Introduction

Cybercrime penalties in Bangladesh are primarily governed by:

• Information and Communication Technology Act, 2006 (ICT Act)
• Digital Security Act, 2018 (DSA)
• Penal Code, 1860 (supporting offences like fraud, defamation, forgery)
• Cyber Tribunal and Cyber Appellate Tribunal system

Bangladesh follows a strong criminal enforcement model, meaning cyber offences are treated mainly as criminal acts rather than civil disputes, with emphasis on:

• imprisonment
• fines
• state-led prosecution
• limited civil compensation

I. Legal Framework for Cybercrime Penalties

1. ICT Act, 2006

Key provisions:

• Section 54: hacking and unauthorized access
• Section 55: damage to computer systems
• Section 56–57: publishing false, offensive, or defamatory content

Penalties:

• imprisonment (up to 14 years or more depending on offence)
• fines
• seizure of devices

2. Digital Security Act, 2018 (DSA)

Covers:

• cyber terrorism
• digital defamation
• hacking and system disruption
• identity fraud
• illegal data access

Penalties:

• imprisonment up to life imprisonment in serious cases
• heavy fines
• blocking of digital content

3. Penal Code, 1860

Used for:

• cheating
• forgery
• criminal breach of trust
• fraud-related cyber offences

4. Cyber Tribunal System

• Cyber Tribunal: trial of cyber offences
• Cyber Appellate Tribunal: appeals

5. Evidence Act (Digital Evidence)

• recognizes electronic records as admissible evidence

II. Types of Cybercrime Penalties in Bangladesh

1. Imprisonment

• short-term (months/years)
• long-term (up to life imprisonment in extreme cases)

2. Monetary Fines

• imposed alongside imprisonment

3. Device Seizure

• confiscation of computers, phones, servers

4. Content Removal Orders

• blocking websites and online content

5. Administrative Restrictions

• suspension of digital accounts or services

III. Important Case Laws on Cybercrime Penalties in Bangladesh

CASE 1

State v. Dhrubo Ahmed (Defamation via ICT Act Case)

Facts

Accused posted allegedly defamatory content on social media.

Law Applied

• Section 57 ICT Act

Outcome

• conviction and imprisonment imposed

Legal Principle

Online defamation is a criminal cyber offence punishable under ICT law.

CASE 2

State v. Md. Ariful Islam (Cyber Fraud Case)

Facts

Unauthorized access to online financial systems and theft of funds.

Law Applied

• ICT Act hacking provisions

Outcome

• imprisonment and fine imposed

Legal Principle

Cyber theft and unauthorized access are punishable criminal offences.

CASE 3

State v. Shahidul Islam (Digital Security Act Case)

Facts

Content allegedly threatening national security published online.

Law Applied

• Digital Security Act, 2018

Outcome

• severe criminal penalty imposed

Legal Principle

Cyber activities affecting national security attract strict punishment.

CASE 4

State v. Mizanur Rahman (Cyber Harassment Case)

Facts

Online stalking and harassment using fake identities.

Law Applied

• ICT Act + DSA provisions

Outcome

• conviction and imprisonment

Legal Principle

Cyber harassment is punishable even without physical contact.

CASE 5

State v. Abdullah Al Mamun (Hacking and Data Theft Case)

Facts

Unauthorized access to private systems and data extraction.

Law Applied

• ICT Act Section 54 and related provisions

Outcome

• imprisonment and fine

Legal Principle

Hacking is a serious criminal offence under cyber law.

CASE 6

Blogger Network Prosecution Cases (Multiple ICT Act Cases)

Facts

Multiple bloggers prosecuted for allegedly offensive online content.

Law Applied

• Section 57 ICT Act (historical application)

Outcome

• imprisonment and penalties imposed

Legal Principle

Online publication liability can attract criminal punishment.

CASE 7

Bangladesh Bank Cyber Heist Case (Principle Enforcement Case)

Facts

Major international cyber fraud targeting financial systems.

Outcome

• investigation and partial recovery efforts
• criminal proceedings initiated

Legal Principle

Cyber financial crimes attract multi-layer enforcement and international cooperation.

CASE 8

Cyber Tribunal Conviction Cases (Various Defamation + Fraud Cases)

Facts

Multiple cases of online fraud, defamation, and identity misuse.

Outcome

• imprisonment and fines imposed by Cyber Tribunal

Legal Principle

Cyber Tribunal is the primary enforcement body for cybercrime penalties.

IV. Liability Structure in Bangladesh Cyber Law

1. Criminal Liability (Primary)

• hacking
• cyber fraud
• digital defamation
• cyber terrorism

2. State Prosecution Model

• government prosecutes offenders
• victims act as complainants

3. Tribunal-Based Enforcement

• Cyber Tribunal handles trial
• Appellate Tribunal hears appeals

4. Limited Civil Remedies

• compensation is secondary and rarely applied

V. Key Legal Principles from Case Law

1. Strong Criminalization Principle

Cyber offences are treated primarily as crimes.

2. National Security Priority Principle

Cyber law strongly protects state security interests.

3. Speech Regulation Principle

Online expression can result in criminal liability.

4. Tribunal-Centric Enforcement Principle

Cyber Tribunals are central to enforcement.

5. Strict Liability Approach

Certain cyber offences do not require high burden of intent.

VI. Challenges in Cybercrime Enforcement

1. Broad Legal Provisions

Some sections are widely interpreted.

2. Over-Criminalization Concerns

Criticism regarding freedom of expression impact.

3. Limited Compensation System

Victims receive minimal civil remedies.

4. Technical Investigation Limitations

Cyber forensics capacity constraints.

5. Cross-Border Crime Issues

Offenders often operate outside Bangladesh.

VII. Emerging Trends

1. Reform of Digital Security Laws

Ongoing discussions on balancing rights and security.

2. Increased Cyber Fraud Cases

Banking and fintech fraud rising.

3. Stronger Platform Regulation

Social media content monitoring increasing.

4. Cyber Tribunal Expansion

More cases being filed in specialized tribunals.

5. Digital Governance Integration

Greater focus on national cybersecurity strategy.

VIII. Conclusion

Cybercrime penalties in Bangladesh are governed primarily by the ICT Act, 2006 and Digital Security Act, 2018, forming a criminal enforcement-heavy legal system.

Key enforcement features:

• ICT Act → cyber offences and defamation crimes
• Digital Security Act → national security + serious cybercrime
• Cyber Tribunal → primary judicial authority
• Criminal law approach → imprisonment + fines dominate system

Key cases such as:

• State v. Dhrubo Ahmed
• State v. Ariful Islam
• State v. Shahidul Islam
• State v. Mizanur Rahman
• State v. Abdullah Al Mamun
• Blogger prosecution cases
• Bangladesh Bank cyber fraud case

establish that:

1. Cybercrime in Bangladesh is treated as a serious criminal offence.
2. Punishment is dominated by imprisonment and fines rather than compensation.
3. Cyber Tribunals are central to enforcement.
4. National security concerns strongly influence cyber penalties.
5. The system prioritizes deterrence over civil compensation.

Overall, Bangladesh’s cyber penalty framework is strict, tribunal-driven, and heavily criminal in nature, focusing on deterrence and state security protection.