Digital Risk Management Frameworks in BANGLADESH

1. Concept of Digital Risk Management Framework in Bangladesh

A Digital Risk Management (DRM) Framework refers to the structured system of laws, policies, institutions, and technical controls used to:

  • Identify cyber risks (hacking, data breach, misinformation)
  • Assess and mitigate digital threats
  • Ensure legal accountability
  • Protect critical information infrastructure
  • Maintain digital trust and cybersecurity governance

In Bangladesh, DRM is law-driven and institution-based, primarily shaped by cyber laws and regulatory bodies rather than a single unified cybersecurity statute.

2. Core Legal Framework of Digital Risk Management in Bangladesh

(A) ICT Act 2006

  • First comprehensive cyber law
  • Addresses hacking, fraud, identity theft, online defamation
  • Established Cyber Tribunal system
  • Provides investigative powers to law enforcement 

(B) Digital Security Act 2018 (DSA)

  • Expanded cybercrime control mechanisms
  • Introduced strict provisions on online content regulation
  • Created Digital Security Agency and forensic units
  • Used extensively for cybercrime prosecution 

(C) Cyber Security Act 2023

  • Replaced DSA 2018 (modernized framework)
  • Focus on critical infrastructure protection and incident response
  • Strengthened national cyber governance structure 

(D) Supporting Legal Instruments

  • Penal Code 1860 (fraud, defamation)
  • Evidence Act 1872 (digital evidence admissibility)
  • Telecommunication Act 2001
  • Draft Data Protection laws (emerging framework)

3. Institutional DRM Framework in Bangladesh

Key Institutions

1. Digital Security Agency

  • Central authority for cyber risk monitoring

2. Bangladesh Computer Emergency Response Team (BD-CERT)

  • Incident response & threat mitigation

3. Cyber Tribunal & Cyber Appellate Tribunal

  • Specialized courts for cyber offences

4. Bangladesh Telecommunication Regulatory Commission (BTRC)

  • Regulates telecom and online platforms

5. Police Cyber Crime Units

  • Investigation and enforcement

These institutions form a multi-layered cyber risk governance system combining legal + technical + enforcement controls.

4. Structure of Digital Risk Management Framework

(A) Preventive Layer

  • Cyber awareness programs
  • ICT compliance requirements
  • Platform monitoring (social media, telecom)

(B) Detective Layer

  • Cyber surveillance systems
  • Real-time monitoring (CERT)
  • Threat intelligence sharing

(C) Corrective Layer

  • Cyber tribunals
  • Law enforcement action
  • Digital forensic investigations

(D) Strategic Governance Layer

  • National cyber policies
  • Digital Bangladesh agenda
  • Emerging data protection regime

5. Case Laws in Bangladesh Cyber Risk Management (6+ Important Cases)

Below are key cyber law case examples that shaped DRM practice in Bangladesh:

Case 1: Blogger Avijit Roy Murder & Online Extremism Case (ICT Act application context)

  • Online radicalization content was investigated under ICT laws
  • Highlighted risk of digital extremist propaganda
  • Showed government focus on content-based cyber risk control

DRM relevance: Online content monitoring and counter-extremism enforcement

Case 2: Photojournalist Shahidul Alam Case (2018)

  • Arrested under ICT Act for online commentary
  • Raised issues of digital speech risk vs state security

DRM relevance: Expansion of surveillance and content-based risk governance

Case 3: Rashed Khan Menon Facebook Case

  • Prosecution under cyber provisions for online statements
  • Demonstrated use of ICT/DSA for political digital risk control

DRM relevance: Political speech monitoring framework

Case 4: Nurul Haque Nur Cyber Defamation Case

  • Allegations of defamatory online content
  • Investigated under cyber laws

DRM relevance: Digital reputation risk management via legal enforcement

Case 5: Blogger and Activist Arifur Rahman Case

  • Charged for online cartoon/content deemed offensive
  • Triggered debate on algorithmic + legal content risk control

DRM relevance: Content moderation + cultural sensitivity enforcement

Case 6: Journalist Shafiqul Islam Kajol Case (2020)

  • Disappeared and later charged under DSA for online content
  • Involved cyber tracking and digital evidence collection

DRM relevance: Digital surveillance + forensic cyber risk response

Case 7: “Facebook Rumor Violence Cases” (Multiple incidents)

  • Several mob violence incidents triggered by online misinformation
  • Investigated under ICT/DSA provisions

DRM relevance: Misinformation risk management and platform accountability

6. Key Features of Bangladesh DRM Framework

Strengths

  • Strong legal enforcement structure
  • Specialized cyber tribunals
  • National CERT system
  • Centralized digital governance

Weaknesses

  • Overlapping legal provisions
  • Concerns over freedom of expression
  • Limited data protection enforcement
  • Institutional capacity gaps in cybersecurity response

7. Overall Evaluation

The Digital Risk Management Framework in Bangladesh is:

A hybrid legal-technological governance system combining strict cybercrime laws, centralized enforcement institutions, and evolving data protection mechanisms.

However, its effectiveness is often debated due to:

  • Heavy reliance on punitive cyber laws
  • Limited preventive cybersecurity maturity
  • Institutional overlap and political sensitivity in enforcement

RELATED Blog

Cyber Law and Fake News during COVID-19

Using Cyberspace To Vent Out Anger By Travestying ...

Internet Censorship

Reasonable security practices and procedures and s...

Cyber Fraud in Banking industry

Supreme Court Upholds Right to Internet as a Funda...

Supreme Court Issues Landmark Guidelines on Live S...

European Union Introduces Tougher Data Privacy Law...

United States Supreme Court to Decide on Whether A...

Cyber Law at Afghanistan

LEAVE A COMMENT

comments

Load more comments

Copyright © 2024 Law Gratis. Design by Digiinterface