

5.3 Cybercrime Prevention Strategies47

Cyber criminals are no different than traditional criminals in that they want to make their money
as quickly and easily as possible. Cybercrime prevention can be achieved fairly quickly and in a
cost-effective manner. When armed with a little technical advice and common sense, many
cybercrime attacks can be avoided. Similar to target hardening for a residence or a business (e.g.,
lights, locks, and alarms), the more difficult it is for a cyber criminal to successfully attack a
target, the more likely he or she is to leave it alone and move on to an easier target. The
following ten tips are basic ways that cybercrime can be prevented.

5.3.1 Keep the computer system up to date

Cyber criminals will use software flaws to attack computer systems frequently and anonymously.
Most Windows based systems can be configured to download software patches and updates
automatically. By doing monitoring all online activity with the intent to protect the system from
viruses, other malicious programs, and can be upgraded to protect against spyware and adware.
To be safe on the Internet, the antivirus software should be configured to update itself every time
the system connects to the Internet.

5.3.2 Protect your personal information

Using many of the online services today involves sharing basic personal information to include
name, home address, phone number, and email address. Using common sense is the best way to

46
[http://www.scribd.com , Last visited 31 August 2015]
47
[http://www.ncpc.org/resources/files/pdf/internet-safety/13020-Cybercrimes-revSPR.pdf]

32
protect against and prevent cybercrime. Do not respond to email messages that contain
misspellings, poor grammar, odd phrases, or web sites with strange extensions. When in doubt
about responding to an email, consider a telephone call to the organization to verify authenticity.
Type the address for the website in the browser instead of clicking on a link. Any financial
transaction website should have an “s” after the letters “http” (e.g., https:// www.mystore.com
not http:// www.mystore.com). The “s” stands for secure and should appear when you are in an
area requesting you to login or provide other sensitive data. Another sign that you have a secure
connection is the small lock icon in the bottom of your web browser (usually the right-hand
corner.) might try to gain access to crash it, delete information, or steal passwords and other
sensitive information. Software firewalls are widely recommended for single computers. The
software is prepackaged on some operating systems or can be purchased for individual
computers. For multiple networked computers, hardware routers typically provide firewall
protection. (www.fbi.gov/ scams-safety/, How to Protect Your Computer, www.fbi.gov/ scams-
safety/computer_protect)

5.3.3 Install or update your antivirus software

Antivirus software is designed to prevent malicious software programs from embedding on your
computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it.
Viruses can infect computers without the users’ knowledge. Most types of antivirus software can
be set up to update automatically (www. fbi.gov/scams-safety/, How to Protect Your Computer,
www.fbi. gov/scams-safety/computer_ protect.) Nearly 100 percent of the computers sold in the
United States today come with some form of antivirus software. Failure to keep this software
current is where a majority of the issues arise. The firewall monitors all data flowing in and out
of the computer to the Internet, often blocking attacks from reaching the system. Antivirus
software is the next line of defense, this, cyber criminals who exploit flaws in software packages
may be thwarted. This will also deter a number of automated and simple attacks criminals use to
break into your system.

5.3.4 Secure configuration of the system

It is important that computers are configured to the security level that is appropriate and
comfortable for the user. Too much security can have the adverse effect of frustrating the user

33
and possibly preventing them from accessing certain web content. Using the “help” feature
of the operating system can often address many of the questions in this area.

5.3.5 Choose a strong password and protect it

Usernames, passwords, and personal identification numbers (PIN) are used for almost every
online transaction today. A strong password should be at least eight characters in length with a
mixture of letters and numbers. Using the same password for various sites or systems increases
the risk of discovery and possible exploitation. It is never a good practice to write a password
down and leave it near the system it is intended to be used on. Changing a password every 90
days is a good practice to limit the amount of time it can be used to access sensitive information.

5.3.6 Read the fine print on website privacy policies

On many social networking and photo sharing sites, there is wording on the privacy policies that
allow the website to keep information and photos posted to the site, sometimes indefinitely, even
after the original has been deleted by the user. While this may not discourage one from posting
images or messages, awareness that this can be later retrieved and disseminated may be a
consideration as to what information or photos are posted. What today may seem to be a
harmless prank can have a devastating effect on one’s reputation several years later when
applying for a job or other opportunity?

5.3.7 Review financial statements regularly

Reviewing credit card and bank statements regularly will often reduce the impact of identity theft
and credit fraud by discovering the problem shortly after the data has been stolen or when the
first use of the information is attempted. Credit card protection services can often alert a person
when there is unusual activity occurring on his or her account, for example, purchases in a
geographically distant location or a high volume of purchases. These alerts should not be taken
lightly and could be the first indicator that a victim receives that something is wrong.

5.3.8 If it seems too good to be true, it is

No one is going to receive a large sum of money from a dead Nigerian politician, win a huge
lottery from being “randomly selected from a database of email addresses,” or make big money

34
from “passive residual income a few hours each day working out of your home.” Many of these
crimes go unreported because the victim is too embarrassed to admit to law enforcement that
they were duped.

5.3.9 Turn off your computer

With the growth of high-speed Internet connections, many opt to leave their computers on and
ready for action. The downside is that being “always on” renders computers more susceptible.
Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer
off effectively severs an attacker’s connection—be it spyware or a botnet that employs your
computer’s resources to reach out to other unwitting users. (FBI Website -Scams and Safety,
How to Protect Your Computer: www.fbi.gov/scams-safety/computer_protect) The bottom line
is for every preventative measure that you take, you limit your chances for becoming a victim of
cybercrime.

5.4 Conclusion
The policy maker may formulate a baseline security procedures policy outlining the minimum
requirements which must be met by agencies regarding information security and may also
develop especial analysis site which will be observed 24/7 and will provide real-time monitoring
of cyber activities. ‘Cyber incident response unit’ and ‘a cyber crime investigation cell’ may be
built within law enforcement authority to fight cyber crime successfully by adopting the
enhancing ‘capacity’, good police work, Skilled investigators by sharing the ‘too few’
professionals skilled in cyber-security and by training new officers to become experts in the field
and providing adequate logistic support/equipment. Moreover, to keep the national security
uninterrupted and avoid hacking, web servers running public sites must be physically separate
protected from internal corporate network and web site owners should watch traffic and check
any inconsistency on the site by installing host-based intrusion detection devices on servers.
Finally, we can say that the collective effort of state and nations is only a possible way to see the
peoples’ dream of a Digital Bangladesh in existence and could protect individuals and national
security of the state from the aggression of cyber criminals

35
 CHAPTER 6
EXISTING LAWS REGARDING CYBERCRIME

6.1 Introduction
This paper is expected to provide the activists and global leaders of cyber security & policy
makers to assess how best Bangladesh is applying the initiated measures for a secured, accessible
cyber world for the information society. In today’s world information system and network
security has become a rights issue for the reason that rights to information has become more and
more important to everyone as information protects and develops human life every day.
Understanding the essential need of security all developed countries have taken steps to address
the problem on the other hand developing countries are far away from being able to guarantee
this rights. Threats to the Information Society were emerging on the content level as well as on
the network level and on the physical level. Information security could however not be achieved
by technology alone.

6.2 Background Information

Bangladesh, with a population of 140 million on a land of only about 55 thousand square miles
and not with many natural resources under the soil, has been aspiring to achieve economic
development through the application of science and versatile Information and Communication
Technology (ICT). It may be noted here that while the advanced countries of the world have
exploited the potential of science and technology in national development and social welfare,
developing countries have fallen behind primarily because of their inadequate appreciation of the
power of science and technology. The revolutionary development in the field of ICT has opened
up new opportunities for developing countries to move forward in the path of progress by
rationally exploiting its potential. The Bangladesh Ministry of Science, Information, and
Communication Technology (MoSICT) have focused on its attention to contributing to the
reduction of poverty by strengthening education through applying ICT in rural areas among the
poor people. It is also planning to improve efficiency, productivity, and quality of education by
introducing a culture of healthy competition and transparency through which the common mass
will thrive and effectively contribute to the nation building.

