Cyber Crime in Bangladesh The Problems and Prospects of Current Regulatory Regime
Cyber Crime in Bangladesh The Problems and Prospects of Current Regulatory Regime
Cyber Crime in Bangladesh The Problems and Prospects of Current Regulatory Regime
From the 21th century Computer, Internet, Mobile Phone and different kinds of electronic
device has increased rapidly. We are using computer in different kinds of office, insurance
company and financial institution for our transaction or our daily activities. On the other hand
we are using computer for social communication system like Face book, Twitter and Skype
etc. It is an important part of our daily activities. By taking this opportunity some people is
using computer for illegal purpose. They are doing crime by using social communication
system. For that reason many country has enacted different kinds of law for controlling cyber
crime. For example UK, USA, India and Bangladesh. Cyber crime is increasing in our
country for that reason Bangladesh Government has enacted Information and Communication
Technology Act 2006.Cyber crimes are classified as hacking, tampering source documents,
flowing of virus and worm, cyber fraud, cyber pornography, cyber terrorism and so forth.
Spear-phishing or targeted attacks on online consumers is a new cyber crime where cyber
criminals are interfering with normal activities from online banking to identify theft with the
aim to commit other crimes. Chapter 1 contains statement of the problem, objective of the
study and methodology of the study. Chapter 2 contains basic concept of cyber crime,
Chapter 3 contains about cyber hacking, Chapter 4 contains cyber fraud, Chapter 5 contains
cyber pornography ,Chapter 6 contains virus introduction, Chapter 7 contains cyber terrorism,
Chapter 8 contains cyber defamation, Chapter 9 contains disclosure of confidentiality and
privacy, Chapter 10 contains problems of the ICT Act 2006. In each chapter, after discussing
the relevant provisions of law, some suggestions also have been put forth for consideration.
1
CHAPTER ONE
Introduction
2
1.1 Introduction
Computer is probably the greatest crime tool today. People who know how to use them can
unlock doors that few of us event know. With over one trillion dollars moved electronically
each week, the Internet is where the money is, Cyber activity is very different from the use of
computers for a traditional activity.
While some criminologists would argue that theft is theft regardless of the medium used, it
falls under the cyber category, Computer crimes and be separated into two categories:
Computer –facilitated crime occurs when a Computer is used as a tool to aid criminal activity.
This can include storing records of fraud, producing false identification, reproducing, and
distributing copyright material, collecting and distributing child pornography, and many other
crimes.
Crimes where computers are the targets are unlike traditional types of crimes. Technology has
made it more difficult to answer the questions of who, what, where, hen, and how. Therefore,
in an electronic or digital environment evidence is now collected and handled differently than
it was in the past.1
1
Md. Najam Uddin;”Cyber Crime (Bangladesh Perspective)”; Southeast University, Dhaka.
3
1.2 Statement of the Problem
4
symbolic representation from harm or in other words it is preventing harm caused by
symbolic representations. It is a form of self-defense in cyberspace which cannot be left to
others. It is very difficult to control cyber crime because(1)criminals are well aware that there
victims are vulnerable and unaware about security and preventive measures;(2)they hardly
leave any evidence;(3)lack of adequate legislation to control them;(4)lack of awareness
among users;(5)lack of defined jurisdiction in cyberspace, cyber crimes took international
shape;(6)traditional laws are not adequate and present Information Technology Law is not
enough to prevent and control cyber crime in Bangladesh(7)cyber crime are not adequately
defined and scope is not specified;(8)lack of expert law enforcing agencies with
infrastructural support and(9)lack of expert judicial system with infrastructure.2
2
M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), p. 4.
5
Research Approach
Though the proposed study is primarily qualitative in nature, both qualitative and quantitative
approaches will be used for validity and reliability. In order to find out Cyber Crime in
Bangladesh an Analytical Approach study will be held. For mentioning footnote I have used
Chicago reference style.
Sources of Data
Necessary data will be collected from both primary and secondary sources. The secondary
data will be collected from relevant Books, Journal, Articles, Research Reports, Official
Publications, Thesis, Dissertations etc. and primary data will be collected from Judges,
Advocates, Litigant Peoples, Members of Law Commissions, Secretary of Law and Justice,
Division of Ministry of Law and Parliamentary Affairs, Relevant Laws for both Civil and
Criminal proceedings and Reports, Monthly and Yearly statements of the Supreme Court,
Law Commission, Law Ministry and District and Session Judge Courts.
6
Cyber Crime means use of Computer Technology in Committing Crime. On the other hand
Cyber Crime may be defined unlawful acts wherein the computer is either a tool or a target
or both. In Bangladesh following types of cyber crime is happening: Cyber Hacking, Cyber
Fraud, Cyber Pornography, Virus Introduction, Cyber Terrorism, Cyber Defamation and
Disclosure of Confidentiality and Privacy. For doing this research monograph I have used
some key words. Those are Digital Signature, Electronic, Electronic data inter-change,
Electronic From, Electronic Record. Internet, Electronic Mail, Data message, Controller,
Computer, Controller etc. In Bangladesh there are many laws for controlling crime. Those are
ICT Act 2006,ICT Rules 2010,Pornography Control Act 2010,Information Rights Act 2009
and Bangladesh Telecommunication Act 2001.Among them I have discussed the problems
and prospects of ICT Act 2006.
I have used Quantitative and Qualitative method for collecting data. To find out cyber crime
in Bangladesh I have used analytical approach methodology.
It is true that new multimedia technology presents uncontested opportunity worldwide to
promote and progress human society. With this we must not forget that nothing is absolute in
this universe, everything has its disadvantages or demerits. Some is applicable to internet and
new technology in the era of communication convergence. This internet new technology can
be used for commission of crime or to cause damage or injury to society. A new breed of
criminals have appeared to destroy computer, computer system, mobile phone with internet
connection wireless network, internet telephony system, web camera and the like which are
applicable in electronic commerce, electronic-governance and so on. Cyberspace has no
specific jurisdiction; therefore, criminals can commit crime from any location through
computer in the world leaving no evidence to control.
The present research work is to explore the cyber crime in Bangladesh and to find out the
problems and prospects of the ICT Act 2006.For that reason I find out cyber crime in
Bangladesh and the punishment for that related crimes. I have also given recommendation for
controlling cyber crime in Bangladesh.
7
8
CHAPTER TWO
Basic Concept of Cyber Crime
9
2.1 Introduction
It is a reality of the 21st Century that we are living in a cyber world. It comprises the most hi
tech benefits and difficulties of our day to day lives. Cyber reality incorporates many of our
real life activities including but not limited to online banking, online commerce and retail,
virtual learning, domestic and foreign trading through digital technologies , internet networks,
critical industrial infrastructures, telecommunications, air traffic control, global positioning
systems (GPS), global distribution systems(GDS) and hi tech medical equipment. Using
cyber space Bangladesh can facilitate its resources to extend business worldwide and actively
participate in multibillion dollar software trading and other prospective sectors. Global
economic strength depends on strong communication infrastructure which has already been
adopted by our neighboring countries India and China. Alongside many advantages there are
major risks also involved with this technology. Some of the most common and most
dangerous of these are: electronic fraud especially in the financial sector, identity theft, illicit
use of valuable information, hacking or cracking, cyber-stalking, distribution of pirated
software, terrorism, interference with sophisticated high level national security measures,
immoral activities, defamation and harassment which affect individuals at large.3
Prof. S.T. Viswanathan has given 3 possible definitions of cyber crimes and these are as
follows:(a)Any illegal action in which a computer is a tool or object of the crime; in other
words, any crime, the means or purpose of which is to influence the function of computer.
