4) Cyberspace scenario in Bangladesh
5) Cyberspace scenario around the world
6) Public Interest Litigation (PIL).
7) Freedom in Cyberspace as a Human Right
8) PIL and Cited Public Interest Precedents in Cybercrimes and Internet-Related Issues by Countries
9) Findings from the Mentioned Precedents
10) Jurisdiction Issues Are Resolved in Bangladesh Under Digital Security Act,
10) Can PIL seek action against a foreign country?
11) Recommendations on PIL, Cybercrime and Internet in Bangladesh and Rest of the World
The Internet is the decisive technology of the Information Age, and with the explosion of wireless communication in the early twenty-first century, we can say that humankind is now almost entirely connected, albeit with great levels of inequality in bandwidth, efficiency, and price.1 Criminals take advantage of technology in many different ways. The Internet, in particular, is a great tool for scammers and other miscreants, since it allows them to carry out their trade while hiding behind a shield of digital anonymity. Cyber crime affects society in a number of different ways, both online and in the offline world. International cybercrimes often challenge the effectiveness of domestic and international law and law enforcement. Because existing laws in many countries are not tailored to deal with cybercrime, criminals increasingly conduct crimes on the Internet in order to take advantages of the less severe punishments or difficulties of being traced. Various organizations and governments have already made joint efforts in establishing global standards of legislation and law enforcement both on a regional and on an international scale. U.S.-China's cooperation is one of the most striking progress recently because they are the top two source countries of cybercrime.2 State Minister for ICT of Bangladesh, Zunaid Ahmed Palak has said, “Someone does not need an atom bomb to destroy a country. Cyber attack can damage an entire country - financially, administratively and in many other ways”.3 On the other hand, judiciaries in many countries have increasingly adopted a favorable attitude towards the use of public interest litigation (PIL) for advancing social change. It has emerged as a pivotal instrument of judicial activism by liberal interpretations of laws and statutes for a better regime of social justice. Application of Public interest litigation in cybercrimes and internet-related issues has become a burning issue in the latest realm of law and technology.
The Internet is the global system of interconnected computer networks that use the Internet protocol suite (TCP/IP) to link devices worldwide. It is a network of networks that consists of private, public, academic, business, and government networks of local to global scope, linked by a broad array of electronic, wireless, and optical networking technologies. The Internet carries a vast range of information resources and services, such as the inter-linked hypertext documents and applications of the World Wide Web (WWW), electronic mail, telephony, and file sharing.4
There is no commonly agreed single definition of “cybercrime”. It refers to illegal internetmediated activities that often take place in global electronic networks.5
Public interest law loosely, refers to legal practices undertaken to help poor or marginalized people, or to effect change in social policies in the public interest, on 'not for profit' terms (pro bono publico). In general terms it means a legal action initiated in the court of law for the protection of Public Interest.6
A public interest litigation petition can be filed only against a state, central government, municipal authorities and not any private party. However, a private party can be included in the PIL as a respondent. There must be a public injury caused by the wrongful act or omission of the state or public authority. It must not be frivolous litigation by persons having vested interests. A PIL may be filed by written application. However, in the past the Supreme Court treated even letters addressed to the court as PIL which is commonly known as Epistolary Jurisdiction.
In terms of cybercrime, we may often associate it with various forms of Internet attacks, such as hacking, Trojans, malware (keyloggers), botnet, Denial-of-Service (DoS), spoofing, phishing, and vishing. Though cybercrime encompasses a broad range of illegal activities, it can be generally divided into five categories:7
Illegal Access: “Hacking” is one of the major forms of offences that refer to unlawful access to a computer system.
Data Espionage: Offenders can intercept communications between users (such as e-mails) by targeting communication infrastructure such as fixed lines or wireless, and any Internet service (e.g., e-mail servers, chat or VoIP communications).
Data Interference: Offenders can violate the integrity of data and interfere with them by deleting, suppressing, or altering data and restricting access to them.
Pornographic Material (Child-Pornography): Sexually related content was among the first content to be commercially distributed over the Internet.
Racism, Hate Speech, Glorification of Violence: Radical groups use mass communication systems such as the Internet to spread propaganda.
Religious Offences: A growing number of websites present material that is in some countries covered by provisions related to religious offences, e.g., anti-religious written statements.
Spam: Offenders send out bulk mails by unidentified source and the mail server often contains useless advertisements and pictures.
Copyright and trademark-related offences
Common copyright offences: cyber copyright infringement of software, music or films.
Trademark violations: A well-known aspect of global trade. The most serious offences include phishing and domain or name-related offences, such as cybersquatting.
Fraud: online auction fraud, advance fee fraud, credit card fraud, Internet banking Forgery: manipulation of digital documents.