36
In recent years, the Government of Bangladesh has taken some policy initiatives to strengthen
scientific and technological research and ICT activities. The services required more partnership
with the international code and systems for which Bangladesh is trying to attain with sincere,
utmost commitment The average age of almost 50 percent of the population is below 25 years.
This is a very positive aspect for our country, because the youths are able to acquire and
assimilate science, ICT education and technological skill and training very easily and very fast.
Many of them have already demonstrated extraordinary capability and embraced success in the
field of science and ICT. Not only has that publication of research findings of our undergraduate
students in internationally renowned journals also pointed to the commendable innovative
capability of our young students. The policy regulations are considering here as a part of its
national goal; Bangladesh is new in the cyber world only by accessing and using the cyber
resources with immense interest by the society where technology development and growth is
merely in progress although in highest attention. 48

6.3 Status of Bangladesh ICT Policies & Security

In order to improve the living standard of the common mass through expansion of development
activities in science and technology and its application, the Government of Bangladesh has
formed National Council for Science and Technology (NCST). The Executive Committee for
NCST has also been formed to implement policies formulated by the Council.
Recently formulated National Information and Communication Technology Policy (2002) has
also given enormous importance to the development of ICT for capturing our share in the multi-
billion dollar software export market, for ensuring good governance, for enacting ICT related
policies, special allocation of funds for software projects, development of world class ICT
professionals and creation of a world class ICT institution for promoting excellence in the field.
The Vision of this Policy aims to building an ICT-driven nation comprising knowledge-based
society by the year 2006. To achieve this objective, a country-wide ICT-infrastructure will be
developed to ensure access to information by every citizen to facilitate empowerment of people
and enhance democratic values and norms for sustainable economic development by using the
infrastructure of human resources development, good governance, e-commerce, banking, public
utility services and all sorts of on-line ICT-enabled services.

48
http://www.itu.int/osg/spu/cybersecurity/contributions/Bangladesh_Salim_paper.pdf

37
National ICT Policy includes issues of human resource development, creation of ICT
infrastructure, facilitating research and development on ICT, development of ICT industries on a
priority basis. It has also highlighted importance of hardware industries, e-Commerce, e- The
Government has been patronizing science and ICT and shown its commitment through forming
high-powered National Taskforce on ICT, Biotechnology, and National Council for Science and
Technology for harmonious growth and expansion of scientific and technological development
throughout the country.
The Government has already shown its commitment to ICT through sending high powered
delegation headed by the Honb'le Prime Minister to World Summit on the Information Society
(WSIS) and sharing the common vision of developing an Information Society, harnessing
potential of ICT to promote development goals of the Millennium Declaration, which include
eradication of extreme poverty and hunger, achievement of universal primary education and
development of global partnerships for the attainment of more peaceful, just and prosperous
world. Along with other countries, Bangladesh Government has recognized the central role of
science in the development of Information Society, the indispensable role of education,
knowledge, information and communication in human progress, endeavor and welfare.
Government has expressed its determination to empower the poor, particularly those who are
living in remote, rural and marginalized urban areas, to access information and to use ICTs as a
tool to support their efforts to lift themselves out of poverty.
Bangladesh realizes that science and technology has unprecedented impact on economic growth
and social development. Knowledge has become a source of economic might and power, and
therefore, has caused increased restrictions on sharing of knowledge, new norms of intellectual
property rights. The ongoing globalization and the intensely competitive environment have a
significant impact on the production and services sectors. Because of all this, Bangladesh science
and technology system has to be infused with new vitality if it is to play a decisive and beneficial
role in advancing the welfare of all sections of the population, in particular of the poor people.
Keeping the aims and objectives of the Government in view, MoSICT has formulated some
policies on protection of its growing cyber world from the unsolicited consequences. The
National ICT Policy, Cyber Law, Electronic Transaction Act are already adopted by the highest
authority. Appropriate education on Computer Alert and Emergency Responses are underway by
the different agencies including government, civil society/NGOs and private sector.

38
Bangladesh is a country with tremendous potential for development through science and
technology. Our limited land and high population density implies application of modern
scientific methods and technology for cultivation and give thrust to development of industries.
Historically this land has been proved very fertile in giving birth to and nourishing the
litterateurs, engineers and scientists, minds that kept their marks on the development of human
civilization.
Governance, legal issues related to ICT, application of ICT in health care, application of ICT in
agriculture to exploit the potential for development of rural economy and agro-business.
Application of ICT in other areas like social welfare, transportation and the judiciary system is
also highlighted. 49

Cyber Tribunal and Appellate Tribunal

Cyber Tribunal:
According to section 68 of the Information and Communication Technology Act, 2006 for the
speedy and effective disposal of cases under this Act, Government shall establish one or more
cyber tribunal. The tribunal shall try only the offences under this Act and the Government shall
determine the local jurisdiction of the tribunal. In consultation with the Supreme Court,
Government shall appoint on Sessions Judge or Additional Sessions Judge as a judge of Cyber
Tribunal.
Cyber tribunal shall take a case for trial –
a) Upon the report of a police officer not below the rank of sub-inspector or
b) Upon a complaint made by a controller appointed under this Act or by any other
person authorized by the controller.
The trial procedure of cyber tribunal shall follow chapter 23 of Criminal Procedure Code,1893
(Trial Procedure by the Court of Sessions) so far it is consistent. If the accused is absconded,
tribunal can try the case in absentia. In this case tribunal has to circular an order in two Bangla
newspapers to appear the accused on a specified date. Cyber tribunal shall apply the provisions
of Criminal Procedure Code and it shall have the same power, a Sessions Court empowered to
apply in its original jurisdiction. Public prosecutor shall conduct the case on behalf of the
Government. Tribunal shall conclude the trial within six months from the date of framing charge.

49
http://www.itu.int/osg/spu/cybersecurity/contributions/Bangladesh_Salim_paper.pdf

39
This period may be extended for three months. Tribunal shall pronounce its judgment within ten
days after the conclusion of trial which may be deferred for ten days.

Cyber Appellate Tribunal:

The Government shall establish one or more cyber appellate tribunal. The appellate tribunal shall
be constituted by one chairman and two members appointed by the Government. To be
appointed as a chairman of Cyber Appellate Tribunal, he must be either a former judge of the
Supreme Court or existing judge of the Supreme Court or is eligible to be appointed as a judge of
the Supreme Court. One of the two members of the tribunal shall be a retired District Judge or
employed in the judicial service and the other member must be an experienced and skilled person
in information and communication technology. They shall be appointed for 3-5years.
Cyber Appellate Tribunal shall have no original jurisdiction. It shall only hear and
dispose of appeals from the order and judgment of the Cyber Tribunal and Sessions Court in
appropriate cases. The decision of the appellate tribunal shall be final and it shall have the power
to alter, amend, and annul the order and judgment of the cyber tribunal. The appellate tribunal
shall follow the appellate procedure of High Court Davison of the Supreme Court. Until cyber
appellate tribunal is established, appeal may be heard by the High Court Division.

