Authored By: MD Mehedi Hasan
University of Asia Pacific
Abstract
The ICT Act of 2006, the Digital Security Act of 2018, the Cyber Security Ordinance of 2025, and the Bangladesh Telecommunication Regulatory Act of 2001 (BTRA) are the main subjects of this article’s critical analysis of how Bangladesh’s cyber laws affect human rights. These laws’ ambiguous language, broad authority, and absence of judicial monitoring have allowed for arbitrary surveillance, censorship, and limitations on freedom of speech, privacy, and information access, despite their stated goal of preventing cybercrime, digital fraud, and online extremism. The study draws attention to systemic dangers of abuse and impunity by examining key provisions, court rulings, and constitutional protections specifically, Articles 32, 33, 39, 41, and 43 as well as international norms like the UDHR and ICCPR. The study highlights the conflict between individual rights and state security goals, showing how ill-defined cyber legislation may erode public confidence and democracy. It ends with specific proposals for ensuring accountability, protecting digital liberties, and bringing cyber laws into line with constitutional protections.
Introduction
In Bangladesh, the quick development of digital technology has changed civic engagement, communication, and information availability. The government has passed several legislations, such as the Bangladesh Telecommunication Regulatory Act, 2001 (BTRA)[1], the Digital Security Act, 2018[2], the Cyber Security Ordinance, 2025[3], and the ICT Act, 2006[4], to control online activity and combat cybercrime, online extremism, and digital fraud. Although the goal of these laws is to maintain public order and cybersecurity, their ambiguous language and extensive enforcement authority frequently jeopardize basic rights. In addition to being protected by international agreements like the UDHR and ICCPR, citizens’ constitutional rights include freedom of expression (Article 39), freedom of religion (Article 41), privacy of communication (Article 43), and protection from arbitrary arrest (Articles 32 and 33)[5]. However, civil freedoms have been undermined by censorship, monitoring, and harassment brought on by unclear legislative language, a lack of judicial scrutiny, and unbridled governmental power. This essay highlights the conflict between constitutional safeguards and state security, critically analyzes Bangladesh’s cyber laws and their effects on human rights, and suggests a framework for preserving basic liberties in the digital age.
Research Methodology
Using a qualitative and analytical methodology, this study looks at how Bangladeshi cyber laws and human rights relate to one another by merging primary and secondary data.
Online questionnaires and conversations with government representatives, cybersecurity specialists, and legal experts were used to gather primary data. These exchanges aided in identifying the gaps in understanding and enforcement, as well as the real-world difficulties in putting cyber laws into practice.
The ICT Act of 2006, the Digital Security Act of 2018, the Cyber Security Ordinance of 2025, and the Bangladesh Telecommunication Regulatory Act of 2001 were among the pertinent national and international legislative documents from which secondary data was gathered. To evaluate adherence to international norms, important international human rights documents such as the Universal Declaration of Human Rights (UDHR) and the International Covenant on Civil and Political Rights (ICCPR) were also reviewed.
A thorough grasp of how Bangladesh’s cyber laws conform to both international human rights commitments and constitutional protections was made possible by this mixed-method approach.
Conceptual Framework: Cyber Law and Human Rights
To prevent cybercrime, digital fraud, and online extremism, cyber law regulates the use of digital technology, online communications, and electronic conduct. These actions are governed in Bangladesh by legislation such as the Bangladesh Telecommunication Regulatory Act, 2001 (BTRA), the Digital Security Act, 2018, the Cyber Security Ordinance, 2025, and the ICT Act, 2006. Although they are meant to maintain public order and cybersecurity, their use has significant consequences for basic rights. The Bangladeshi Constitution (Articles 32, 33, 39, 41, 43) and international agreements like the UDHR and ICCPR safeguard human rights in the digital sphere, including freedom of speech, privacy, and information access. These liberties may be violated by unreasonable, ambiguous, or unmonitored cyber legislation[6]. This paradigm emphasizes the necessity of striking a balance between governmental control and the defense of human rights. Principles of legality, need, proportionality, and openness should drive the formulation and implementation of cyber legislation to ensure that cybersecurity measures do not undermine citizens’ constitutional rights or democratic participation[7].
