The interim government's decision to repeal the Cyber Security Act (CSA) of 2023 signals a commendable commitment to civil liberties but raises critical concerns about the country's readiness to combat escalating cyber threats. Bangladesh now faces the dual challenge of protecting individual freedoms while ensuring robust defences against cybercrimes like hacking, cyberterrorism and data breaches.

THE COST OF A LEGAL VACUUM

Repealing the CSA without a well-structured replacement risks creating a dangerous gap in cybersecurity protections. The CSA, despite its flaws, contained provisions that criminalised hacking (Section 33) and cyberterrorism (Section 27), imposing severe penalties for technical offenses that pose significant risks to national security. Without these safeguards, critical digital infrastructures -- including financial systems, healthcare databases and national communications -- could be left vulnerable to exploitation by bad actors.

Cyberattacks are not theoretical risks. They are escalating globally, with hackers targeting vulnerabilities in both public and private sectors. In the absence of a clear legal framework, enforcement agencies may find themselves ill-equipped to respond to such threats, leaving Bangladesh exposed to financial and operational disruptions.

A MORE NUANCED APPROACH

One of the CSA's fundamental shortcomings was its attempt to regulate both technical and social cybercrimes under a single framework. Hacking, data breaches, and cyberterrorism require precision-focused laws grounded in technical expertise and aligned with global best practices. Social offenses, such as defamation or misinformation, demand a different legal approach that balances accountability with freedom of expression.

Separating these categories into distinct legal frameworks would ensure more effective enforcement and reduce the risk of arbitrary interpretations that could infringe on civil liberties.

BRIDGING THE GAP: RECOMMEDATIONS

To safeguard its digital future, Bangladesh must act swiftly to introduce a comprehensive legal framework that addresses both the security vacuum and risks of misuse.

Key recommendations include:

A two-tiered legal framework: Separate laws should address technical offenses like hacking and social infractions like cyberbullying. This distinction would enable specialised enforcement and reduce overreach.

Judicial oversight: Broad enforcement powers, such as warrantless arrests, must be curtailed and subject to judicial review to ensure checks and balances.

Stakeholder consultation: Drafting new laws must involve input from civil society, journalists, legal experts, and cybersecurity professionals. This inclusive approach will enhance legitimacy and practicality.

Proportionate penalties: Non-bailable offenses should be limited to high-risk technical crimes, with alternatives such as restricted digital access explored for lower-risk cases.

Ongoing review and adaptation: A dedicated body should monitor the implementation of new laws, ensuring they evolve in response to emerging threats and global developments in cybersecurity.

SECURING THE PATH FORWARD

The repeal of the CSA presents Bangladesh with an opportunity to rethink its approach to cybersecurity. However, the absence of immediate and effective alternatives could undermine national security and public trust in digital systems. Policymakers must act decisively to fill this gap, striking a careful balance between safeguarding freedoms and protecting against cyberthreats.

In an increasingly digital world, Bangladesh cannot afford to leave its digital realm undefended. The moment demands a thoughtful, rights-sensitive, and technically robust framework -- one that protects the nation's digital infrastructure while preserving the liberties that define its democracy.

The writer is a policy advocacy consultant