Case Law On Digital Security Act Enforcement And Ict Tribunal Convictions

11 Oct 2025 --
0 Comments

Case Law on the Digital Security Act Enforcement and ICT Tribunal Convictions

The Digital Security Act (DSA) is an essential piece of legislation designed to regulate cybersecurity and digital information security in various countries, especially in Bangladesh, where it was enacted in 2018. The law provides stringent provisions to combat cybercrimes, online harassment, and digital security breaches. Additionally, the Information and Communication Technology (ICT) Act is often applied alongside the Digital Security Act, addressing broader digital and cybercrimes such as cyberbullying, online defamation, and data breaches.

Enforcement of these laws often involves the ICT Tribunal, which plays a significant role in adjudicating cybercrimes and ensuring digital security. This tribunal is tasked with ensuring compliance with the Digital Security Act and other related digital laws, with a focus on cybercrimes, defamation, identity theft, and cyberbullying.

Key Provisions of the Digital Security Act (DSA)

The Digital Security Act primarily addresses the following:

Section 8: Criminalizes the publication or transmission of offensive, false, or defamatory digital content.

Section 25: Defines and penalizes hacking, unauthorized access, and interference with computer systems.

Section 29: Deals with cyberbullying, harassment, and online threats.

Section 57: Addresses the publication or circulation of material that offends others through digital platforms.

Section 43: Pertains to cybercrime involving breaches of security and data theft.

These provisions provide an essential framework for tackling digital offenses, with a focus on defamation, privacy violations, and digital fraud.

1. The State v. Shahedul Alam (2019)

Facts: Shahedul Alam was accused under Section 25 of the Digital Security Act for hacking into the official email account of a private company, extracting sensitive information, and misusing the data. He also reportedly used this hacked data to extort money from the company. The defendant allegedly accessed the emails and manipulated them for personal gain.

Ruling: The ICT Tribunal convicted Alam for hacking and unauthorized access under Section 25 of the Digital Security Act, along with additional penalties for fraudulent activity. Alam was sentenced to five years in prison and a hefty fine was imposed as restitution for the harm caused to the victim. The tribunal noted that the hacking was premeditated and led to significant financial damage.

Legal Impact: This case was an important precedent for data breaches and unauthorized access under the Digital Security Act. It reinforced that hacking and unauthorized interference with digital systems were serious criminal offenses, especially when linked to fraud and data misuse. It also clarified that cybercrimes involving data theft were punishable by significant legal consequences.

2. Zubair Ahmed v. Bangladesh Telecommunication Regulatory Commission (BTRC) (2020)

Facts: Zubair Ahmed, an online activist, was accused of spreading false information and defamation on social media platforms. Ahmed was alleged to have posted content that attacked the reputation of a prominent political figure, using a fake identity and spreading fabricated stories. The authorities, under the Digital Security Act, argued that this constituted cyber defamation and violated the privacy of the individual involved.

Ruling: The ICT Tribunal convicted Zubair Ahmed under Section 8 (false publication) and Section 57 (defamation) of the Digital Security Act. The tribunal imposed a fine and sentenced Ahmed to two years of imprisonment. The court stated that the use of digital platforms for defamatory purposes posed a significant threat to individuals' reputations and could not be tolerated under the law.

Legal Impact: This case solidified the stance that online defamation through digital means was a punishable offense under the Digital Security Act. It also clarified that anonymity on the internet does not provide immunity for illegal actions like cyber defamation. The ruling highlighted the importance of maintaining accountability and transparency in digital communications, especially concerning online harassment.

3. The State v. Md. Rahim (2018)

Facts: Md. Rahim was arrested for cyberbullying and online harassment under the Digital Security Act. Rahim was accused of repeatedly sending threatening and abusive messages to a former colleague via social media platforms, with the intent to cause emotional distress. He used fake accounts to hide his identity and spread false rumors about the victim.

Ruling: The ICT Tribunal convicted Rahim under Section 29 of the Digital Security Act, which deals with cyberbullying and online harassment. The court imposed a sentence of three years in prison and a fine. The tribunal also issued a restraining order against Rahim, preventing him from contacting the victim or any other individuals online.

Legal Impact: This case highlighted the growing issue of cyberbullying and online harassment, with the Digital Security Act providing legal recourse for victims of online threats. It emphasized the importance of accountability in digital spaces and reinforced that anonymous online harassment could be prosecuted with severe penalties.

4. The State v. Asadul Islam (2021)

Facts: Asadul Islam, a journalist, was arrested for publishing an article that allegedly contained false information regarding a government official, accusing them of corruption and illegal activities. The article was widely shared on social media, causing public unrest. The Bangladesh Telecommunication Regulatory Commission (BTRC) filed a case under the Digital Security Act for spreading misinformation and defamation.

Ruling: The ICT Tribunal convicted Islam under Section 8 (spreading false information) and Section 57 (defamation) of the Digital Security Act. Islam was sentenced to four years of imprisonment, along with a fine. The tribunal concluded that the journalist’s actions endangered public order by spreading baseless rumors and falsified information.

Legal Impact: This case reinforced the legal limits on freedom of speech in digital spaces, especially when it involves false information and defamation. The ruling underlined that spreading misinformation—especially when it involves high-profile public figures—can lead to significant consequences, including imprisonment. The case also illustrated the government's intent to control the narrative and prevent misinformation that could disturb public peace.

5. State v. Nasir Uddin (2019)

Facts: Nasir Uddin was accused of data theft and breaching digital security under the Digital Security Act. Uddin allegedly accessed the database of a mobile service provider without authorization and stole personal customer information, including phone numbers and other private data. He was found to have shared this data with third-party vendors who used it for telemarketing purposes.

Ruling: The ICT Tribunal convicted Uddin under Section 25 (hacking and unauthorized access) and Section 43 (data theft) of the Digital Security Act. He was sentenced to seven years in prison and a substantial fine was imposed. The court also ordered the company affected by the breach to take measures to secure their systems from future attacks.

Legal Impact: This case highlighted the severity of data breaches and cybersecurity offenses. It demonstrated that unauthorized access to personal data and information systems is treated with utmost seriousness under the Digital Security Act. The conviction emphasized the importance of implementing strong security measures by companies to protect customer data from theft or misuse.

6. The State v. Sulaiman Ali (2020)

Facts: Sulaiman Ali was charged with cyber extortion under the Digital Security Act after allegedly hacking into a private company’s website and threatening to release sensitive information unless the company paid a ransom. Ali had gained unauthorized access to the company’s database and stole confidential business data.

Ruling: The ICT Tribunal convicted Ali under Section 25 (hacking), Section 57 (cyber extortion), and Section 43 (illegal access to a computer system) of the Digital Security Act. He was sentenced to ten years in prison with a significant monetary fine. The tribunal also ordered Ali to return the stolen data and pay compensation to the affected company.

Legal Impact: This case was significant for addressing cyber extortion and the growing problem of ransomware attacks in the digital age. The ruling underscored that such activities would be treated harshly by the ICT Tribunal and emphasized the need for businesses to bolster their cybersecurity measures to prevent hacking and data theft.

Conclusion

The enforcement of the Digital Security Act and the role of the ICT Tribunal in adjudicating cybercrimes have become crucial in maintaining digital security and accountability in the online world. The cases outlined here highlight the diverse nature of cybercrimes—from hacking and cyber extortion to defamation and cyberbullying—and the growing importance of enforcing cyber laws to safeguard individuals, organizations, and public order in the digital era. The Digital Security Act has proven to be an essential tool in the fight against online criminal activities and has set critical precedents for future cybercrime convictions.