Major Cyber Laws in Bangladesh and Human Rights Implications
ICT Act, 2006.
Several clauses of the Information and Communication Technology (ICT) Act of 2006 are in opposition to both international human rights norms and constitutional obligations. One of the most contentious is Section 57, which makes it illegal to post anything online that is deemed to be false, pornographic, or libelous, or that undermines law and order. Because there are no precise definitions in this provision, law enforcement officials have a lot of latitude in deciding what is hurtful or untrue[8]. The freedom of expression guaranteed by Article 39 of the Constitution and Article 19 of the ICCPR has been widely violated as a result of this, targeting journalists, students, and human rights advocates.
Sections 54 and 55 provide law enforcement with the authority to confiscate digital devices on the basis of mere suspicion and to make arrests without a warrant. While Section 55 enables the search and seizure of computers or data without previous judicial authority, Section 54 permits the arrest of anybody accused of violating the Act. These clauses contravene Article 9 of the ICCPR, which forbids arbitrary detention, and undercut Articles 32 and 33 of the Constitution, which safeguard due process and individual liberty. In reality, these authorities have been employed to terrorize residents, journalists, and activists, stifling free speech online[9]. Additionally, they restrict freedom of expression indirectly by violating privacy-protecting Articles 17 of the ICCPR and 43 of the Constitution.
Government personnel who operate “in good faith” under the operation are legally protected under Section 46. Although it is intended to stop baseless complaints, it essentially gives authorities unbridled authority by enabling them to operate without fear of repercussions, even when they violate citizens’ rights[10]. This clause undermines the rule of law, erodes public confidence in justice, and denies victims any real legal redress by violating the right to an effective remedy guaranteed by Article 8 of the UDHR and Article 2(3) of the ICCPR.
Digital Security Act, 2018 (DSA).
Although it was passed in 2018 to combat cybercrime and online extremism, the Digital Security Act (DSA) has drawn considerable criticism for being perceived as a tool of governmental control. Publishing or disseminating digital information that might undermine religious principles or incite animosity, hate, or enmity is illegal under Section 21. The ambiguous language gives authorities undue latitude and permits the repression of opposing viewpoints. This is against both Article 19 of the ICCPR and Articles 39(1) and (2) of the Constitution[11]. Additionally, it may have an indirect impact on the Constitution’s protection of religious freedom under Article 41(1)(a). Publishing or disseminating inaccurate or offensive content with the intent to offend or irritate others is illegal under Section 25. Since there is no precise definition of what constitutes false or objectionable under the law, even innocuous or true content might be arbitrarily arrested[12]. This is against Article 19(2) of the ICCPR, which states that any speech limitation must be essential, proportionate, and clearly defined; Article 39 on freedom of expression; and Article 31 of the Constitution, which ensures legal certainty.
Section 29 makes digital defamation illegal, while Section 28 targets content that might offend religious feelings. Because of their ambiguous wording, these clauses have been used against authors, journalists, and whistleblowers, compromising accountability and freedom of speech (Articles 39 and 19 ICCPR)[13]. Sections 42 and 43 provide authorities the authority to make arrests without a warrant based only on suspicion and to confiscate computers, servers, or data. The Constitution’s Article 43, the ICCPR’s Article 17 (privacy), Articles 32 and 33 (personal liberty), and Article 9 (protection against arbitrary imprisonment) are all violated by these. Officials may effectively monitor, arrest, or harass anybody at will, which erodes the rule of law and judicial scrutiny and fosters fear[14].
Cyber Security Ordinance, 2025.
The DSA, 2018, was replaced by the Cyber Security Ordinance, 2025, which modernized digital legislation. It still has many of the same fundamental problems in spite of its reformative objectives. Content that is judged to be detrimental to public order, religious harmony, or national security may be blocked or removed by authorities under Section 8. The ambiguous wording permits arbitrary interpretation, so as to justify the suppression of critical news or dissent. The authority to monitor, intercept, and control communications deemed to be fraudulent, deceptive, or endangering social peace is increased by Sections 25 and 26. Without judicial oversight, surveillance becomes an instrument of control, undermining democratic values of accountability, openness, and the rule of law as well as individual freedom. For the purpose of investigating cybercrimes or ensuring national security, Section 35 permits the interception, monitoring, and recording of internet communications. This clause allows for warrantless access to private information and conversations, which can be monitored by third parties, without any court oversight, procedural protections, or set boundaries. It undermines the constitutional balance between individual freedom and state power by giving the administration unbridled power.