Identity theft: It refers to stealing private information including Social Security Numbers (SSN), passport numbers, Date of birth, addresses, phone numbers, and passwords for non-financial and financial accounts.
Cyberterrorism: The main purposes of it are propaganda, information gathering, preparation of real-world attacks, publication of training material, communication, terrorist financing and attacks against critical infrastructure.
Cyberwarfare: It describes the use of ICTs in conducting warfare using the Internet.
Cyberlaundering: Conducting crime through the use of virtual currencies, online casinos etc.
Cyberspace scenario in Bangladesh
There is increasing use of online technologies these days in practically all walks of life. Be it online shopping or online ticket booking for train or cinema or ordering of food through online services available or online payment of various bills or recharge of mobile phones and so on and so forth.
The draft of Digital Security Act, prepared by the ICT Division to prevent cyber crimes, had been submitted to the law ministry for vetting. State Minister for ICT Zunaid Ahmed Palak said if the new law is formulated it would be possible to ensure trial of cyber criminals. The state minister said the electronic transaction is growing fast in Bangladesh. Now, 30 per cent of transaction is being carried out through online. Besides, e-commerce is expanding rapidly in the country. However, Barrister Sara Hossain said the existing law is sufficient to tackle cyber crimes. Sara Hossain said the existing ICT (Information and Communication Technology) Act already has some provisions to tackle cyber crimes. “Instead of updating those provisions, the enactment of a new act is a vague step from the government. A new act should only be formulated when it is necessary,” she said adding that when an existing act can tackle the necessary legal translation against a crime, then there is no need for a new act.8
Observing that cyber crime is more serious than murder and rape, Law Minister Anisul Huq said there will be provisions of maximum 14 years’ imprisonment in the proposed ‘Digital Security Act-2016’, aiming to tackle the menace. The minister said sections 54, 55, 56 and 57 of the existing ICT Act will be incorporated in the new law. He revealed this while talking to reporters after a meeting on the draft of the proposed law at the Secretariat, UNB reports.9 The country is yet to build multiple cyber forensic labs over the last years though digitalization looms large. A complete 'IT Crime Forensic Lab ' is on the process to be established under Forensic Division with modern instruments to fight against cyber crime or crime related with computer and other IT technology.10 According to the Cyber Crime Investigation Centre at the police Criminal Investigation Department (CID), different units of police work on cyber crime. However, only CID has a forensic lab to help detect or investigate such crimes.11 According to government information, Social conflict is emerging through using cyber space apart from private data hacking. Attack on Ramu Buddhist Bihar in 2012, Cox’s Bazaar centering a Facebook status was an example of this. The government is demanding there is a call center under ICT department to protect such offences. On the other hand, BTRC has formed a Cyber Crime Response Team. Law enforcement department has also a Cyber Crime Cell.12
A) Amid calls for the repeal of section 57 of the Information and Communication Technology Act, the government has decided to revoke the controversial section that is prone to misuse. However, sources involved in the process said the contents of section 57 have been incorporated in the proposed Digital Security Act 2017 with some modifications. Section 57 and other controversial provisions of the ICT act will be removed, as the draft of the Digital Security Act has been finalized, Information Minister Hasanul Haq Inu told reporters after an inter-ministerial
meeting on the draft act at the law ministry yesterday.The draft, to be sent to the cabinet for approval, will contain proposals for abolishing sections 54, 55, 56, 57 and 66 of the ICT act, he said. According to section 57, if anyone deliberately publishes or transmits any false and obscene material on a website or in any electronic form, or causes deterioration in law and order or prejudices the state's image or hurts religious beliefs or instigates anyone against any person or organization, such activity will be regarded as an offence.
The offender will face a maximum punishment of 14 years' imprisonment, says the section. These offences have been included in various sections of the proposed act, said the sources. Section 30 of the draft act says that if any person or group deliberately publishes or transmits on a website or in any other electronic form any material which creates enmity and hatred among different sections or communities or hurts communal harmony, or creates instability or anarchy or the possibility of deterioration in law and order, the activity will be regarded as a crime. Such an offence will carry a maximum punishment of five years' imprisonment or a fine of Tk. 5 lakh or both. If anyone commits the crime twice or more, he or she will face a maximum punishment of seven years' imprisonment or a fine of Tk. 20 lakh or both.
Another section of the draft act mentions that if any person keeps, sends or preserves any secret information by intruding into any government, semi-government, autonomous or statutory body through computers, digital machines, computer or digital networks or any electronic medium, the activity will be regarded as a computer or digital espionage crime. Such an offence will carry a maximum jail term of 14 years or a fine of Tk. 25 lakh or both.If anyone commits the offence twice or more, the punishment will be life imprisonment or a maximum fine of Tk. 1 crore or both. The draft act contains another section which says that if a person, through digital or electronic devices, spreads or helps spread any propaganda against the spirit of the 1971 Liberation War or the Father of the Nation, he or she will face life imprisonment or a fine of Tk.