Objectives of the ICT Act, 2006

The object of the ICT Act, 2006, has been illustrated by the Law Commission’s Final Report to
give effect to the following purposes:
(a) to facilitated electronic communications by means of reliable electronic records;
(b) to facilitate electronic commerce, eliminate barriers to electronic commerce resulting
from uncertainties over writing and signature requirements, and to promote the
development of the legal and business infrastructure necessary to implement secure
electronic commerce;
(c) to facilitate electronic filing of documents with government agencies and statutory
corporation, and to promote efficient delivery of government services by means of
reliable electronic records;
(d) to minimize the incidence of forged electronic records, intentional and unintentional
alteration of records, and fraud in electronic commerce and other electronic transaction;

40
 (e) to help to establish uniformity of rules, regulations and standards regarding the
authentication and integrity of electronic records; and50

(f) to promote public confidence in the integrity and reliability of electronic records and
electronic commerce, and to faster the development of electronic commerce through the use of
electronic signatures to lend authenticity and integrity to correspondence in any electronic
medium.51

6.4 Amendment of the ICT Act, 2013:

The Information Technology & Communication Act, 2006 has been amended by an Ordinance
on 20 August 2013, and subsequently passed as law on 9 October 2013 by the Parliament. With a
few significant changes, the Act of 2006 remains unchanged with all its discrepancies. Therefore,
the understanding of the original Act of 2006 is necessary to understand the subsequent changes.
The original Act of 2006 had both regulatory as well as penal provisions but the
procedure to be followed is the Code of Criminal Procedure Sec 70(1). Despite endorsing CrPC
the Act lacked in many procedural aspects, such as Section 76(2) of the Act made all the penal
sections to be non-cognizable which implied that the police or any other authorised person could
not arrest a person without the permission of a Magistrate. The section further stated that the
police could not lodge any case for a non-cognizable offence.
The regular procedure for dealing with a non-cognizable offence has been laid down in
Section 155(2) of CrPC, which states that no police officer can investigate any non-cognizable
offence without prior permission of the Magistrate. Section 44 of the Police Act, 1861 and
Regulation 377 of the Police Regulation of Bengal, 1943 endorses similar provisions as well. But
in most of the recent cases, police have arrested the accused person(s) under section 54 of the
CrPC and subsequently implicated under section 57(2) of the Act. Moreover, where there is an
allegation of non-cognizable offence, the procedure of lodging complaint is through filing a
Petition of Complaint before the Magistrate. The cases under the ICT Act should have followed

50
Ibid
51
[http://news.priyo.com/tech/2011/06/25/efficiencies-cyber-law-banglad-29806.html, Last
visited 02 September 2015].

41
the said procedure where it clearly states that the offences are non-cognizable. However, we have
not seen a single instance of following the correct procedure in the past.
The amendment of 2013 vide section 76(1)(Kha) made Sections 54, 56, 67 and 61
cognizable and non-bailable and Sections 55, 58, 59, 60, 62, 63, 64 and 65 as non-cognizable and
bailable. This has made significant changes in the initiation of proceedings and who can decide
which falls under the purview of the penal sections under the Act. This essentially raises the
question whether the police have the required educational and technical expertise to consider a
comment posted on the internet or a logical explanation posted in a blog to be offensive and
derogatory as described loosely by the Section 57 of the Act? The usual recruitment process of
the police inspectors clearly shows otherwise. This major change gives unfettered power to the
police and this will give them a free-hand to interfere in private-personal life of the citizens more
frequently, one step ahead of creating controlled society. Where other democratic countries are
trying to reduce police interference in private life to ensure the fundamental rights, this new
52
police empowerment will definitely obstruct that effort.
The provisions of Section 29 of the ICT Act, which remained unchanged, states that the
Controller or any officer authorized by him in this behalf shall take up for investigation of any
contravention of the provisions of this Act, rules or regulations made there under. Section 28 of
the same Act further empowers the Controller to delegate his power in writing to the Deputy
Controller, Assistant Controller or any other officer to exercise any of the powers of the
Controller. The police are not in the list of those who may exercise the power of the Controller. It
may be noted that Section 76(1)(Kha) makes certain penal provisions cognizable but the sections
28 and 29 remains the same without including police as an authorised office who could exercise
the power of the Controller. Thus in almost all the recent cases, the police have exceeded their
jurisdictions in undertaking the investigation. This contradictory provision has made the Act
more complex and unworkable.
Furthermore, section 69(6) of the Act empowers the Police or any other authorised
person, by the order of the tribunal or on its own initiative may reinvestigate the case. This is a
clear violation of the express provisions of the CrPC. No criminal cases are allowed to be
reinvestigated. Police may conduct further investigation by the order of the court and definitely

52
Ibid

42
not on own initiative. This clearly undermines the usual legal process and sets up contradictory
standards.
Most of the cases until now were filed under Section 57 of the Act. There are a few other
cases of computer system hacking and publishing obscene materials on the internet coupled with
the Pornography Act. This frequent use of Section 57 raised concern among the writers,
journalists, bloggers and human rights activists as it directly interferes with the freedom of
expression and right to privacy as guaranteed by Articles 39 and 43. Section 57(1) of the Act
very loosely defines the offence which reads as follows:
“If any person deliberately publishes or transmits or causes to be published or transmitted
in the website or in any other electronic form any material which is false and obscene and if
anyone sees, hears or reads it having regard to all relevant circumstances, its effect is such as to
influence the reader to become dishonest or corrupt, or causes to deteriorate or creates possibility
to deteriorate law and order, prejudice the image of the State or person or causes to hurt or may
hurt religious belief or instigate against any person or organization, then this activity will be
regarded as an offence.”
Section 57(2) of the Act contains the punishment for committing offence under sub-
section 1 of section 57 as imprisonment for 14 years or fine for an amount of TK.1.00 crore or
both. The 2013 amendment has increased the term of imprisonment from 10 to 14 years.
If we consider Section 57(1) on its own, then we see that the section failed to state
specific offences: such as, it does not say the age group who will see, hear or read the material.
The level of understanding may not be the same of a minor compared to an adult. Moreover,
after the recent changes, the most likely person to see, hear or read is the police officer. As
discussed earlier, the police with his educational background might not be able to form logical
explanation of what he sees, hears or reads on the internet.
The section also denotes the possibility of being dishonest or corrupt after reading the
content published in the internet. Now this is a basic question of morale. It varies from person to
person. By seeing, hearing or reading any content in the internet one might not react or take it as
seriously to become dishonest or corrupt and on the flip side another person might think as the
section states. This makes the section uncertain and leaves it on the intellect of the reader.53

53
Ibid

43
The section further includes the scope of damaging the image of person and the State. But the
nowhere in the Act, has the image of the State defined and how the image of a person would be
determined. Depending on the social status, image might vary from person to person. Moreover,
how the image of a person and the State comes on the same footing?54
Section 505 and 505A of the Penal Code covers the offence of defamation and the
punishment under the aforesaid sections is only 2 years or fine or both. But Section 3 of the ICT
Act states that the provisions of ICT Act shall prevail over any other laws. Now that the section
57(2) provides for 14 years of imprisonment with TK. 1.00 crore fine then who on earth would
file a case under the Penal Code?55
The section further goes on to include the possibility of hurting or cause to hurt the
religious belief or instigate against any person or organisation. Again the section, surprisingly,
failed to define what would amount to hurting one's religious belief and why would instigation
against any person and organisation be embodied in one single section? The concept of religious
belief is age-old and there are non-believers too. The Constitution of the country ensures the
right of choosing the religious belief. This definitely includes the choice not to believe in any
religious belief and remain free. This interpretation has always been problematic. Due to socio-
political pressure, the liberal interpretation did not get its way far enough. Therefore there is
always scope to victimise someone who doesn't conform to any religious belief. The other State
laws don't also give any space for the non-believers.
Moreover, Section 205 of the Penal Code defines provision for punishment for publishing
any material either in the form of a book or leaflet hurting one's religious belief then he will be
imprisoned for 2 years. If the same is published in the internet then it will be 14 years
imprisonment with TK. 1.00 Crore fine. The section fails to address the issue of publishing a
false or obscene material by impersonation to victimise another person. Anyone can get a fake
ID in the Facebook and can post false and obscene materials pretending to be another person. In
that case the credentials supplied to open the account will direct the investigating officer to the
person it was opened for and there is no way to find out actually who opened the account.
Section 57 stresses upon defaming any person. This is also defined by the Penal Code of
Bangladesh where the punishment is only 2 years. But the ICT Act, 2013 provides for 14 years

