Whilst reviewing the Cyber Security Law of 2023, we should first analyse the Digital Security Act (DSA) of 2018. Since its inception, the DSA has faced widespread criticism for being used as a tool to suppress freedom of speech, expression, press, and human rights. Critics argued that the law failed to ensure effective online safety, safeguard critical national infrastructure (CNI), or protect personal data and fundamental rights. The vague definitions of crimes and broad scope for interpretation within the DSA led to the targeted criminalisation of free speech, causing immense suffering for individuals. This, in turn, fostered an atmosphere of fear, self-censorship, and insecurity, particularly among the media, academia, researchers, and civil society organisations. In reaction to growing criticisms, the then Awami League government replaced the DSA with a new piece of legislation – the Cyber Security Act 2023 (CSA). However, the pressing question is: does the CSA truly surpass its problematic predecessor?

In fact, the CSA is largely an updated version of the DSA with only minor modifications. Some of these changes include the removal of penalties for second-time offences in certain sections, while others only reduce prison sentences or increase fines in specific cases. With these rather trivial changes, in most cases, the contents of the two laws are identical, meaning that the CSA essentially presents a rebranded version of the DSA with minimal substantive differences—akin to the idea of 'old wine in new bottles.'

The DSA faced extensive criticism, particularly for restricting the freedoms of thought, conscience, speech, expression, and the press, as recognised in Article 39 of Bangladesh's Constitution and Article 19 of the International Covenant on Civil and Political Rights (ICCPR), to which Bangladesh is party. Hence, the UN Office of the High Commissioner for Human Rights (OHCHR), the United Nations Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, the Editor's Council of Bangladesh, Transparency International Bangladesh (TIB), Amnesty International, and European diplomats have repeatedly called for the repeal or substantial amendment of several sections of the DSA. These include sections 8, 21, 25, 28, 29, 31, 32, 43, and 53.

Since the CSA appears to continue the repressive nature of its predecessor, retaining almost all its provisions with only minor changes, organisations such as Amnesty International, the Bangladesh Association of Software and Information Services (BASIS), the Forum for Freedom of Expression Bangladesh (FExB), along with individual writers have recently called for its repeal.

Under Chapter VII, sections 39-54 of the DSA (aligned with sections 38-53 of the CSA), which share similar headings, subheadings, and content, the DSA granted extensive powers to law enforcement agencies. Moreover, the previous regime used the DSA as a tool for intimidation, with many cases being filed by its party activists under this law. Consequently, the DSA came to be widely regarded as a 'draconian' law, significantly affecting the lives of numerous individuals.

Arguably, by retaining most of the notorious provisions of the DSA, the CSA is also viewed as a similarly draconian law. In light of the aforementioned contexts, we advocate either the repeal or substantial amendment of the problematic sections of the CSA. If the interim government chooses to amend the Cyber Security Act 2023 (CSA) as promised by the current Advisor to the Ministry of Posts, Telecommunications, and Information Technology, we call for its comprehensive review involving legal experts, human rights groups, journalists, and other stakeholders. The interim government should also consider the following recommendations:

To combat cybercrime effectively without suppressing freedom of speech, expression, press, and human rights, the CSA should focus exclusively on addressing cybercrimes and avoid encompassing broader content-related offences. Clear and precise definitions for key terms and offences should be included in the enactment to avoid misinterpretation and misuse.

The classification of bailable and non-bailable offences should also be reevaluated to ensure individuals are not subjected to prolonged pre-trial detention for non-violent offences. While addressing cybercrime is critical, the CSA's punishments should be proportionate and not excessively punitive. The law should emphasise rehabilitation and deterrence rather than solely focusing on retributive measures.

Above all, the CSA should be revised to align with international human rights standards, ensuring that Bangladesh's legal framework remains coherent with global norms and conventions. Implementing public awareness campaigns, strengthening the independence of the judiciary, and establishing a mechanism for periodic reviews are also essential to ensure the effectiveness and fairness of the CSA. Most importantly, systems for government accountability and oversight in enforcing the CSA should be established to prevent its misuse for political purposes.

The writer is Assistant Professor, School of Law, Independent University, Bangladesh (IUB).