1 crore or both.
After yesterday's meeting, Law Minister Anisul Huq said the provisions of section 57 will not be kept in the draft law in the same form. Checks and balances could be kept in the Digital Security Act and also in the proposed Broadcast Act for ensuring people's freedom of speech, he said. Earlier on several occasions, the law minister said the government would scrap the section and make things clearer in the Digital Security Act. Yesterday, the information minister said the new act was formulated to ensure digital security of 16 crore citizens of the country. "I hope the draft will be placed in parliament in the coming winter session," he said.
Before the ICT act was amended in 2013, the maximum punishment for offences under section 57 was 10 years' imprisonment and a fine of Tk. 1 crore. Besides, police had to seek permission from the authorities concerned to file a case and arrest any person under the law. But through the amendment, the maximum jail term was raised to 14 years, and law enforcers were empowered to make arrests without a warrant. Rights activists and journalists have been critical of section 57 from the very beginning. They say the section goes against the people's right to freedom of expression and free speech as it contains vague wording, allowing its misuse against newsmen and social media users.
The debate over the section and demands for its repeal intensified following the arrest of veteran journalist Probir Sikdar in 2015.The journalist was arrested and sent to jail after he posted a status on Facebook. Amid widespread criticism, Inspector General of Police AKM Shahidul Hoque on August 2 instructed all police stations to consult the legal wing at the police headquarters before registering any case under the section. The ruling Awami League also directed its activists to take permission from its central unit before filing any case under the section.Around 300 cases were lodged under the section in the first seven months of this year. More than two dozen journalists were sued and several of them were arrested.13
Figure removed due to copyright reasons
The cabinet has approved the draft of Digital Security Act 2018 while keeping the provision for jail and fines on Monday. If the draft is passed in the parliament, sections 54, 55, 56, 57 and 66 of the Information and Communication Technology (ICT) Act will be repealed. The approval came from a cabinet meeting held at the Prime Minister’s Office on Monday. When questioned regarding the viability of the law, the secretary replied: “The increase in cyber crimes and the theft of Bangladesh Bank reserves have necessitated the formulation of such a law. We had no such law to fight cyber crimes. This law will now allow for the punishment of committing these crimes.” The cabinet secretary denied any allegations that the section 57 of the ICT Act has returned as the section 32 of Digital Security Act. Section 62 says that sections 54, 55, 56, 57 and 66 of the ICT Act have been eradicated completely.14
B) The Bangladesh Bank robbery, also known colloquially as the Bangladesh Bank heist, took place in February 2016, when instructions to fraudulently withdraw US$ 1 billion from the account of Bangladesh Bank, the central bank of Bangladesh, at the Federal Reserve Bank of New York were issued via the SWIFT network. Five transactions issued by security hackers, worth $101 million and withdrawn from a Bangladesh Bank account at the Federal Reserve Bank of New York, succeeded, with $20 million traced to Sri Lanka (since recovered) and $81 million to the Philippines (about $18 million recovered).The Federal Reserve Bank of New York blocked the remaining thirty transactions, amounting to $850 million, at the request of Bangladesh Bank. It was identified later that Dridex malware was used for the attack.
“Bangladesh Bank has plans to sue the Federal Reserve Bank of New York and three other banks if they are found to be in any way responsible for the defrauding of its foreign reserves from the US account.
The central bank has hired lawyer Ajmalul Hossain QC to determine if standard practices were followed in the siphoning off of the funds from its account with the NY Fed to Sri Lankan and Filipino banks.In one of the largest cyber heists in history, hackers directed the US Fed to transfer $81 million to accounts in the Philippines and $20 million to accounts in Sri Lanka.
SWIFT (Society for Worldwide Interbank Financial Telecommunication), a global bank messaging system, received their advices sent by using Bangladesh Bank credentials.The $20 million sent to Sri Lanka was recovered, but the amount sent to the Philippines is yet to be retrieved. SWIFT has already claimed that the hacking did not take place because of its system failure.
Deputy Governor SK Sur Chowdhury on Wednesday said Ajmalul Hossain QC will try to find out if the three banks carried out their ‘responsibilities properly’. “He will also determine if any legal step is needed in this regard,” he added.
The finance ministry in a Mar 13 report on the cyber heist said the three US banks were negligent in carrying out their responsibilities. The central bank, police’s CID and the probe team formed by Bangladesh government then started investigating to find the responsible. But, the NY Fed had claimed their system was not breached and that they had also taken ‘proper measures’ upon Bangladesh Bank’s request. The heist took place at the beginning of February, but it became public when the Philippine Daily Inquirer first reported the theft at the end of that month.