54
Ibid
55
Ibid

44
of imprisonment or fine of TK. 1.00 crore or with both. In that case, if someone publishes any
materials (other than in the internet) defaming any person, then he will still be charged with the
provisions of the Penal Code and if someone does the same in the internet, say in his blog or
Facebook account the he will be charged under section 57 and the punishment will be 10 times
higher than the Penal Code. There is no explanation why this discrimination for the same
offence. The section further states the possibility of causing deterioration of the law and order
due to publication of any false and obscene material in the internet56
This is completely a new concept that the law and order situation might deteriorate due to
postings in the any internet. The number of internet users has not reached so high to consider it a
threat which might cause the law and order in the country to deteriorate. Again, after the
amendment, Police will decide whether a particular post in the internet will worsen the law and
order situation or not. If a police officer in the rank of Sub-Inspector is left to decide a comment
or argument posted in the internet by a university graduate or a renowned teacher of a university,
then the future of our freedom of expression is really at stake.
The Act unnecessarily imposed extreme punishment provision without any legal basis.
The bail provision makes the Act monstrous and it will influence people to use it more frequently
than other regular legal provisions when it comes to taking revenge or victimizing a person. As
Section 57 is not specific and covers a wide area of offences, there will be little chance to get
acquittal from any charge.
In India, Section 66(A) of the ICT Act had similar provision of empowering the police to
take cognizance of an offence but later it was modified. Now, if it is in a city then the Inspector
General of Police and in case of village, the Deputy Commissioner has been given authority to
take cognizance. Where other democratic states are decreasing police power, we are increasing it
in the name of control.
The arbitrary exercise of police power will not only impose self-censorship but also
jeopardise the whole idea of establishing a democratic state. Misuse of technology has been
expanded to its optimum level and then arise the need of strict statutory laws to regulate the
criminal activities in the cyber world and to protect technological advancement. But first of all,
we need to know what those offences are that need to be controlled or regulated.

56
Ibid

45
 The most common cyber offences in other countries which might creep in gradually in
our country have not yet been addressed by this ICT Act. It remains a tool for oppression and it
is anticipated that the next government will not modify or repeal the Act, as it gives the perfect
tool for oppression.57

6.5 The Information and Communication Technology Act, 2006

6.5.1 BREACHING RULES, PREVENTION, PENALTIES ETC:
45. Power of Controller to give directions.—The Controller may, by order, direct a Certifying
Authority or any employee of such a Certifying Authority to take such measure or cease carrying
on such activities as specified in the order if those are necessary to ensure compliance with the
provisions of this Act, or rules and regulations made there under.
46. Power of Controller to give directions in emergency.—If the Controller is satisfied that it
is necessary or expedient so to do in the interest of the sovereignty, integrity, or security of
Bangladesh, friendly relations of Bangladesh with other States, public order or for preventing
incitement to commission of any cognizable offence, for reasons to be recorded in writing, by
order, direct any agency of the Government to intercept any information to be transmitted
through any computer resource. (2) The subscriber or any person in charge of a computer
resource shall, when called upon by any agency to which direction has been issued under sub-
section (1) of this section, extend all facilities and technical assistance to decrypt the information.
47. Power to announce protected systems.—(1) The Controller may, by notification in the
Official Gazette or in Electronic Gazette, declare any computer, computer system or computer
network to be a protected system. (2) The Controller, by order in writing, authorize the persons
who are authorized to secure access to protected systems notified under sub-section (1) of this
section.
48. Penalty for failure to furnish document, return and report.—If any person fails to submit
given document, return and report under the provisions of this Act, or rules and regulations made
thereunder to the Controller or Certifying Authority, the Controller or any officer of the
Government authorized by the Government by special order, as the case may be, can fine the
person which may extend to Taka ten thousands mentioning reasons in written by administrative
order.

57
Ibid

46
49. Penalty for failure to file return, information, book etc.—If any person fails to deliver any
information, books or any other documents under the provisions of this Act, or rules and
regulations made thereunder within stipulated time, the Controller or any officer of the
Government authorized by the Government by special order, as the case may be, can fine the
person which may extend to Taka ten thousand mentioning reasons in written by administrative
order. 14
50. Penalty for failure to maintain books of accounts or record.—If any person fails to
maintain books of accounts or records which is supposed to be preserved under the provisions of
this Act, or rules and regulations made thereunder, the Controller or any officer of the
Government authorized by the Government by special order, as the case may be, can fine the
person which may extend to Taka two lakhs mentioning reasons in written by administrative
order.
51. Residuary penalty.—If any person contravenes any rules of this Act for which the provision
of penalties has not been fixed separately under the provisions of this Act, or rules and
regulations made thereunder, the Controller or any officer of the Government authorized by the
Government by special order, as the case may be, can fine the person for breaching the very rule
which may extend to Taka twenty five thousands mentioning reasons in written by
administrative order.
52. Power of Controller to issue prohibition of possible breaching of rules.—(1) If the
Controller is in the opinion that, any person has attempted or is attempting to do such activities
which is breaching or may breach the provisions of this Act, rules, regulations made thereunder,
or conditions or any order of the Controller then the Controller shall issue a notice within the
stipulated time limit ordering the person to present his statement in written why he should not
refrain himself from doing such activity and if such statement is presented then the Controller
shall issue an order to refrain him from doing such activity or any other instruction about the
activity sthat deems fit to him. (2) If the Controller is satisfied that, the nature of breaching or
possible breaching under sub-section (1) of this section is such that to prevent the person from
that activity immediately, then the Controller shall issue an interim order which deems fit to him
during the time of issuing a notice under that sub-section. (3) If any instruction under sub-
sections (1) and (2) of this section is given to anyone, he

47
shall be bound to obey it. (4) If any person breaches the given instructions of this section, the
Controller can fine the
person which may extend to Taka ten thousand.
53. Penalties.—(1) The Controller can impose penalties for breaching other rules under this Act
defined by the rules as an addition to imposable penalties under this Act. (2) No penalty shall be
imposed under this Act for breaching this Act or any rules of this Act without giving reasonable
opportunity to the offender on hearing. (3) The accused person can lodge an application to the
Controller for auditing the decision of imposing penalties by the Controller within seven days
from the date the decision is made and if any such application is lodged, the Controller shall give
opportunity to the Applicant for hearing and dissolve it within fifteen days. (4) Unless the
penalties are paid under this Act which is due, is collectable as a Government demand under the
Public Demands Recovery Act, 1913 (Ben. Act III of 1913).