(b)Any incident associated with computer technology in which a victim suffered or could
have suffered loss and a perpetrator, by intention, made or could have made a gain.
3
Cyber Crime Prevention, 12th February 2015, from http://memorv.loc.gov/cgi
10
(c)Computer abuse is considered as any illegal, unethical or unauthorized behavior relating to
the automatic processing and transmission of data.4
The first recorded cyber crime took place in the year 1820! That is not surprising considering
the fact that the abacus, which is thought to be the earliest form of a computer, has been
around since 3500 B.C. in India, Japan and China. The era of modern computers, however,
began with the analytical engine of Charles Babbage.
In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom. This
device allowed the repetition of a series of steps in the weaving of special fabrics. This
resulted in a fear amongst Jacquard's employees that their traditional employment and
livelihood were being threatened. They committed acts of sabotage to discourage Jacquard
from further use of the new technology. This is the first recorded cyber crime!
Today computers have come a long way, with neural networks and nano-computing
promising to turn every atom in a glass of water into a computer capable of performing a
Billion operations per second.
Cyber crime is an evil having its origin in the growing dependence on computers in modern
life. In a day and age when everything from microwave ovens and refrigerators to nuclear
power plants is being run on computers, cyber crime has assumed rather sinister implications.
Major Cyber crimes in the recent past include the Citibank rip off. US $ 10 million were
fraudulently transferred out of the bank and into a bank account in Switzerland. A Russian
hacker group led by Vladimir Kevin, a renowned hacker, perpetrated the attack. The group
compromised the bank's security systems. Vladimir was allegedly using his office computer
at AO Saturn, a computer firm in St. Petersburg, Russia, to break into Citibank computers. He
was finally arrested on Heathrow airport on his way to Switzerland.5
4
M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), Page.8.
5
History of cyber crime,8th February 2015,from http:www.bezaspeaks.com/cybercrime/history.htm
11
2.4 Elements of Cyber Crime and Criminal Liability
From the definition of crime it is clear that it is clear that there are two elements of crime one
is mens rea and another is actus reus with certain exceptions e.g. in conspiracy only mens is
enough for imposing criminal liability. In crime against state e.g. false evidence, counfeiting
coin, white coller crime etc. Only actus reus are sufficient to impose criminal liability. The
general principle of criminal law is that no person is to be convicted of a crime unless it is
proved beyond reasonable doubt by the prosecution that is conduct is prohibited by criminal
law and he is liable for the same and also that he had a defined state of mind in relation to the
crime commission. In other words actus reus unaccompanied with mens rea is not a crime.
Keeping in mind above factors, we can classify cyber crimes. Classification of cyber crime is
very complex task because it is new spectacle of crime with ever increasing and ever growing
phenomenon.
There are several ways of classification of cyber crime. One way is to classify into main three
categories (1)Computer is the target as well as victim.(2)Computer is incidental to other
crime.(3)Crimes associated with the prevalence of computers which are also to be called as
computer crimes. For example in hacking, cyber theft, cyber blackmailing etc. computer is
target. Sometimes computer is not the essential factor for crime commission but it is a factor
to facilitate crime to be speedy and new procedures with quick communications. Here
computer is incidental to other crimes e.g., cyber pornography, harassment, unlawful banking
transactions and others. Another category is crimes associated with the prevalence of
computers e.g. software piracy, counterfeiting etc.
Don Parker, identified four forms of computer abuse namely:(1)computer might serve as the
victim of crime;(2)computer might constitute the environment within which a crime is
committed;(3)computer might provide the means by which a crime is committed or
(4)computer might symbolically be used to intimidate, deceive or defraud victims.
Another way of classification of computer crime is (1)Offences against the confidentiality
integrity and availability of computer data and system which includes illegal access, illegal
interception, data interference, system interference, illegal devices etc (2)Computer related
12
offence e.g. forgery, sabotage, cyber stalking etc.(3)Content related offence e.g. child
pornography, infringements of intellectual property rights etc.
2.6 Bangladesh Police set up Cyber Crime Unit to Combat Cyber Crime
In today’s world information system and network security has become a right issue for the
reason that to information has become more and more important to everyone as information
protects and develops human life every day. Understanding the essential need of security all
development countries have taken steps to address the problem on the other hand developing
countries are far away from being able to guarantee this rights. Threats to information Society
were emerging on the content level. Information security could however not be achieved by
technology alone. In order to respond to network threats and create a secure information
society, both comprehensive prevention measures and enforcement measure are necessary.
In Bangladesh the internet user is increasing rapidly. Bangladesh Police recently has taken
plan to set up a special unit to curb cyber crimes. The matter has become more urgent since
an e-mail message was sent to Bangla Daily Protom Alo, issuing a life threat to Awami
League President and Present Prime Minister Sheikh Hasina on August 23, 2004. Another
mail was sent to the police headquarters August 25, treating opposition leader and last Prime
Minister Begum Khaleda Zia, her son Tarique Rahman and Bangladesh Nationalist Party
Lawmakers. The Police department took the mails seriously and decided to set up a cyber
crime control unit, which will be the country’s first policing unit against cyber crime. Two
young men, a private university student and Software engineer, were arrested in connection
with the e-mail threatening.
6
M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), Page 12.
13
The first two have reportedly said that they had sent the mail for fun. As there is no
nationwide computer infrastructure, no watchdog or security system has yet been developed
in Bangladesh.
As the threat cyber crime is looming in the country with the rapid increase in the use of
Internet and modern technologies, speakers at a regional seminar stressed the need to enact an
Internet crime law to combat such offences. They also called for global cooperation to fight
cyber crime as it is not bounded by borders. They suggested formulating a law against
Internet crimes as soon as possible and providing proper training to law enforces to fight such
crimes. The Bangladesh Police in association with the Australian Federal Police organized the
three-day seminar on cyber crime that began at Dhaka Sheraton Hotel with an aim to share
experiences and foster cooperation in combating cyber crime. Experts from Australia, Hong
Kong, Sri Lanka, Nepal and the host country are taking part in the seminar. Inaugurating the
seminar, Caretaker Govt. LGRD Adviser Anwarul Iqbql said the cyber crime is not bounded
by borders as criminals take advantage of the technology available in the market in this
modern day and age. As a transnational crime, cyber crime is a global issue with a global
impact. It necessary for the developing countries to combat cyber crime, although the cost of
fighting such crimes is a burden on them, he added.
