Cyber Security Act: Change in name, not content

The manner in which various offences have been defined in the controversial Digital Security Act, have been defined in almost exactly the same manner in the Cyber Security Act. The substance of the two laws is also almost the same. In fact, the objections and concerns about the Digital Security Act (DSA) voiced by the United Nations Human Rights Commission, the Editors’ Council and other organisations, have not been addressed in the proposed law. The sentences have only been reduced in some cases and the number of sections with provisions for bail has increased.

The draft of the proposed Cyber Security Act was published in the evening yesterday, Wednesday, on the website of the Digital Security Agency of the government’s information and communication division. A comparison between this draft and the Digital Security Act shows that the changes include, firstly, a reducing of certain sentences and an increase in bailable sections. Secondly, for the offence (if proven) of publishing and spreading defamatory information, provision only for fine has been kept instead of prison sentence. Also, two sections (33 and 57) of the DSA have been completely dropped from the proposed law. The first of these two sections is about punishment for holding and transferring data information illegally. And the second is about offence related to anything ‘done in good faith’.

There are 60 sections in the draft of the new law. In the DSA there were 62. In the proposed law, the punishment is the same for offences committed repeatedly as is when committed for the first time. In the DSA, sentences are heavier for crimes committed for the second or more times.

The Editors’ Council had demanded amendments to 9 sections (8, 21, 25, 28, 29, 31, 43 and 53) of the DSA, stating that these would seriously damage free media and freedom of expression. In the proposed law, amendments have been made to the sentences and bail provisions in seven of these sections. But the offences haven’t been defined clearly and remain as before. And no changes have been made in two of these sections.

Meanwhile, the UN Office of the High Commissioner for Human Rights had called for two sections of the DSA (21 and 28) to be repealed. These two sections have not been repealed in the draft of the new law, only the sentences and bail clauses have been changed. But changes (basically about sentences and bail) have been brought about in the eight sections (8, 25, 27, 29, 31, 32, 43 and 53) for which the organisation had called for amendments.

Many among the various journalist organisations as well as lawyers and human rights activists, say that while the reductions of sentences and increase of bailable sections is positive, the definitions in the law are the same as before and so is the substance, giving rise to apprehensions of misuse and abuse of the law. Reducing, increasing or changing the sentences will not protect citizens’ rights. The changes being brought about will not serve to tangibly protect fundamental human rights.

The Editors’ Council, in a statement yesterday, said it is meaningless if there is no difference between the character of the DSA and the Cyber Security Act other than a change in name. The council said that before the Cyber Security Act is enacted, discussions must be held with the stakeholders in the news media so that it is not made into a weapon to snatch away press freedom like the DSA.

Speaking to journalists about this law on Monday, Law Minister Anisul Huq said, “I feel that what has been done now (Cyber Security Act) will be very helpful in preventing cybercrimes. And the abuse which you all (journalists) complained about, will also be stopped.”

Five years ago in 2018 the Digital Security Act was passed unilaterally in parliament, ignoring the objections and protests of the journalists, including the Editors’ Council. From the very outset, along with journalists, local and foreign human rights organisations had expressed concern about this law. Several ministers also admitted that in some instances with law had been misused.

Five years on, in face of protest and criticism, the government has decided to change the DSA and come up with the Cyber Security Act. The draft of the Cyber Security Act was approved in principle by the cabinet on Monday. After vetting, the law will go once again to the cabinet for final approval. The government aims to have the law passed during the parliament’s next session in September.

The UN Office of the High Commissioner for Human Rights had called for the repeal of two sections (21 and 28). But these have been kept in identical form in the proposed law. Section 21 has provision for punishment against any form of propaganda or campaign against the liberation war, the spirit of the liberation war, the father of the nation, the national anthem  the national flag. This section has provision for imprisonment not exceeding 10 years or fine up till Tk 10 million or both. In the proposed law only the sentenced has been reduced to 7 years. The fine remains Tk 10 million as before. The punishment for committing this crime for the second time or repeatedly had been life term or Tk 30 million fine or both. This has been dropped in the proposed law.

Section 28 of the DSA deals with hurting religious sentiment or values. This remains intact in the new law, with the vagueness not being addressed.

In this section, the sentence is imprisonment not exceeding five years or a fine not exceeding Tk 1 million or both. In the proposed law the punishment will be imprisonment not exceeding two years or fine not exceeding 500,000 or both.

TIB’s executive director Iftekharuzzaman feels that the proposed Cyber Security Act is the old black law in a new packaging. Speaking to Prothom Alo, he said, “There is no qualitative or significant change in the new law. It is much of an eyewash. Such laws are leading us to a surveillance-based society.”