6.5.2 OFFENCES, INVESTIGATION, ADJUDICATION, PENALTIES ETC.

Offences & Penalties:
54. Penalty for damage to computer, computer system, etc.--If any person, without
permission of the owner or any person who is in charge of a computer, computer system or
computer network,--
(a) accesses or secure access to such computer, computer system or computer networks for the
purpose of destroying information or retrieving or collecting information or assists other to do
so;
(b) downloads, copies or extracts any data, computer database or information from such
computer, computer system or computer network including information or data held or stored in
any removable storage medium; 15
(c) introduces or causes to be introduced any computer contaminant or computer virus into any
computer, computer system or computer network;
(d) damages or causes to be damaged willingly in any computer, computer system or computer
network, data, computer database or any other programmes residing in such computer, computer
system or computer network;
(e) disrupts or causes disruption of any computer, computer system or computer network;

48
(f) denies of causes the denial of access to any person authorized to access any computer,
computer system or computer network by any means;
(g) provides any assistance to any person to facilitate access to a computer, computer system or
computer network, in contravention of the provisions of this Act, rules or regulations made
thereunder;
(h) for the purpose of advertisement of goods and services, generates or causes generation of
spams or sends unwanted electronic mails without any permission of the originator or subscriber;
(i) charges the services availed of by a person to the account of another person by tampering with
or manipulating any computer, computer system or computer network; then the above said
activities shall be treated as offences of the said person.
(2) If any person commits offence under sub-section (1) of this section, he shall be punishable
with imprisonment for a term which may extend to ten years, or with fine which may extend to
Taka ten lakhs, or with both.
Explanation.--For the purpose of this section--
(i) "computer contaminant" means any set of computer instructions that are designed--
(a) to modify, destroy record, transmit data or program residing within a computer, computer
system or computer network; or
(b) by any means to usurp the normal operation of the computer, computer system or computer
network;
(ii) "computer database" means a representation information, knowledge, facts, concepts or
instructions in the form of text, image, audio or video that--
(a) are being prepared or have been prepared in a formalized manner by a computer, computer
system or computer network; and
(b) are intended for use in a computer, computer system or computer network;
(iii) "computer virus" means such computer instruction, information, data or program, that--
(a) destroys, damages, degrades or adversely affects the performance of a computer resource; or
(b) attaches itself to another computer resource and operates when a program, data or instruction
is executed or some other event takes place in that computer;
(iv) "damage" means to destroy, alter, delete, add, modify or rearrange any computer resource by
any means.

49
55. Punishment for tampering with computer source code.--(1) Whoever intentionally or
knowingly conceals, destroys or alters or intentionally or knowingly causes other person to
conceal, destroy or alter any computer source code used for a computer, computer program,
computer system or computer network, when the computer source code is required to be kept or
maintained by any law for time being in force, then this activity of his will be regarded as
offence. (2) Whoever commits offence under sub-section (1) of this section he shall be
punishable with imprisonment for a term which may extend to three years, or with fine which
may extend to Taka three lakhs, or with both.16
Explanation.--For the purpose of this section, "computer source code" means the listing of
programs, computer commands, design and layout and program analysis of computer resources
in any form.
56. Punishment for hacking with computer system.--(1) If any person--
(a) with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the
public or any person, does any act and thereby destroys, deletes or alters any information
residing in a computer resource or diminishes its value or utility or affects it injuriously by any
means;
(b) damage through illegal access to any such computer, computer network or any other
electronic system which do not belong to him; then such activity shall be treated as hacking
offence.
(2) Whoever commits hacking offence under sub-section (1) of this section he shall be
punishable with imprisonment for a term which may extend to ten years, or with fine which may
extend to Taka one crore, or with both.
57. Punishment for publishing fake, obscene or defaming information in electronic form.--
(1) If any person deliberately publishes or transmits or causes to be published or transmitted in
the website or in electronic form any material which is fake and obscene or its effect is such as to
tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances,
to read, see or hear the matter contained or embodied in it, or causes to deteriorate or creates
possibility to deteriorate law and order, prejudice the image of the State or person or causes to
hurt or may hurt religious belief or instigate against any person or organization, then this activity
of his will be regarded as an offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable

50
with imprisonment for a term which may extend to ten years and with fine which may extend to
Taka one crore.
58. Punishment for failure to surrender licence.--(1) Where any Certifying Authority fails to
surrender a licence under section 34 of this Act, the person in whose favour the licence is issued,
the failure of the person shall be an offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable
with imprisonment for a term which may extend to six months, or with fine which may extend to
Taka ten thousands, or with both.
59. Punishment for failure to comply with order.--(1) Any person who fails to comply with
any order made under section 45 of this Act, then this activity of his will be regarded as an
offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to one year, or with fine which may extend to Taka
one lakh, or with both.
60. Punishment for failure to comply with order made by the Controller in emergency --
(1) Any person who fails to comply with any order made under section 46 of this Act, then this
activity of his will be regarded as an offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to five years, or with fine which may extend to Taka
five lakhs, or with both.
61. Punishment for unauthorized access to protected systems.--(1) Any person who secures
access or attempts to secure access to protected system in contraventions of section 47 of this
Act, then this activity of his will be regarded as an offence.
(2) Whoever commits offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to ten years, or with fine which may extend to Taka
ten lakhs, or with both.
62. Punishment for misrepresentation and obscuring information.--Whoever makes any
misrepresentation to, or suppresses any material fact from the Controller or the Certifying
Authority for obtaining any licence or Digital Signature Certificate shall be regarded as an
offence. 17

51
(2) Whoever commits any offence under sub-section (1) of this section he shall be punishable
with imprisonment for a term which may extend to two years, or with fine which may extend to
Taka two lakhs, or with both.
63. Punishment for disclosure of confidentiality and privacy.--Save as otherwise provided by
this Act or any other law for the time being in force, no person who, in pursuance of any of the
powers conferred under this Act, or rules and regulations made thereunder, has secured access to
any electronic record, book, register, correspondence, information, document or other material
shall, without the consent of the person concerned, disclose such electronic record, book,
register, correspondence, information, document or other material to any other person shall be
regarded as an offence.
(2) Whoever commits any offence under sub-section (1) of this section he shall be punishable
with imprisonment for a term which may extend to two years, or with fine which may extend to
Taka two lakhs, or with both.
64. Punishment for publishing false Digital Signature Certificate.--No person shall publish a
Digital Signature Certificate or otherwise make it available to any other person knowing that--
(a) the Certifying Authority listed in the certificate has not issued it; or
(b) the subscriber listed in the certificate has not accepted it; or
(c) the certificate has been revoked or suspended;
unless such publication is for the purpose of verifying a digital signature created prior to such
suspension or revocation and by breaching the rules such Digital Signature Certificate is
published or otherwise make it available to others shall be regarded as an offence. (2) Whoever
commits any offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to two years, or with fine which may extend to Taka
two lakhs, or with both.
65. Punishment for publishing Digital Signature Certificate for fraudulent purpose etc.--
Whosoever knowingly creates and publishes or otherwise makes available a Digital Signature
Certificate for any fraudulent or unlawful purpose shall be regarded as an offence. (2) Whoever
commits any offence under sub-section (1) of this section he shall be punishable with
imprisonment for a term which may extend to two years, or with fine which may extend to Taka
two lakh, or with both.