Mentioning various types of cyber crime such as computer hacking, Credit card forgery and
child pornography, he said it is tough for enforces to tackle such crimes. He also stressed the
need for cooperation among countries in this regard. As of today our capability to fight cyber
crime is inadequate, the ex home secretary said, adding that Bangladesh is trying to formulate
a cyber crime law and draft law is already in the hand. Australian High Commissioner
Douglas Foskett said cyber crime has become an issue of concern all over the world. As
Bangladesh is witnessing a rapid growth in the use of Internet, it needs to prepare to face the
threat, he said, Australian Hi-Tech Crime Centre is offering assistance to different countries
in this regard.
Additional Inspector General & National Project Director of the Police Reform Programme
(PRP) NBK Tripura said cyber and technology related crime is on the rise. Quoting the
Internet law news, the speaker said cyber crime has grown to be larger than illicit drug sales
worldwide and the analysts estimate that online fraud will bring in US 105 billion in 2007
alone. It is further estimated that the cost of data loss due to malicious activity will reach US
40 billion worldwide.
14
In 2008, three private university students again hacked RAB (Rapid Action Battalion)
website cyber space. They already arrested.7
Anybody can write or phone about their allegation on that address. On the other hand a
person can file FIR against cyber criminal to get remedy in any Police Station of
Bangladesh.8
7
Bangladesh Police set up Cyber Crime Unit, 8th February 2015,from teletechblog.blegspot.com/2013/05/cyber-
crime-cyber-security-and.html.
8
Translation from Bangla to English; Dr.Zulfiqar Ahmed; Bangladesher Cyber Ain ar Tatta o Bislation;(Muhit
Publication, February ,2014);P:377
15
2.9 Conclusion
It is very essential to emphasize here that the world is not run by weapons any more, or
energy or money. It is run by ones and zeros…little bits of data…it is all electrons. There’s a
war out there, a world war. It is not about who has the most bullets. It is about who controls
the information –what we see and hear, how we work, what we think. It is all about
information.
16
CHAPTER THREE
17
3.1 Problem of cyber-crime in the financial sector
The government is taking necessary legal steps to try and recover the missing funds.
Bangladeshi, American, and Filipino officials are now working closely to get to the bottom of
the mystery. Bangladesh has reportedly already retrieved around $20 million. We had been
basking in our success pertaining to the use of cyber space. We did not realize however that
there were gaps within our security systems and that the human mind which had created
digitalization was also capable of discovering ways and using them to profit from the nuances
of cybercrime.
The first rude awakening came after the discovery and complaints filed due to misuse of
ATM machines belonging to some Banks and withdrawal from different private Accounts of
large amounts of money without authorization of the account holders. This led to arrest by
the authorities of 14 persons on 4 March. It included 12 foreign nationals who were members
of international cyber crime fraud gang. They had fraudulently used social media platforms
and also hacked identity of individual customers to carry out their nefarious act.
This persuaded the Bangladesh Bank recommending to all Banks and financial institutions to
ensure cyber-security governance. They were also urged to take measures for ascertaining
existing technical gap assessment and vulnerability through a comprehensive cyber security
risk study. In this context the Bangladesh Bank also reiterated that cyber security should be
treated by all financial institutions as a collective responsibility. It was also acknowledged by
the Central Bank that “Bangladesh remains vulnerable to cyber-attacks because traditional
cyber defenses such as anti-virus software and firewalls are proving ineffective against new
threat vectors such as zero-day-malware and Advanced Persistent Threats (APT)”. Such
measures were recommended by the Bangladesh Bank because such cyber attacks were seen
as being capable of causing financial loss and creating a reputational risk. This was an
indirect acknowledgement of actors in the cyber scene who might be independent individual
hackers or part of a sophisticated well-resourced crime syndicate.
However, the disappointing aspect of this sermon from the Bangladesh Bank was that, while
giving necessary advice to all concerned, they had forgotten to heed their own suggestions
and failed to take adequate precaution of their own institution and its relationship with other
18
associated financial partners abroad. This failure on their part had been kept confidential and
away from the Bangladesh media.
The first hint of trouble came through media reports originating from the Philippine Daily
Inquirer which reported on 29 February that Philippine financial regulators were investigating
an estimated US$ 100 million bank heist. The newspaper also mentioned that Bangladeshi
authorities had obtained requisite information that the stolen funds were wired through the
Fed to the Rizal Commercial Banking Corporation (RCBC) in the Philippines. From there,
the cash was transferred to at least three Filipino casinos: Solaire Resort and Casino, City of
Dreams, and Midas. At the casinos, someone converted the cash into chips for betting and
then reconverted the chips into cash. This money was then sent to bank accounts in Hong
Kong. An additional fund of about US$ 21 million was also transferred illegally to a third
party in Sri Lanka.
After that the story gradually surfaced. Subsequently, the Bangladeshi media revealed that the
false transfer orders to Philippines included fraudulent payment orders of US$ 25 million for
the Kanchpur, Meghna and Gumti 2nd Bridge Construction Project, US$ 30 million for the
Dhaka Mass Rapid Transport Development Project, US$ 6 million for the IPFF project cell
and US$ 19 million for the Bheramara Combined Cycle Power Plant Development Project. A
ranking official of Pagcor, which is in charge of regulating gaming activities in Philippines
has said that the funds were split into a $26-million tranche that was channeled into the
account of Solaire Resort and Casino and a $20-million tranche that was directed to the
accounts of Easter Hawaii Casino and Resort at the Cagayan Economic Zone Authority in
Santa Ana, Cagayan province. The two tranches, totaling $46 million represented 56 percent
of the stolen money that entered the Philippine financial system between Feb. 5 and Feb 9,
2016.
Jim Finkle, an analyst on cybercrime noted that the perpetrators of the approximate US$100
million digital heist from the reserves of the Bangladesh's central bank had deep knowledge
of the institution's internal workings, likely gained by spying on bank workers. Unknown
hackers, it turned out had breached the Bangladesh Bank account on 4 February, stole
credentials for payment transfers and then ordered transfers out of a Federal Reserve Bank of
New York account held by Bangladesh Bank.
As expected, the Bangladesh government officials blamed the Fed for the attack when they
19
disclosed the loss. The New York Fed responded by saying there was no evidence that its
systems were compromised in the attack- one of the biggest bank thefts in history. The Fed
also pointed out that it had followed normal procedures when responding to requests that
appeared to be from Bangladesh Bank. This was done because the course of action was made
and authenticated over SWIFT. Belgian-based SWIFT, it may be noted is a member-owned
cooperative that Banks use for account transfer requests and other secure messages. Security
experts of the Fed also commented that to pull off the attack, cyber criminals had to first
gather information about Bangladesh Bank's procedures for ordering transfers, so that the
fraudulent requests would not raise red flags. In addition, experts in banking fraud also
mentioned that to stealing credentials for processing transfers, the hackers, in all likelihood
also spied on Bangladesh Bank staff to get a deeper understanding of the central bank's
operations. There was also the possibility that some of them might have discreetly assisted in
the hacking process. Kayvan Alikhani, a senior Director with security firm RSA, also
indicated that in addition to user names and passwords for accessing SWIFT, the hackers
likely needed to obtain cryptographic keys that authenticated the senders. Such certificates
might have been copied and used by impostors if they were not properly secured.
The Bangladesh Finance Minister has gone on record that he as well as the Bank and
Financial Institutions Division Secretary had been kept in the dark by the Bangladesh Bank
about the crisis. One has to agree with him that this was totally unacceptable.