Later, investigations in the Philippines started to unearth new information, including that the NY Fed had received 35 fraudulent funds transfer instructions to move $1 billion from Bangladesh Bank’s account. Responding to four of those, they transferred $81 million to several accounts in Rizal Commercial Banking Corp (RCBC) of the Philippines and $46 million of that amount was then converted to local currencies and funneled to casinos.
With the rest of the funds somehow smuggled out, Filipino officials have given a 'very low chance' of recovering the $81 million.The fifth instruction was for sending $20 million to an account of a ‘fake NGO’ in Sri Lanka’s Pan Asia Banking Corporation. But the withdrawal request for that money was stopped when suspicion rose after a spelling error in the NGO’s name was detected.The then Bangladesh Bank governor Atiur Rahman had kept the government in the dark for almost a month. Amid the resultant criticism, he stepped down on Mar 15. The same day, the bank lodged a case over the heist with Motijheel police and the CID were immediately put on it.
According to the case details, central bank officials found out about the requests for funds transfer a day after the heist. Then an email was sent to the NY Fed on Feb 6 asking it to stop the transactions. But by then funds of $101 million had been already wire-transferred to the Philippines and Sri Lanka. Bangladesh Bank officials said the funds were sent to those countries through banking and financial services company Wells Fargo, the Bank of New York Mellon and Citibank of New York. They said these banks had not ‘followed protocol’ while executing the funds transfer request and the relevant authorities including the FBI, anti-money laundering and anti-corruption agencies in the US have been informed about that.
Bangladesh Bank says the NY Fed had sought approval for 30 payment instructions and further explanations on the five other requests. But the US bank wired the money via the three other banks to the Philippines and Sri Lanka before receiving any word from Bangladesh Bank.
The central bank later contacted the banks several times over the issue, but got no response. A Bangladesh Bank official said they were also taking counsel from a US lawyer to identify the four banks’ negligence in keeping the legal liabilities regarding wire transfers. Recommendations from that lawyer may also lead them to initiate a suit for compensation, the official said.15
C) In mid-August, Rapid Action Battalion (RAB) arrested two mobile phone repairmen, Sabuj and Madhu. They were found guilty of using their jobs to acquire personal information and content from various women.The two men would take these files from the mobile phones of women who brought them in for repair. They also accessed their IMO messenger apps and ran them in parallel on their own devices, reading personal messages. The duo used all this information to blackmail a number of women.
Cyber crime is on the rise, according to numbers from the Police Headquarters. Dhaka Metropolitan Police (DMP) Commissioner Asaduzzaman Mia, responding to a question from journalists at an event on cyber crime in August, said that cyber crime is a growing trend and has become a threat to public safety. The time has come to think of how this crime can be prevented, he added.“Needless to say, the ability to prevent cyber crime is not yet fully developed, but we are trying,” he said.
Some officials working on prevention of cyber crime say they face several administrative and structural problems. BTRC needs to have the necessary cooperation agreements with Facebook and Google authorities, they said. The officials have also asked the government to increase the number of technical equipment and trained manpower. Nazrul Islam, a special public prosecutor
(PP) of Cyber Crime Tribunal in Dhaka, told the Dhaka Tribune that not only with phones, there are also a growing number of cyber crimes committed via social media including Facebook. As a result, the number of cases is increasing in the tribunal.
Over 250 such cases are under investigation across the country. Meanwhile there are about 400 cases under trial in this tribunal. About 35% of cases have been settled through trial, PP Nazrul Islam said. More than 17,000 complaints were submitted to the ICT Division’s Cyber Help Desk in the two years that it was open, an official from the division said. Among those, 70% of the complainants were women. More than 60% of women had faced some form of harassment on Facebook. About 10% of the victims had very serious allegations. Their images were stolen, merged with pornographic images and then released on the internet.
Najmul Islam, additional deputy commissioner of Cyber Crime unit of CTTC told the Dhaka Tribune: “We get more complaints of Facebook or email account hacks and information theft via other means. In addition, there are complaints of false information and fake social media accounts and propaganda.”16
13 http://www.thedailystar.net/frontpage/government-decides-scrap-section-57-digital-security-act-2017-1498357 11
14 http://www.dhakatribune.com/bangladesh/law-rights/2018/01/29/digital-draft-cabinet-approval/ 12
15 https://bdnews24.com/economy/2016/03/24/bangladesh-bank-prepares-to-sue-ny-federal-reserve-bank-over-funds- heist
16 http://www.dhakatribune.com/bangladesh/crime/2017/09/21/women-biggest-victims-rising-cyber-crimes/ 14