Article 25 of the DSA deals with transmission, publication, etc. of offensive, false or threatening data or information. Any person committing such offence will be sentenced to imprisonment not exceeding 3 years or fine not exceeding Tk 300,000 or both. The content remains the same with a reduce sentence of 2 years but the same fine.

Article 29 of the DSA deals with publication, transmission, etc. of defamatory information with a maximum sentence of 3 years and fine of Tk 500,000 or both. The provision for imprisonment has been dropped in the new law, with only the fine in place. The fine now will be not exceeding Tk 2.5 million in place of Tk 500,000 as in the DSA.

Article 31 in the DSA is about deteriorating law and order, intentionally publishing or transmitting anything in website or digital layout that creates enmity, hatred or hostility among different classes or communities of the society, or destroys communal harmony, or creates unrest or disorder, or deteriorates or advances to deteriorate the law and order. If any person commits such an offence, he shall be punished with imprisonment for a term not exceeding 7 years, or with fine not exceeding Tk 500,000 or both. In the proposed law the sentenced as been reduced to 5 years and fine increased to Tk 2.5 million.

Article 32 of the DSA is about breaching secrecy of the government. The sentence not exceeding 14 years, or with fine not exceeding Tk 2.5 million or both. In the proposed law the sentence is not exceeding 7 years and fine Tk 2.5 million.

In its statement yesterday, Wednesday, the Editors’ Council said while the sentence in Section 32 has been reduced somewhat, the Official Secrets Act of 1923 from the colonial times has been retained. The colonial rulers used this act because they mistrusted the people of this country. The Editors Council saw no justification of this law in independent Bangladesh.

The proposed Cyber Security Act has fully retained the content of Section 8 of the DSA. This section says if any data or information related to any matter under the jurisdiction of the Director General that is published or propagated in digital media, creates threat to digital security, the Director General may request the Bangladesh Telecommunications and Regulatory Commission, to remove or block the data-information. If it appears to the law and order enforcing force that any data-information published or propagated in digital media hampers the solidarity, financial activities, security, defence, religious values or public discipline of the country or any part thereof, or incites racial hostility and hatred, the law and order enforcing force may request BTRC to remove or block the data-information through the Director General. If BTRC is requested, it shall, with intimation to the government, instantly remove or, as the case may be, block the data-information.

The Editors’ Council and the UN human rights high commission called for Section 43 of the DSA to be amended. This has been kept identical in Section 42 of the draft.

This section dealing with arrest without warrant states that if any police officer has reasons to believe that an offence under this act has been or is being committed, or is likely to be committed in any place, or any evidence is likely to be lost, destroyed, deleted or altered or made unavailable in any way, then he may, for reasons of such belief to be recorded in writing, proceed with the following measures, namely to enter and search the place, and if obstructed, to take necessary measures in accordance with the Code of Criminal Procedure, to seize the computer, computer system, computer network, data-information or other materials used in committing the offence or any document supportive to prove the offence, to search the body of any person present in the place; (d) to arrest any person present in the place if the person is suspect.

In yesterday’s statement the Editors’ Council said that the police has been given a sort of magisterial authority by this, which is in no way acceptable. As this section remains intact, the new Cyber Security Act can on now way be considered a new law.

The UN human rights high commission and the Editors’ Council had called for Section 53 of the DSA to be repealed. This relates to offences cognizable and bailable. There were 14 non-bailable sections in the DSA. These were 17, 19, 21, 22, 24, 26 27, 28, 30, 31, 32, 33 and 34. Of these, 8 have been made bailable in the proposed law. These are 22, 23, 24, 26, 28, 31, 32 and 34. In the new law, the bailable sections now are 18 (1)(b), 20, 22, 23, 24, 25, 26, 28, 29, 31, 32 and 46. And there are 6 non-bailable section in the proposed law. These are 17, 19, 21, 27, 30 and 33. The matter of bailable and non-bailable sections is dealt with in Section 52 of the proposed act.

Eminent lawyer Shahdeen Malik feels that there is scope for abuse of the proposed law too as the definition of the offences have not been changed. He told Prothom Alo that the area of abuse is that the offences have been mentioned very broadly. And so anyone can be face a case for saying anything. The difference is, the sentence after the trial is less to an extent. But the fear of committing an offence due to writing, has not been taken into consideration at all. There are no laws for defamation, hurting the spirit, hurting religious sentiment in any strong democratic country.