In this context, Dr, Atiur Rahman, the Governor of Bangladesh Bank at the time of the
occurrence of the cyber-heist, has on 15 March, on his return from an official meeting in New
Delhi, voluntarily submitted his resignation from his post. By doing so he has acknowledged
his moral responsibility and set an example for others to follow. Former Secretary Fazle
Kabir has been appointed in his place. Two Deputy Governors of the Bangladesh Bank-
M.A.Quasem and Nazneen Sultana have also faced the axe. It has also been reported that a
high-powered Committee headed by former Bangladesh Bank Governor Dr. M. Farashuddin
has been constituted to investigate all aspects related to this criminal transaction. Those found
guilty must also face the music.
We must not have a repeat of the mal-governance that we have witnessed in the case of
recovery of lost funds through scams carried out in the Sonali Bank, the BASIC Bank, the
Hall Mark Group, the Bismillah Group and some other institutions. Lack of dispensation of
justice with regard to the criminal activities carried by these Groups in collaboration with
corrupt Bank officials still continue to irritate public opinion.
20
The government is also taking necessary legal steps to try and recover the missing funds.
Bangladeshi, American, and Filipino officials are now working closely to get to the bottom of
the mystery. Bangladesh has reportedly already retrieved around $20 million that was
laundered and forwarded to Sri Lanka. The Sri Lankan and Filipino authorities need to be
thanked for their close cooperation.
Interestingly it was also revealed in the second week of March that most fortunately, though
the hackers had tried to transfer illegally another $870 million from the Bangladesh Bank's
account at the Fed, they had been unable to carry out their operations through the
international banking system because regulators detected that something was fishy and
blocked the transfer. A spelling mistake prevented the illegal shifting of money. Apparently
the hackers misspelled the name of the NGO to whom the money was going to be transferred.
Instead of “foundation” the hackers had spelt it as “fandation”. This prompted a routing
Bank- Deutsche Bank to seek clarification from the Bangladesh Bank, which stopped the
transaction.
The seriousness of the situation is indicated by the fact that last year, Russia’s computer
security company, Kaspersky Lab informed that a gang of cyber criminals had stolen as much
as US$ 1 billion from nearly 100 financial institutions around the world over the previous
two years. The hard-working people of Bangladesh have now been victims of such a carefully
pre-planned scam that saw five Philippine nationals open five US Dollar accounts in a
Philippines Bank for the purpose of defrauding Bangladesh Bank on 15 May, 2015. It has
also been learnt that hackers installed malicious software into the Bangladesh Bank system in
January, 2016. This helped them to gain knowledge of the Bangladesh Bank’s working
methods before initiating the process of the heist.
It is understood that the Bangladesh Bank has sought cooperation from the Federal Bureau of
Investigation to recover the stolen funds. US Embassy Officials in Dhaka have apparently
responded positively. In addition, experienced information technology consultants from the
World Bank and Bangladesh have also been appointed to help investigate and collect
information on the existing cyber security system (that assists in the functioning of the back
office) related to the Accounts and Budgeting Department of the Bangladesh Bank. FireEye
Inc’s Mandiant Forensics Division is also helping in the investigation. Experts believe that on
21
conclusion of the current inquiry, steps will be taken by the Bank to install new software to
make the Bangladesh Bank activities safer.
Unfortunately, while the Bangladesh Bank was so pro-active in advising how to stop ATM
fraud in other financial institutions, it forgot that the adage “Prevention is better than cure”
also applies for them. Cybercrimes, we need to remember cover a range of offences that are
committed against individuals or groups of individuals with a criminal motive to intentionally
harm the reputation of the victim or cause physical or mental harm, or loss, to the victim
directly or indirectly, using modern telecommunication networks.
Due to easily exploitable laws, cybercriminals use developing countries in order to evade
detection and prosecution from law enforcement. Laws against cybercrime in these countries
are weak or sometimes nonexistent. Such crimes may threaten a nation’s security and
financial health. It is also clear that both governmental and non-state actors engage in
cybercrimes, including espionage, financial theft, and other cross-border crimes.
Unfortunately, it appears that the regulatory regime regarding control of cybercrime or server
management (in the case of e-commerce) is weak in Bangladesh. It might be useful to
seriously study the European Union Directive 2013/40/EU, the offences enumerated within
the Directive and other definitions and procedural institutions as enumerated in the Council
of Europe’s Convention on Cybercrime.
We need to remove our deficiencies - sooner the better. This is vital to restore faith in our
financial system among foreign investors, lenders and buyers (of our products). 9
9
Muhammad Zamir, a former ambassador, is an analyst specialised in foreign affairs, right to information and
good governance.
22
CHAPTER FOUR
of Bangladesh: An Overview
23
4.1 Introduction
In the present global scenario, information technology is the most critical and disputable
term. It is the most intense innovation which is quick and precise in all areas. Expanded use
of Information & Communication Technology, like computers, mobile phones, Internet, and
other related developments are responsible for not only creative activities but destructive
activities also. The destructive activities are considered as cyber-crime, which includes credit
card fraud, spamming, e-money laundering, ATM fraud, Phishing, Identity theft, Denial of
Service in the banking sector.
4.2. Cyber-crime
An Overview Computers, Internet and other electronic medium are the tools that make
possible the instant exchange and distribution of data, images, and materials. The fraudulent
activities of IT are termed as cyber-crime, e-crime, hi-tech crime, or electronic crime. These
practices involve the use of computer or internet as a medium, source, instrument, target, or
place of a crime.
Computer and Internet plays a key role in various activities, such as, recording financial
transactions, routing telephone calls, measuring power usage, monitoring medical treatments,
etc. However, they also contribute to electronic crime, such as:
Cyber Stalking: Cyber Stalking means following every moves of an individual over internet.
It can be done with the help of many protocols available such as e- mail, chat rooms, user net
groups etc.
● Phishing: It is a technique of pulling out confidential information from the
bank/financial institutional account holders by deceptive means.
● Hacking: Hacking is a simple term which means illegal intrusion into a computer
system without the permission of owner/user
● Denial of Services: This is an act by the criminal, who floods the bandwidth of the
victim's network or fill his e-mail box with spam mail depriving him of the services
he is entitled to access or provide, or when internet server is flooded with continuous
bogus requests so as to denying legitimate users to use the server or to crash the
server.
24
● E-mail Spoofing: A spoofed email is one in which e-mail header is forged so that
mail appears to originate from one source but actually has been sent from another
source.
● Spamming: Spamming means sending multiple copies of unsolicited mails or mass
e-mails such as chain letters.
● Cyber Defamation: This occurs when defamation takes place with the help of
computers and or the internet. e.g. if someone publishes defamatory matter about
someone on a website or sends e-mails containing defamatory information Although,
Internet and web technologies are growing at a fast pace and are providing new
opportunities, they are also consisting of certain threats like, email espionage, credit
card fraud, spams, software piracy, etc.