52
66. Punishment for using computer for committing an offence.--(1) Whosoever knowingly
assists committing crimes under this Act, using any computer, e-mail or computer network,
resource or system shall be regarded as an offence.
(2) Whoever aids committing any offence under sub-section (1) of this section he shall be
punishable with the punishment provided for the core offence.
67. Offences committed by companies etc.--If any offence is committed by a company under
this Act, then each director, manager, secretary, partner, officer and staff of the company who
has directly involvement in committing the said offence shall be guilty of the offence or the
contraventions, as the case may be, unless he proves that the offence or contravention was
committed without his knowledge or that he exercised sue diligence in order to prevent
commission of such offence or contravention.
Explanation.—For the purposes of this section.—
(a) “company” means any body corporate and includes commercial firm, partnership business,
cooperatives, association, organization or other association of individuals; and
(b) “director” in relation to a commercial firm includes a partner or member of Board of
Directors.18

6.5.3 Establishment of Cyber Tribunal, Investigation of Offences, Adjudication,

Appeal Etc:
68. Establishment of Cyber Tribunal.—(1) The Government shall, by notification in the
Official Gazette, establish one or more Cyber Tribunals to be known as Tribunal at times for the
purposes of speedy and effective trials of offences committed under this Act. (2) Cyber Tribunal
established under sub-section (1) of this section in consultation with the Supreme Court shall be
constituted by a Session Judge or an Additional Session Judge appointed by the Government;
and similarly appointed a Judge to be known as “Judge, Cyber Tribunal.” (3) Local jurisdiction
of entire Bangladesh or jurisdiction of one or more Session Divisions can be given to the Cyber
Tribunal established under this Act; and the Tribunal only prosecutes the offences committed
under this Act. (4) The on-going prosecution of any case of any Session Court shall not be
suspended or transferred automatically to the Tribunal of local jurisdiction concerned due to
tendering of local jurisdiction of entire Bangladesh or parts of jurisdiction constituted by one or
more Session Divisions to the Tribunal established by the Government later on, however, the

53
Government by notification in the Official Gazette, transfer the case to the Tribunal having
special local jurisdiction. (5) Any Tribunal, taken decision otherwise, shall not be bound to
retaking statement of witness who has already given statement, or taking rehearing or begin
again any other activities already undertaken under sub-section (1) of this section, however, the
Tribunal shall continue the prosecution from where it stood on the basis of already taken or
presented statement from the witness. (6) The Government, by order, shall define the place and
time; accordingly the special Tribunal shall conduct its activities from that place and time.
69. Trial procedure of Cyber Tribunal.--(1) Without written report of a police officer not
below the rank of Sub-Inspector or the prior approval of the Controller or any other officer
authorized by the Controller the special Tribunal shall not accept any offence trial.
(2) The Tribunal shall follow the rules mentioned in the Chapter 23 of the Code of Criminal
Procedure, if they are not inconsistent with the rules of this Act, which is used in Session Court.
(3) Any Tribunal shall not suspend any prosecution without having written reasons and unless it
is required for the sake of just adjudication.
(4) If the Tribunal is in the opinion that the accused person has been absconded and for that it is
not possible to arrest him and produce him before the Tribunal and there is no possibility to
arrest him immediately, in that case the Tribunal can order the accused person to appear before
the Tribunal by publishing such order in two mass circulated national Bengali dailies and if the
accused person fails to do so, the prosecution shall take place in his absence.
(5) The rules mentioned in sub-section (4) of this section shall not be applicable if the accused
person fails to appear before the Tribunal or absconded after getting bail.
(6) The Tribunal can order any police officer, or the Controller, or any officer authorized by the
Controller, as the case may be, to reinvestigate the case and submit the report within the
stipulated time of its own initiative or any application lodged to the Tribunal,
70. Application of code of criminal procedure in the activities of Tribunal.—(1) Rules of
Code of Criminal Procedure, as far as, are not inconsistent with the rules of this Act shall be
applicable in the activities of this Tribunal and it will have all the power as exercised by the
Session Court.
(2) The person prosecuting the case on behalf of the Government in this tribunal to be known as
public prosecutor.

54
71. Rules relating to bail.—The Judge of Cyber Tribunal shall not bail any person accused in
committing crime under this Act, which is punishable, unless--
(a) Hearing opportunity is given to the Government side on similar bail orders;
(b) The Judge is satisfied that,--19
(i) There is reasonable cause to believe that the accused person may not be proved guilty in the
trial;
(ii) The offence is not severe in relative term and the punishment shall not be tough enough even
the guilt is proved.
(c) He writes down the reasons of similar satisfactions.
72. Time limit to deliver verdict.--(1) The Judge of Cyber Tribunal shall give the verdict within
ten days from the date of completing of taking evidence or debate, what happened later, unless
he extends the time limit no more than ten days with having written reasons. (2) If the verdict is
given by the Cyber Tribunal under sub-section (1) of this section or any appeal is lodged against
the verdict to the Cyber Appellate Tribunal then Cyber Tribunal or Cyber Appellate Tribunal
concerned shall forward the copy of the verdict of the appeal to the Controller for preserving it in
the electronic records repository room established under section 18 (7) of this Act.
73. Prescribed timeframe for dissolving cases by Cyber Tribunal.—(1) The Judge of Cyber
Tribunal shall complete the prosecution within six months since the date of filing the charge
sheet. (2) If the Judge of Cyber Tribunal fails to complete the prosecution within the time limit
fixed under sub-section (1) of this section can extend the time limit another three months having
written the reasons. (3) If the Judge of Cyber Tribunal fails to complete the prosecution within
the timeframe fixed under sub-section (2) of this section can continue the prosecution process
having written the reasons and submitted it as a report to the High Court and the Controller.
74. Prosecution of offence by Session Court.—Whatever is contained in the Code of Criminal
Procedure, until the special tribunal has not been established, the Session Court shall prosecute
any offence committed under this Act.
75. Prosecution procedure followed by the Session Court.—(1) To prosecute any offence
committed under this Act which is trialed in Session Court, Session Court shall follow the rules
mentioned in section 23 of the Code of Criminal Procedure which is applicable in Session Court
trial.

55
(2) Any Session Court shall not accept any prosecution/trial of any offence committed under this
Act without any written report from the police officer not below the rank of Sub-Inspector of the
Police and prior approval of the Controller or any officer authorized by the Controller, whatever
is contained in the Code of Criminal Procedure.
76. Investigation of crime, etc.—(1) Whatever is contained in the Code of Criminal Procedure,
the Controller or any officer authorized by the Controller, or any police officer not below the
rank of Sub-Inspector of the Police shall investigate any offence committed under this Act.
(2) Offence committed under this Act shall be non-cognizable offence.
77. Confiscation.—(1) Any computer, computer system, floppies, compact disks (CDs), tape
drives or any other accessories related thereto, in respect of which any provision of this Act,
rules, orders or regulations made thereunder has been or is being contravened, or in respect of
which any offence has been committed, shall be liable to confiscation by an order of the court
trying an offence or contravention.
(2) If the court is satisfied, that the computer, computer system, floppies, compact disks (CDs),
tape drives or any other accessories belonging to a person or under control of him related thereto,
in respect of which any provision of this Act, rules, orders or regulations made thereunder has
not been responsible to contravene, or committing an offence, then the computer, computer
system, floppies, compact disks (CDs), tape drives or any other accessories shall not be
confiscated. (3) If any legal computer, computer system, floppies, compact disks (CDs), tape
drives or any other accessories is found with the computer, computer system, floppies, compact
disks (CDs), tape drives or any other accessories which is confiscated under sub-section (1) of
this section shall also be confiscated.
(4) Any computer or other relevant accessories belonging to the Government or Body
Government Authority is used to commit an offence under sub-section (1) of this section,
whatever contained in this section, shall not be confiscated.20
78. Penalties or confiscation no bar against other punishments.—No penalty imposed or
confiscation made under this Act shall prevent the imposition of any other punishment to which
the person affected thereby may be liable under any other law for the time being in force.
79. Network service providers not to be liable in certain cases.—For the removal of doubts, it
is hereby declared that no person providing any service as a network service provider shall be
liable under this Act, or rules and regulations made thereunder, for any third party information or

56
data made available by him if he proves that the offence or contravention was committed without
his knowledge or that he had exercised due diligence to prevent the commission of such offence
or contravention.
Explanation.—For the purposes of this section,--
(a) “network service provider” means an intermediary;
(b) “third party information” means any information dealt with by a network service provider in
his capacity as an intermediary.
80. Power of seize or arrest in public place, etc.—Any investigation taken under this Act, the
Controller, or any officer of Government authorized by the Government or any police officer not
below the rank of a Sub-Inspector of Police are in opinion that an offence has been committed or
being committed or offence which is punishable under this Act has been committed, then having
written the reasons, may enter the public place and search and seize the germane materials and
arrest the concerned person or the offender.
81. Procedure of search, etc.—The provisions of the Code of Criminal Procedure shall, subject
to the provisions of this Act, apply, so far as may be, in relation to all investigations, entry,
search and arrest made under this Act.

