Cyber Law at Nepal
Nepal's cyber law framework has evolved significantly to address the challenges posed by rapid digitalization. Here's an overview of the key regulations and developments:
🛡️ 1. Electronic Transactions Act (ETA) 2063 (2008)
The ETA is the cornerstone of Nepal's cyber law, governing electronic transactions and cybercrimes. Key provisions include:
Cyber Offenses:Criminalizes activities such as hacking, unauthorized access to computer systems, data theft, and cyber fraud.
Penalties:Imposes penalties including imprisonment (up to 3 years) and fines (up to NPR 200,000) for offenses like altering computer source code or unauthorized access to computer materials
Digital Evidence:Recognizes electronic records and digital signatures as legally valid, The ETA is complemented by other laws, including the Muluki Criminal Code 2017, the Copyright Act 2002, and the Individual Privacy Act 2018, which address various aspects of cyber law.
🔐 2. Cyber Security Bye-Law 2077 (2020)
Issued by the Nepal Telecommunications Authority (NTA), this Bye-Law mandates cybersecurity standards for telecom and internet service provider.Key requirements include:
Regular Security Audits Service providers must conduct internal and external security audits every three months and submit reports to the NT.
Incident Response Establishment of Security Operation Centers (SOCs) and Incident Response Teams (IRTs) to handle cyber threat.
Data Protection Implementation of measures to protect customer data and privacy.
Awareness Programs Conducting cybersecurity awareness programs for employees and user. These regulations aim to enhance the overall cybersecurity posture of Nepal's digital infrastructure.
🏛️ 3. Proposed Information Technology and Cyber Security Bill 2080 (2024)
In March 2024, the Ministry of Communication and Information Technology released a draft bill for public commens. Key provisions include:
*Licensing: Mandatory approval from the Department of Information Technology for entities providing IT servics.
*Data Centers and Cloud Services: Licensing requirements for operating data centers and cloud services, with annual renewas.
*Cybersecurity Services: Entities providing cybersecurity services must obtain a licence.
*Training and Research: Establishment of a national IT training center for research and skill development in emerging technologis.
The bill aims to regulate IT activities comprehensively and replace the earlier withdrawn 2019 draft.
🧑💻 4. Cyber Bureau and Reporting Mechanims
The Cyber Bureau of Nepal Police is the primary authority for investigating cybercrimes. Citizens can report cybercrimes to this bureau, which handles cases related to online fraud, harassment, and other digital offeses.
📌 Summary
Nepal has developed a robust legal and institutional framework to address cybercrimes, protect digital infrastructure, and regulate emerging technolges. The combination of the ETA, Cyber Security Bye-Law, and the proposed IT and Cyber Security Bill provides a comprehensive approach to digital governance and cybersecrity.
RELATED Blog
0 comments