25
2. Transfer-of-wealth/IP attacks. The more serious economic crime confronting
businesses is that of internal cyber risk: the stealing of Intellectual Property - trade
secrets, R & D information, company strategies, etc. The damage could lead to loss of
billions of dollars and destroy a company or even a large economic system. These
attacks are usually not being anticipated by a company and are difficult to detect.
7. Cyber-crime in Banking Sector Concepts
According to Jaleshgari (1999), Banking sector throughout the world was simple and
reliable till mid-1990s,; however since the initiation of technology, the banking sector
experienced a paradigm shift in the phenomenon. In order to enhance their customer
base banks introduced many platforms through which transactions could be done
effortlessly (Vrancianu and Popa, 2010). These technologies enabled the customer to
access their bank finances 24/ 7 and year around through, ATMs and Online banking
procedures. Information Technology (IT) has become a vital part of the banking
system. Just like banking is the backbone of the economy, IT has become the
backbone of the banking system. It is nearly impossible for banks to provide new
financial products without relying heavily on IT. The banking sector is coming up
with various progressive changes to transform the "brick-and-mortar" bank branches
to an advanced framework of "core banking solutions". The present contemporary age
has replaced conventional financial instruments from a paper based currency to
"plastic money" in the form of credit cards, debit cards, etc. This has brought about
the vast use of ATM everywhere throughout the world. The use of ATM is convenient
but has a negative side, which is manifested in the form of "ATM frauds". Credit card
fraud has gotten to be conventional on the internet which affects card holders as well
as online sellers.
26
Charge card fraud can be conducted by assuming control over the record, skimming, or if the
card is stolen. The expression "Internet fraud" usually refers to any type of fraud scheme
consisting of various components of the Internet, like chat rooms, email, forums, or websites
- to execute fraudulent transactions or distribute to other associated with the plan. Banking
criminals are utilizing different electronic medium, for example, web, email, and encoded
messages for their fraudulent activities.
27
❑ On December 2, 2015, Hackers breached the network security of Sonali Bank and
took control of its website for a couple of hours.The programmer distinguished
himself as a 'Muslim Hacker'.
❑ In February, 2016, skimming attacks in six ATM booths of three commercial
banks.
❑ And the largest e-money laundering in the history of banking occurred in February
2016, when hackers stole $101 million from the Bangladesh bank's account with the
Federal Reserve Bank of New York.
Evidence of hacking in commercial banks demonstrates corruption in the government's
procurement framework where unqualified vendors were selected without proper evaluation
of skills and consultation of IT experts.
28
chips for betting and then reconverted the chips into cash. This money was then sent to bank
accounts in Hong Kong. An additional fund of about US$ 21 million was also transferred
illegally to a third party in Sri Lanka. The attempt could not be fulfilled in totality following a
typing error that alerted one of the routing banks and transaction was stopped. . Instead of
"foundation" the hackers had spelt it as "fandation". This prompted a routing Bank Deutsche
Bank to seek clarification from the Bangladesh Bank, which stopped the transaction. Spelling
mistake prevented the illegal shifting of money. But the hackers were successful in siphoning
$81 million in the initial four transactions. The theft of such a large amount from national
reserves astonished many in Bangladesh and abroad. Doubts are being expressed about the
country's readiness to protect its financial infrastructure, which is undergoing digitization.
Different investigations are being carried by various enquiry commissions like FBI,
Bangladesh Banks appointed committee & CID officials of Bangladesh. Bangladesh
investigators have identified at least 20 foreign nationals who they claimed were involved in
the cyber heist till date.
29
Figure1: Assumed incidents what the hackers did to steal the reserve
The government has also formulated a cyber security law. Despite that, there are uncertainties
over preventing the culprits of such violations may be difficult unless it gets assistance from
international community. The global cooperation can be focused on areas like international
safety standard, training and information sharing. An international Cyberpol can be
established more in the line of the Interpol. Unfortunately, it appears that the regulatory
regime regarding control of cybercrime or server management (in the case of e-commerce) is
weak in Bangladesh. For this, easily exploitable laws, cyber-criminals use developing
countries like Bangladesh in order to evade detection and prosecution from law enforcement.
Laws against cyber-crime in our country is weak or sometimes nonexistent.
30
4.9 Ensuring Cyber Security Governance:
This incidents persuaded the Bangladesh Bank recommending to all Banks and
financial institutions to ensure cyber-security governance i.e.:
Taking measures for ascertaining existing technical gap assessment and vulnerability
through a comprehensive cyber security risk study.
● Treating cyber security as a collective responsibility by all financial institutions.
● Installing Anti-skimming devices to the ATM booths.
● Use of EMV (Europay, Mastercard &Visa) Standard card to avoid skimming
Such measures were recommended by the Bangladesh Bank because such cyber-
attacks were seen as being capable of causing financial loss and creating a
reputational risk. They should also emphasize on:
● Provide IT related training for skill development
● Monitoring over the IT related issues
● Testing hazard incident
● Mandatory adoption of IT related precaution to avoid such incidents.
● Creating customer awareness
5.10 Conclusion
The present conceptual framework has provided a brief overview of ongoing efforts to
prevent and control technology and computer related crime, highlighting general trends and
development within and outside the banking sector of Bangladesh. The banking industry is
constantly experiencing cyber-crimes like ATM fraud, E-money laundering, Credit card
fraud, Phishing etc. Since there was no noteworthy incidents of cyber-crime took place in the
banking sector of Bangladesh before 2016, there was no urge for such protective measures
against those crimes. But now it is high time for the banks to concentrate on cyber risk
management and mitigation. So, new technologies and services must be adopted to cope with
the situation as well as competition and security governance must be complied with.
Technological and legal advancement in the area of banking sector is necessary to overcome
the cyber-threats in banking industry. Bangladesh Bank should take necessary steps discussed
above to create awareness among the banks and their clients as well as making the
application of the laws more rigorous to check crime. As the regulatory authority of the
banking sector, Bangladesh Bank should also ensure mandatory compliance of cyber risk
management and cyber security governance for the operating banks. There is also a need to
bring changes in the Information Technology (ICT) Act to make it more effective to combat
cyber-crime
31
CHAPTER FIVE
Cyber Hacking
32
5.1 Hackers nature and Concept
According to Webster’s Dictionary hacker means “a computer enthusiast who is especially
proficient or a computer user who attempts to gain unauthorized access to computer
systems”.
Hacking is usually understood to be the unauthorized access of a computer system and
networks.
"Hacker" is used in two main conflicting ways,
As someone who is able to subvert computer security; if doing so for malicious purposes, the
person can also be called a cracker. An adherent of the technology and programming
subculture.
Hacking is the act of breaking in to a computer system and is a criminal offence under the
computer misuse. Protection against hacking has been provided under section 56.As per this
section hacking is defined as any Act with an intention to cause wrongful loss or damage to
any person or with the knowledge that wrongful loss of damage will be caused to any person
and information residing in a computer resource must be either destroyed, deleted, altered or
its value and utility get diminished.10
10
M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), Page 54.
11
M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), Page 56.
33
6.3 Legislative Approach in Bangladesh
1. According to section 56(2) of the ICT Act, whoever commits hacking shall be punished
with imprisonment of either description for a term which may extend to fourteen years to
seven years, or with fine which may extend to taka 10 lacks or with both.