6.5.4 Establishment of Cyber Appellate Tribunal, Etc:

82. Establishment of Cyber Appellate Tribunal.—(1) The Government shall, by notification
in the Official Gazette, establish one or more Cyber Appellate Tribunals to be known as
Appellate Tribunal.
(2) Cyber tribunal established under sub-section (1) of this section shall consist of one Chairman
and two members to be appointed by the Government.
(3) A person shall not be qualified as the Chairman of a Cyber Appellate Tribunal unless he is, or
has been, or is qualified to be, a Judge of the Supreme Court and one of the members shall be
serving in judicial department or retired District Judge and the other member shall be a person
having adequate knowledge and experience in information and communication technology.
(4) Chairman and members shall be retained in the positions since the date of joining between no
less than three years and no more than five years and their terms of reference shall be determined
by the Government.

57
83. Procedure and powers of Cyber Appellate Tribunal.--(1) Cyber Appellate Tribunal shall
have the power to hear appeal and dissolving the verdict and order given by Cyber Tribunal and
Session Court, as the case may be.
(2) In case of hearing and dissolving the appeal, Cyber Appellate Tribunal shall follow the
procedure defined by rules and if the rules do not exist in that case Appellate Tribunal shall
maintain the procedure in relation to hearing and dissolving of criminal appeal followed by the
High Court Division of the Supreme Court.
(3) Cyber Appellate Tribunal shall have the power to retain, revoke, alter, or rectify the verdict
or order made by the Cyber Tribunal.
(4) The decision made by the Appellate Tribunal shall be final.
84. Appeal procedure in case of not establishing Cyber Appellate Tribunal.--If the Cyber
Appellate Tribunal has not been established, whatever contained in the Code of Criminal
Procedure, 21 appeal shall be lodged in the High Court Division of Supreme Court against the
verdict and order given by the Session Court or Cyber Tribunal, as the case may be.

6.5.5 MISCELLANEOUS:
85. Public servants.--The Controller, the Deputy Controller, the Assistant Controller or any
person empowered under this Act to exercise his power and carrying out the tasks shall be
deemed to be public servants within the meaning of section 21 of Penal Code.
86. Protection of action in good faith.--No suit, prosecution or other legal proceedings shall lie
against the Government, the Controller, the Deputy Controller, the Assistant Controller or any
person acting on his behalf, for anything which is in good faith done or intended to be done in
pursuance of this Act or any rule, regulation, order or direction made thereunder.
87. Augmented use of few definitions used in few acts.--For the purpose of this Act,--
(a) The definition of "document" in section 29 of Penal Code, 1860 (Act XLV of 1860) also
includes the document generated or prepared by electronic machine or technology;
(b) The definition of "document" in section 3 of Evidence Act, 1872 (Act I of 1872) also
includes the document generated or prepared by electronic machine or technology;
(c) The definition of "bankers books" in section 2, Clause (3) of Banker's Books Evidence Act,
1891 (Act XVIII of 1891) also includes the books viz. ledgers, day-books, cash-books, account-
books and all other books generated or prepared by electronic machine or technology;

58
88. Power of Government to make rules.--The Government may, by notification in the Official
Gazette and in the Electronic Gazette, make for all or any of the following rules for carrying\ out
of this Act:
(a) the manner in which any information or matter may be authenticated or any document may be
signed by means of digital signature;
(b) the electronic form in which filing, issue, grant or payment;
(c) the manner and format in which electronic records shall be filed, or issued and the method of
payment;
(d) the matters relating to the type of digital signature, manner and format in which it may be
affixed;
(e) the qualifications, experience and terms and conditions of service of the Controller, Deputy
Controllers and Assistant Controllers;
(f) other standards to be observed by the Controller;
(g) the requirements which an applicant must fulfill;
(h) the period of validity of licence;
(i) the format in which an application may be made;
(j) the amount of fees payable with application for licence;
(k) such other document which shall accompany an application for licence;
(l) the form of application for renewal of a licence and the fee payable;
(m) the form in which application for issue of a Digital Signature Certificate and the amount of
fees payable;
(n) the qualifications and experience of Chairman and members of Cyber Appeal Tribunal; 22
(o) the form in which appeal may be filed;
(p) the procedure of investigation;
(q) other such necessary matters.
89. Power of Controller to make regulations.--The Controller with prior approval of the
Government, by notification in the Official Gazette and in the Electronic Gazette, make for all or
any of the following regulations:--
(a) the particulars relating to maintenance of database containing the disclosure record of every
Certify Authority;

59
(b) the conditions and restrictions subject to which the Controller may recognize any foreign
Certifying Authority;
(c) the terms and conditions subject to which a licence may be granted;
(d) other standards to be observed by a Certifying Authority;
(e) the manner in which the Certifying Authority shall disclose the particular matters;
(f) the particulars of statement which shall accompany an application.
90. Original script & English script.--The original script shall be in Bengali and there shall be
a dependable English transcription of it. Provided that any conflict arises between Bengali &
English scripts the Bengali script shall get domination.

6. 6 ROVISONS RELATING TO CYBER LAWS IN DIFFERENT COUNTRIES

The Indian parliament considered it necessary to give effect to the
resolution by which the General Assembly adopted Model Law on Electronic Commerce
adopted by the United Nations Commission on Trade Law. As a consequence of which the
Information Technology Act 2000 was passed and enforced on 17th May2000.the preamble of
this Act states its objective to LEGALIZE e-commerce and further amend the Indian Penal
Code 1860, the Indian Evidence Act 1872, the Banker’s Book Evidence Act1891 and the
Reserve Bank of India Act 1934. The basic purpose TO INCORPORATE the changes in these
Acts is to make them compatible with the Act of 2000. So that they may regulate and control the
affairs of the cyber world in AN EFFECTIVE manner. The Information Technology Act deals
with the various cyber crimes in chapters IX& XI. The important sections are Ss. 43,65,66,67.
Section 43 in particular deals WITH THE UNAUTHORIZED access, UNAUTHORIZED
downloading, virus attacks or any CONTAMINANT, CAUSES damage, disruption, denial of
access, interference with the service availed by a person. This section provide for a fine up to Rs.
1 Crore by way of remedy. Section 65deals with ‘tampering with computer source documents’
and provides for imprisonment up to 3 years or fine, which may extend up to 2 years or both.
Section66 deals with ‘hacking with computer system’ and provides for imprisonment up to
3years or fine, which may extend up to 2 years or both. Further section 67 deals

60
with publication of obscene material and provides for imprisonment up to a term of 10years and
also with fine up to Rs. 2 lakhs.58

Here I like to present a list of cyber laws existing in different parts of the WORLD: INDIA
Information Technology Act, 2000
Karnataka Cyber Cafe Regulations
Gujarat Information technology Rules, 2004.
IN Domain Name Dispute Resolution Policy (INDRP)
Rules for Information Technology Act 2000
Semiconductor Intergrated Circuits Layout Design Act 2000
Semiconductor Integrated CirCUITS LAYOUT-DESIGN RULES, 2001
IN Domain Name Registration Policy The Information Technology (Amendment) Bill, 2006
MOVED: Req: Indian Telegraph Rules, 1951

