CYBER CRIMES: A threat that must be countered
The cyber world might be at its peak today but it's not necessary danger-free. There are thieves, robbers, killers, cheats, and thugs in this world. This is where cyber security comes into the picture. Cyber security means keeping the cyber world free from all sorts of incidents that hinder the free and fair use of the internet .
Bangladesh has achieved some progress in creating a cyber-friendly atmosphere by adopting a number of initiatives. We have the ICT Act 2006 along with its subsequent amendments. The law provides law-enforcing agencies the authority to investigate an offence and bring the offender to book under a special court of law known as the Cyber Tribunal. This law has given concerned authority ample power - for the sake of quick action - to arrest the offenders and seize, confiscate or otherwise dispose the properties involved in these crimes. The Act has created an office of the Controller of Certifying Authorities (CCA) with a view to promoting e-commerce through extensive use of electronic signature properly certified by licenced authorities.
The Bangladesh Telecommunication Act 2001 has created a powerful
regulatory authority in the telecommunication sector and section 53 of the Act gives the sector ample power to intercept the communication system to stop any sort of unwanted cyber incidents with the use of telecommunication tools in the country.
The ICT Division has introduced a number of projects in which awareness building activities are being undertaken for the prevention of cyber crime. The Division has promulgated two guidelines which are helpful for cyber crime control. These are the Information Security Guidelines 2014 and the National Cyber Security Strategy of Bangladesh 2014. With the financial support of a project under the ICT Division, the national data centre located at the BCC Building has been upgraded with necessary tools for proper storage and monitoring of data.
The above mentioned initiatives have made a positive impact on the cyber crime control and management system in our country. Still there are some areas that need further attention. For example, we may speak of establishing a coordinating organisation like the Computer Emergency Response Team-India, CERT-UK or CERT Australia. All computer- related crimes and incidents are addressed by these organisations. In Bangladesh, cyber crimes are referred to BTRC or the CCA. These might not be the appropriate organisations to deal with the matter. If CERT or CIRT (Computer Incident Response Team) is in place effectively, issues can be better coordinated while proper advice can be given to individuals or organisations that fall victim to cyber crimes. CERT or CIRTs have expert representatives of different stakeholders who are actually concerned with computer-related felonies and the prevention of such crimes.
The IT Act was promulgated in India in 2000 and was amended in 2008 to introduce, inter-alia, CERT-India. In Bangladesh, the CCA is still in-charge of handling cyber crime cases. Actually, a single office without any help from a team of experts working in this sector is not sufficient to handle the issue. It is reported that the ICT Division is planning to introduce a new law named the Cyber Security Law .We know that the enactment of a separate law takes a long time and there is every possibility of introducing conflicting provisions when the subject matter is identical. Thus, it is safer and more convenient for us to follow the Indian IT Act amendment procedures and establish Cyber Security Councils and/or CERTs by adding a chapter to the existing ICT Act.
The CID is responsible for dealing with cyber crime incidents. Cyber crime is one among many routine duties of this unit. If there were a separate cyber crime unit within the Bangladesh Police, it could be provided with specialised training; furthermore this unit could be equipped with the latest technological tools.
There should be a department or authoritative body that will have regulatory overseeing power which can safeguard personal and sensitive data. This authority may issue guidelines and call for any data or file created and preserved in a company or any other entity in the course of its communication with a data-subject or client to ensure that these are not subject to theft or revealed. In this way, we can ensure that cyber crimes are snipped at the bud.
The writer is former Joint Secretary, ICT Division.