2. Section 441 of the Bangladesh Penal Code runs as follows: Whoever enters into or upon
property in the possession of another with intent to commit an offence or to intimidate, insult,
or annoy any person in possession of such property or, having lawfully entered into or upon
such property, unlawfully remains there with intent thereby to intimidate, insult or any such
person, or with to commit an offence is said to commit criminal trespass.
3. Section 447 of the Bangladesh Penal Code has given punishment for criminal trespass.
Whoever commits criminal trespass shall be punished with imprisonment of either
description for a term which may extend to three months, or with fine which may extend to
five hundred taka or with both.
Mahmudur Rahman was charged with sedition by publishing Skype conversations between
Justice Md Nizamul Huq, then chairman of International Crimes Tribunal-1, and Ahmed
Ziauddin, an expatriate Bangladeshi legal expert.
Sahidur Rahman, prosecutor of the war crimes tribunal, filed the case with Tejgaon Police
Station on December 13 in 2012.
Home Minister Muhiuddin Khan Alamgir said Mahmudur was arrested under Bangladesh
Penal Code and in a case lodged under Information and Communication Technology Act,
2006.
According to the case statement, Mahmudur Rahman, by publishing conversations after
hacking Skype, created a negative impression about the tribunal at home and abroad and
obstructed its proceedings and exercise of legal authority.
34
Amar Desh published the conversations on December 9, 10, 11, 12 and 13 last year. Amid
controversy, Justice Nizamul Huq resigned on December 11.
We can say, any dishonest, fraudulent activities in cyberspace using new multimedia
technology in the era of communication convergence for wrongful gain and to cause
wrongful loss to the victim which is prohibited by the criminal law and for which State
imposes punishment in cyber fraud.13
(2)Personal identities and password fraud in the cyberspace: In cyberspace the offenders
pretend that they are victims good friends and they try to convince victims with intention to
access their personal information so that this can be used by the accused to commit cyber
12
Staff Correspondent; “Mahmudur held in Skype Case”;The Daily Star;(Kazi Nazrul Islam Avenue,Dhaka-
1215);Friday, April 12,2013;Home
13
Cyber Fraud, 9th February 2015 from www.acfe.com/fraud-eexaminer.aspx?!
35
fraud i.e., credit card withdrawal, fraudulent money transaction, bank account fraud, ATM
fraud etc.
(3)Cyber fraud by False Representation: The offender in cyber space also represent falsely
that they have authority to do something for or on behalf of the victim/victims or they are the
Government officials. By this way they access the personal identity and commit cyber fraud.
(4)Cyber fraud using urgency: Urgent is the term the fraudsters often use with some
advertisement or statement which shows scope to win prize if invested by the potential victim
or victims.
(5)Cyber lottery fraud: Cyber lottery scheme is one way to commit cyber fraud which
requires investment in tickets to give chance to win prize. It may also be called as cyber
gambling.
(6)Credit scheme fraud in cyberspace: Credit scheme to offer loan in exchange of fees,
interests, taxes, service charge etc. is one way to commit cyber fraud.
(7)Travel related scheme: Cyber shopping, tele funding, telemarketing etc. are also ways to
commit fraud in cyber world.
(8)Electronic Mail Fraud and Internet Fraud: On January 2005, a mass e-mail was posted
to help Tsunami disaster victims but it was a way to spread computer virus, to initiate a
Denial of Service attack against a German website. The worm appears was “Tsunami
donation! Please help!”Which also invites recipients to open an attachment called
“Tsunamiesec.” If anyone opens it then it will forward the virus to other internet user
.Innocent users were into a belief that they are helping for Tsunami disaster.14
14
M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), Page 101.
36
documents etc. “The word fraudulently has been defined in s.25 of the BPC as follows, a
person is said to do a thing fraudulently if he does that thing with intent to defraud, but not
otherwise.”Therefore these sections of the BPC are helpful to prevent and control cyber fraud
though these are not sufficient to define cyber fraud.
15
M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), Page 161.
37
confusion seems a deliberate means of demonizing enemies, achieving political advantage, or
making a profit.16
(2)If any person does such crime under sub section 57(1) of the section he shall be punished
on first conviction with imprisonment of either description for a term which may extend
maximum 14 years and minimum 7 years and with fine which may extend to Taka 1 crore.
16
www.123helpme.com/
38
5.11 Case Reference
Robert Jone’s case
Fact: The accused Robert Jones of 34 years was a doctor of Alternative Therapy Centre. He
downloaded about 5000 pornographic images on his computers and superimposed his own
nude body on the picture. He was sentenced to jail for 4 months and his name was listed on
the register as sex offender for the seven years.17
(B) If any person does any crime under sub-section 54(1) of the Act he will be given penalty
of maximum 14 years and minimum 7 years or fined up to 10 lacs taka or for the both of
the above.
17
M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), Page 131.
18
Virus Introduction, 9th February 2015,com/encyclopedia/science/virus.htm.
39
5.14 Concept of Cyber Terrorism
The concept of cyber terrorism is not new world wide. Terrorists are addicted more to cyber
war than to making bomb. Even for making bomb for conventional attack they are using
Information and Communication Technology for quicker and cheaper communication within
groups and between groups. When the terrorists attack the Government, Government
activities or general people which are against national interest, it will be called cyber
terrorism. In this sense we can interpret cyber hacking, breaking, cracking, flowing virus
and objectionable materials, destruction, alteration, deletion of computer, computer
programme, computer system, computer network of government or Government agencies,
institution, or general public which cause terrorism to be treated cyber terrorism. Cyber
terrorism may be defined as use of computer as weapon or target to cause violence to
population or which go against national interest and Government’s computer system for the
purpose of this chapter.19
Information and Communication Technology Act 2006: According to section 57(2) If any
person will do any cyber terrorism than he shall be punished maximum imprisonment for 14
years and minimum imprisonment for 14 years and with fine which may extend to Taka 1
crore.
19
Dr. M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), Page 131.
40
number son websites. He was employee of Global Crossing as Computer technician till 2001
September. After he lost his job he established a website called evilax.com using Global
Crossing Stock symbol and committed this crime.
2. If the defamatory matter is of public concern, fault amounts at least to negligence on the
part of the publisher
Along with the core elements of defamation, the burden of proof is placed on the
plaintiff in a case, damages are usually awarded monetarily and in the United States, truth is
an “absolute defense” (Larson).
20
M. Dasgupta, Cyber Crime in India (Kalkata: Eastern Law House Private Ltd, 2009), Page 151.
41
5.18 Legislative Approach in Bangladesh
A. Bangladesh Penal Code 1860: According to section 500 whoever defames another shall be
punished with simple imprisonment for a term which may extend to two years or with fine or
with both.
B. Information and Communication Technology Act 2006: According to section 57(2) If any
person will do any cyber defamation than he shall be punished maximum imprisonment for
14 years and minimum imprisonment for 7 years and with fine which may extend to Taka 1
crore.
21
Zulfiquar Ahmed, Cyber Law in Bangladesh (National Law Book Company Dhaka,2009), p.210
42
5.20 Cyber Blackmail
Hundreds of British children are being blackmailed into performing sex acts online, the Child
Exploitation and Online Protection Centre has warned.