USA
THE DIGITAL MILLENNIUM COPYRIGHT ACT OF 1998
Deleting Online Predators Act of 2006
Adam Walsh Child Protection and Safety Act, 2006
CAN-SPAM Act 2003
FTC's Guidelines for Internet Advertising
Uniform Domain Name Dispute Resolution Policy
Computer Fraud and Abuse Act
Federal Trademark Act 1946 (The Lanham Act)

6.7 Conclusion
History is the witness that no legislation has succeeded in totally eliminating crime from the
globe. The only possible step is to make people aware of their rights and duties (to report crime
as a collective duty towards the society) and further making the application of the laws more
stringent to check crime. Undoubtedly the Act is a historical step in the cyber world. Further I all

58
[https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=0ahUKEwjz6Nmz3pDLA
hVWCY4KHR5LAkAQFggtMAI&url=http%3A%2F%2Fwww.academia.edu%2F4488760%2FCyber_Crime_and_Banglades
h_Perspective&usg=AFQjCNERjesIcY7NOy14gvJqmLi97c2k7A&sig2=-o3yKPrVD2jiKKOs1gSP5Q]

61
together do not deny that there is a need to bring changes in the Information Technology Act to
make it more effective to combat cyber-crime. I would conclude with a word of caution for the
pro-legislation school that it should be kept in mind that the provisions of the cyber law are not
made so stringent that it may retard the growth of the industry and prove to be counter-
productive.

62
 CHAPTER 7
CONCLUDING REMARKS

7.1 Recommendations
Now a day’s cyber-crime has been spreading all over the world to a great extent. Behind that the
most vital reason is to commit cyber-crime, no physical presence is needed on the spot.
Generally the criminals happen this crime using the highest privileges of the technology sitting
one corner of the world. So it is really difficult to identify the cyber criminals. As the cyber law
is not implemented strictly, the morality of the people is degrading for the random use of
pornography and morph image.
We should take precautions against cyber-crime. To make this a success the Ministry of
Information Technology, along with the IT professionals and the media must work together. The
young generation must be conscious about cyber-crime. Apart from monitoring and controlling
cyber-crimes, Bangladesh Computer Security Incident Response Team should take punitive
measures against the offenders, and in some cases BD-CSIRT should take action directly against
those who engage in carrying out harmful activities or blog against female students, society,
state, political and religious beliefs using phone, website and different social networking sites
under the telecommunication act.
Cyber-crime or electronic blackmail cannot be controlled without proper steps,
application of law, maximum monitoring and punitive steps. So the pace of the investigation
however can be faster; judicial sensitivity and knowledge need to improve. Focus needs to be on
educating the police and district judiciary. IT Institutions can also play a role in this area. We
need to sensitize our investigators and judges to the nuances of the system. We need to move
faster than the criminals. The real issue is how to prevent cyber-crime. For this, there is need to
raise the probability of apprehension and conviction. Bangladesh has a law on evidence that
considers admissibility, authenticity, accuracy, and completeness to convince the judiciary. The
government of our country has taken proper and strong steps against cyber-crime.59

59
[http://www.thedailystar.net/beta2/news/cyber-crime-the-growing-menace/].

63
If they are not consciousness about cyber-crime it will be very dangerous problem in
Bangladesh. For this Bangladesh needs total international cooperation with specialized agencies
of different countries. Bangladesh Government should established one strong cyber police force
squad. It is the duty of the government to provide security to all the citizens. Now it is time to
enact another law and that is cyber law. We need to organize seminar. We need to protest against
the illegal decision of the government.
In Bangladesh, under Information & Communication Technology Act-2006 (ICT Act-
2006) have different types of cyber-crimes. This Act shall given different punishment for these
offences. But I think this is not proper remedy against the cyber-crime from other countries. So,
other countries cyber law is more effective against the cyber-criminal or cyber-crime from
Bangladesh. Because they are proper apply and maintain their cyber law against the cyber-crime.

7.2 Conclusion

The conception of cyber-crime is relating to the age of information super highway of the
contemporary world. Now-a-days crimes are spreading at an alarming rate in the field of online
communication system by the intellectual criminals. At present, modern world largely depends
on technology which means the use of computer, internet and electronic tools. This wide-spread
use of technology has many abuses for which a new kind of crime that is said cyber-crime is
increasing. History is the witness that no legislation has succeeded in totally eliminating crime
from the globe. It is not possible to remove cyber-crime from cyberspace. But we can control it.
Bangladesh also fixed their Mission and Vision for ‘Digital Bangladesh’ with in 2021. But still
the people of Bangladesh are not conscious about cyber-crime. Many people do not know about
the Information Communication Technology Act, 2006. To get proper benefit from computer,
we have to protect abuse of computer system either cyber-crime. So we have to know about
cyber-crime.

64
 REFERENCES

BOOKS
1. Md. Borhan Uddin, Principles of Cyber Law and other related laws, 3rded.
(Dhaka: Shams Publication, 2011).
2. Zulfiquar Ahmed, Cyber law in Bangladesh, (Information and Communication
Technology Act, 2006), 2nd ed. (Dhaka: National Law Book, 2009).
3. R. K. Chaubey, An Introduction to Cyber Crime and Cyber Laws, 1st ed.
(Kolkata: Kamal Law House, 2009).
4. Prof. N.V. Paranjape, Criminology and Penology, 14th ed. (Allahabad: Central
Law Publications, 2009).
5. Sheikh Hafizur Rahman Karzon, Theoretical and Applied Criminology, 1sted.
(Dhaka: Palal Prokashoni, 2008).

STATUTES
1. The Information Technology Act 2006.
2. The Information Technology Act 2013
3. The Penal Code of Bangladesh 1860.

JOURNAL
1. M. Abul Hasanat, ‘Cyber Crime: An Ill-going Techno - Culture’, Journal of Law, Vol. i, no.1
(June 2003).

65
ELECTRONIC DATAS

1. [https://sites.google.com/site/cybercrimezbd/reasons-for-cyber-crime].
2. [http://en.wikipedia.org/wiki/International_cybercrime].
3. [http://www.preservearticles.com/201106117816/1306-words-free-sample-essay-on-
cyber-crime.html].
4. [http://www.kpmg.com/Global/en/IssuesAndInsights/ArticlesPublications/Documents/cy
ber-crime.pdf].
5. [http://www.emc.com/collateral/fraud-report/current-state-cybercrime-2013.pdf].
6. [http://online.wsj.com/search/term.html?KEYWORDS=CHAD+BRAY&bylinesearch=tr
ue].
7. [http://nolet.com/tags/email-address/chadbraywsjcom].
8. [http://www.antiessays.com/free-essays/300482.html].
9. [http://www.scribd.com/doc/27042582/Cybercrime-and-its-Impact-in-Bangladesh].
10. [http://www.thedailystar.net/beta2/news/cyber-crime-the-growing-menace/].
11. [http://www.newsnetwork-bd.org/cyber-crimes-up-against-women-in-bangladesh/].
12. [http://www.mediafire.com/?sbo2dd75rf0g7s8].
13. [http://pastebin.com/WFhmnqPB].
14. [https://www.facebook.com/247.bmn.bd/posts/389232124446829].
15. [http://www.newsnetwork-bd.org/cyber-crimes-up-against-women-in-bangladesh/].
16. [http://news.priyo.com/tech/2011/06/25/efficiencies-cyber-law-banglad-29806.html].
17. [http://www.prp.org.bd/downloads/ICTAct2006English.pdf].
18. [http://bdnews24.com/bangladesh/2013/04/02/bloggers-to-be-charged-under-ict-act].

66