Abusers talk victims into sexual acts or sharing images, then threaten to send pictures to
family and friends.
Ceop said in 12 cases over two years, 424 children had been blackmailed in this way - 184 of
them in the UK.
Daniel Perry, who died aged 17, is thought to have been blackmailed with online footage
before his death.
The teenager is thought to have believed he was chatting with an American girl but was told
by blackmailers the conversations had been recorded.
They then threatened to share the video with friends and family unless he paid money.
Daniel Perry, from Dunfermline in Fife, died on 15 July. Cyber-blackmail is the act of
threatening to share information about a person to the public, their friends or family, unless a
demand is met or money is paid.22
22
Emma Brant and Amelia Butterly;”Cyber-blackmail: How to keep safe and deal with it”;BBC Newsbeat;20th
September 2013;Technology
43
CHAPTER SIX
Safety Measures to Prevent Cyber Crime
44
6.1 Safety tips on how to avoid being blackmailed online
Do not send any form of sexual picture. You never know where it may end up, even if you
think you know the person really well.
If you're being blackmailed or threatened tell someone you trust. It doesn't matter how
embarrassing it is or if you've done something you wished you hadn't.
Don't post personal information online, like your address, your email address or
mobile number. Keep personal information as general as possible.
Never let anyone have access to your passwords. Check the privacy settings on
accounts like Facebook/Twitter and make sure you know how to keep your personal
information private.
Think very carefully before posting photos of yourself online. Once your picture is
online, anyone can download it and share it or even change it.
Block any users that send you nasty messages on social media sites.
Never reveal your real name, your friends' names, where you go to school or your
place of work.
Don't open emails, downloads or attachments from people you don't know or trust as
they could contain a computer virus or unwanted messages.
45
6.3 Tips for staying safe on your phone
Try not to have your mobile or earphones on show, except when you're using it.
Download apps that can locate your phone and/or wipe data.
24
Emma Brant and Amelia Butterly;”Cyber-blackmail: How to keep safe and deal with it”;BBC Newsbeat;20th
September 2013;Technology
46
6.5 Digital Signature
A digital signature is a mathematical scheme for demonstrating the authenticity of a digital
message or document. A valid digital signature gives a recipient reason to believe that the
message was created by a known sender, such that the sender cannot deny having sent the
message (authentication and non-repudiation) and that the message was not altered in transit
(integrity). Digital signatures are commonly used for software distribution, financial
transactions, and in other cases where it is important to detect forgery or tampering.
This article is about cryptographic signatures. For simple signatures in digital form,
see Electronic signature.
A key generation algorithm that selects a private key uniformly at random from a set of
possible private keys. The algorithm outputs the private key and a
corresponding public key.
A signing algorithm that, given a message and a private key, produces a signature.
A signature verifying algorithm that, given a message, public key and a signature, either
accepts or rejects the message's claim to authenticity.
Two main properties are required. First, the authenticity of a signature generated from a fixed
message and fixed private key can be verified by using the corresponding public key.
Secondly, it should be computationally infeasible to generate a valid signature for a party
without knowing that party's private key. A digital signature is an authentication mechanism
that enables the creator of message to attach a code that act as a signature. It is formed by
taking the hash of message and encrypting the message with creator's private key.25
25
Digital Signature,9th February 2015,from en.wikipedia.org/wiki/digital signature
47
6.6 Digital Certificate
A digital certificate is an electronic "passport" that allows a person, computer or organization
to exchange information securely over the Internet using the public key infrastructure (PKI).
A digital certificate may also be referred to as a public key certificate.
Just like a passport, a digital certificate provides identifying information is forgery resistant
and can be verified because it was issued by an official, trusted agency. The certificate
contains the name of the certificate holder, a serial number, expiration dates, a copy of the
certificate holder's public key (used for encrypting messages and digital signatures) and the
digital signature of the certificate-issuing authority (CA) so that a recipient can verify that the
certificate is real.
To provide evidence that a certificate is genuine and valid, it is digitally signed by a root
certificate belonging to a trusted certificate authority. Operating systems and browsers
maintain lists of trusted CA root certificates so they can easily verify certificates that the CAs
have issued and signed. When PKI is deployed internally, digital certificates can be self-
signed.26
26
Digital Certificate,9th February 2015,from Searchsecuty.techtarget.com/definition/digital-certificate
48
Status can be tracked at all stages of information exchange which will be used in
investigation of any cyber crime.27
(2) Whoever commits any offence under sub-section (1) of this section he shall be punishable
with imprisonment for a term which may extend to two years, or with fine which may extend
to Taka two lakh, or with both.
27
Prospectus for Digital Signature and Digital Signature certificate in Bangladesh.
49
CHAPTER SEVEN
Comparative Study of ICT Act 2006 and IT Act 2008
1. There is a Cyber Crime Tribunal in Bangladeshi ICT Act 2006 but there is no Cyber
Crime Tribunal in Indian IT Act 2008.
2. In Bangladeshi ICT Act 2006, Cyber Appellate Tribunal shall consist 3 persons. Those
are one chairman and two members. Chairman will be a person who is Justice of
Supreme Court or eligible for being Justice of Supreme Court or retired District Judge
and other two members will be a person from Information and Technology expert. On
the other hand, Indian IT Act 2008, Cyber Appellate Tribunal shall consist 1 person
who will be a Judge of High Court Division.
50
3. In Indian IT Act 2008, Cyber Appellate Tribunal shall hold office for term of five
years. On the other hand ICT Act 2006 of Bangladesh the Cyber Appellate Tribunal
shall hold office for a term of three years.
4. In Indian IT Act 2008, there is a definition for Private Key and Public Key. On the
other hand there is no definition on Private Key and Public Key in ICT Act 2006 of
Bangladesh.
5. Under ICT Act 2006 for Cyber Terrorism the highest punishment is 14 years and
lowest punishment is 7 years. On the other hand under Indian IT Act 2008, to commit
cyber terrorism shall be punishable with imprisonment which may extend to
imprisonment for life.
6. In Indian IT Act 2008, punishment for publishing or transmitting obscene material in
electronic form shall be punished on first conviction with imprisonment of either
description for a term which may extend to three years and with fine which may
extend to five lakh rupees and in the event of the second conviction with
imprisonment of either description for a term which may extend to five years and also
with fine which may extend to ten lakh rupees. On the other hand, IT Act 2006
punishment for publishing obscene and defamation information in electronic form
shall be punished with imprisonment for a term which may be highest 14 years and
lowest may be 7 years.
7. In Indian IT Act 2008 of section 66E punishment for violation of privacy is
imprisonment which may extend to three years or with fine not exceeding two lakh
rupees or with both. On the other hand, IT Act 2006 of section 63 punishment for
violation of privacy is imprisonment which may extend to two years or with fine not
exceeding two lakh taka or with both.
8. In Indian IT Act 2008 of section 66D punishment for cheating by personation by
using computer resource shall be punished with imprisonment of either description for
a term which may extend to three years and shall also be liable to fine which may
extend to one lakh rupees. On the other hand Bangladeshi ICT Act 2006 of section 55
punishments for
9. Tampering with computer source documents shall be punished with imprisonment of
either description for a term which may extend to three years or with fine which may
extend to taka three lacks or with both.
51
52
CHAPTER EIGHT
Defects of the ICT Act 2006
53
8.1Defects of the ICT Act 2006
54
8. Violation of Fundamental Rights: We all know that constitution is the supreme law for a
country. According to article 39 of Bangladesh constitution every citizen has a right to
freedom of thought and conscience and of speech. But article 57 of the ICT Act has
captured this rights which is totally contradictory to the Bangladesh constitution. In
western country as like UK or USA it is right of every person to criticize executive person.
9. Non-applicability of the ICT Act 2006: Whereas the ICT Act 2006 only applies for
electronic data, so section 2 of this Act has excluded paper based documents relating to
following five definite substances from the jurisdiction of the Act and has also authorized
the Government to exclude any other documents:
a) Negotiable instruments Section 13 of the Negotiable Instrument Act, 1881.
b) Powers of Attorney;
c) Trusts: section 3 of the Trust Act 1882;
d) Wills: clause (h) of section 2 of the Succession Act 1925 and any other testamentary
disposition by whatever name called;
e) Contracts for the sale or other disposition of immovable property, or any interest of
such property;
f) Title deeds of immovable property.
This provision is accepted on the basis of Article 1 of the UNCITRAL Model Law, section 4
of Electronic Transactions Act 1998 of Singapore and section 1 of the Information
Technology Act 2000 of India.28
10. What is the meaning of obscene it is not defined in ICT Act 2006.
11. What is the meaning of defamation it is defined in ICT Act 2006.
12. Under the ICT Act 2006, Crimes are small but the consequence of punishment is very
high.
13. Judges of the Cyber Crime Tribunal or Cyber Crime Appellate Tribunal have not given
any discretionary power.
14. It has implemented to stop the mouth of the people.
15. ICT Act is totally contradictory to the other laws. Example: For defamation under
Printing, Press and Publication Act, 1973 the maximum punishment is two years and
under penal code the maximum punishment is three years. On the other hand ICT Act
2006, for defamation maximum punishment is fourteen years and minimum punishment
is seven years.
16. There is a specific punishment for defamation, Offence relating to religion, cheating and
fraudulent deeds and dispositions of property under penal code 1860.So what is the need to
implement Information and Communication Technology Act 2006.
17. After implementing ICT Act 2006, Government has established only one Cyber Crime
Tribunal in Dhaka District. So what will happen other 63 districts? Cyberspace has no
28
Zulfiquar Ahmed; Cyber law in Bangladesh (National Law Book Company Dhaka,2009), p.110
55
specific limit. Anybody can do cyber crime from any corner of Bangladesh. It is very
expensive for a person to continue a case against cyber criminal. Because there is a huge
distance between Dhaka and other district. So Government should establish 64 Cyber
Crime Tribunal in every district.
56
CHAPTER NINE
Recommendations & Conclusion
57
9.1 Recommendations
Co-operation, sharing of knowledge and practical experience.
Promotion of standardization of methods.
Establish good practice guidelines. To share the current crime scenes.
Establishment of digital forensic laboratory for investigation and detection of cyber
crime.
To train the trainers or teachers on IT crime investigation.
To share expertise with other members of Interpol who are technologically advanced.
Development and harmonization of best practice in relation to training standards in IT
investigation techniques.
Co-ordination and communication between organizations and Interpol members to
encourage sharing of IT crime investigation training programmes.
Creation and maintenance of a database for law enforcement on available training
accessible through the secure website and the internet.29
9.2 Conclusion
Now a day’s crime is spreading at an alarming rate in the field of online communication
system by the intellectual criminals. Through the development of technology crimes have
been developing in different ways and means. So laws should be developed in such a way
that crimes in the field of technological arena can be controlled in an iron hand. But no such
effective legal provisions exist at home and abroad. Though there are some laws and
conventions, they can’t be implemented due to some technical difficulties like procedural
complexities and lack of proper execution system. Taking these advantages, the criminals are
occurring heinous crimes. It causes harms to the privacy of individuals as well as creates
threat to the international peace and solidarity. Now it is the demand of time to prevent such
type of crimes for keeping individuals privacy as well as international peace and security.
Every country of the world enacts effective legal provisions within the purview of their
national boundary to protect cyber crimes. United Nations can also take necessary step to
prevent cyber crimes from the cyber space.
We are as nation gaining momentum with the information age. Use of computer is no longer a
luxury but a necessity. Computer has revolutionized modern life. Although we are slow to
response to this reality, it is optimistic that our young generation is making significant
progress. Compared to other professional, legal professional are way behind in utilizing this
29
Md. Nazmul Haque PPM;Rector (Addl. IGP);Cyber Crime; Police Staff College, Dhaka from his Lecture
Sheet
58
technology. Many of us do not even feel the importance of using computer let alone using it.
This not because we do not have enough information from which we would be enlightened as
to the usefulness of computer in the legal profession.
We are not in a position to make expert opinion on information technology but how a legal
profession can be benefited in using computer and to emphasis on the necessity to learn
computer. In future ICT related laws shall play a vital role. Data protection, Privacy laws,
Cyber terrorism laws, Computer fraud, computer crime, Internet law, Intellectual property
laws are some of the examples where legal professional will have to take active part.
Bibliography
30
Cyber Crime prevention in Bangladesh, 2th February 2015, from teletechblog.blegspot.com/2013/05/cyber-
crime-cyber-security-and.html.
59
1. Dasgupta Dr. M..”Cyber Crime in India”,”Kalkata and New Delhi”, Eastern Law
House Private Ltd., 10th July 2009.
2. Ahmed Dr. Zulfiquar.Cyber Law in Bangladesh,Islamia Market ,Nilkhet,Dhaka-
1209,National Law Book Company Dhaka,8th January,2009.
3. Ahmed Dr. Zulfiquar.”Bangladesher Cyber Ain Tatta O Bislation”,”Muhit
Publication”, February,2014.
Websites
1. http://books.google.com.bd/books?id=YEEgDsCYmbQC&printsec=frontcover&sour
ce=gbs ge summary r&cad=0#v=onepage&q&f=false
2. http://memorv.loc.gov/cgi-
bin/ampage?collld=llsl&fileName=001/llsl001.db&recNum=220
3. http://www.ti-bangladesh.org/beta3/index.php/en/about-us/what-we-do/research-
policv/research-knowledge/ti-reports
4. http://en.wikipedia.org/wiki/Constitution of Pakistan
5. http://en.wikipedia.org/wiki/Constitution of India
6. http://www.ti-bangladesh.org/beta3/index.php/en/about-us/what-we-do/research-
policy/research-knowledge
7. http://www.ti-bangladesh.org/beta3/index.php/en/research-policy/98-position-
paper/4039-parliament-and-good-governance-the-challenge-of-controlling-
corruption
8. http://wiki.answers.eom/Q/Difference between indian and Pakistani constitution
9. http://www.senate.gov/pagelayout/reference/three column table/measures propos
ed to amend constitution.htm
10. http://www.usconstitution.net/constamrat.html
60