Bangladesh Telecommunication Regulatory Act, 2001.
To control telecom services and preserve fair competition, the Bangladesh Telecommunication Regulatory Act, 2001 (BTRA) was passed. However, there are significant human rights concerns since Sections 97 and 55 have been used to monitor communications, regulate content, and limit access without court scrutiny[15]. Section 97 permits the monitoring, recording, or interception of communications for the sake of public order, national security, or crime prevention. Without court authority or clear boundaries, it provides the executive with uncontrolled surveillance capabilities, changing networks into tools of state control and compromising private rights under Article 43 of the Constitution and Article 17 of the ICCPR. Because open communication is discouraged by fear of surveillance, it also subtly inhibits freedom of speech under Article 39 of the Constitution and Article 19 of the ICCPR.
If actions are judged to be against the public interest or national security, the Bangladesh Telecommunication Regulatory Commission (BTRC) may suspend or cancel telecom licenses in accordance with Section 55. Because of its ambiguous wording, authorities have wide latitude to interfere with communication networks, especially during demonstrations or other turmoil, which restricts access to information and silences opposition. This is against international standards that acknowledge internet access as fundamental to human rights, as well as Article 39 of the Constitution and Article 19(2) of the ICCPR. Sections 97 and 55 together show a structural disparity between individual rights and state security authority[16]. The Act undermines constitutional safeguards and democratic participation by legitimizing intervention and limitation under the pretense of security without judicial review, transparency, or independent monitoring.
Analysis of Human Rights Violations
Right to Freedom of Expression
According to Dr. Noor-E-Medina Suraiya Jesmin, Assistant Professor and Coordinator of the LL.M (General) Program at the University of Asia Pacific (UAP)[17], Freedom of expression is severely restricted under Bangladesh’s cyber regulations, which include the ICT Act of 2006, the Digital Security Act of 2018, the Cyber Security Ordinance of 2025, and the BTRA. Online content that uses ambiguous phrases like false, offensive, hostile, or destructive to public order is illegal under Sections 57 (ICT Act), 21 and 25 (DSA), and 8-25-26 (Cyber Security Ordinance). Because there are no clear boundaries, authorities have a lot of latitude, which allows them to stifle dissent, criticize government policies, or even have civil discussions on religion. These actions go against both Article 19 of the ICCPR, which safeguards the right to seek, receive, and disseminate information, and Article 39 of the Constitution, which ensures freedom of thought and expression. In reality, these clauses stifle democratic speech by forcing journalists, activists, and regular people to self-censor to avoid legal repercussions.
Right to Privacy
According to Mr. Md. Asaduzzaman, Associate Professor and Head of the Department of Law and Human Rights at the University of Asia Pacific (UAP)[18] These restrictions seriously jeopardize privacy, which is closely related to expression. Without a judge’s approval, authorities can monitor, intercept, and seize communications under Sections 42 and 43 of the DSA, Section 35 of the Cyber Security Ordinance, and Section 97 of the BTRA. This gives access to private information, including texts, conversations, emails, and other correspondence, frequently based just on suspicion. These actions are against both Article 17 of the ICCPR, which forbids willful or illegal interference with privacy, and Article 43 of the Constitution, which safeguards the private of communication. By undermining public confidence in digital platforms, professional secrecy, and private communication, the absence of judicial scrutiny and procedural protections essentially normalizes warrantless monitoring.
Arbitrary Arrest and Detention
According to Dr. Noor-E-Medina Suraiya Jesmin, Assistant Professor and Coordinator of the LL.M (General) Program at the University of Asia Pacific (UAP)[19], Sections 43 of the DSA, Sections 54 and 55 of the ICT Act, and comparable clauses in the Cyber Security Ordinance permit police to search locations and make arrests without a warrant, frequently based on speculative assumptions. These authorities violate Article 9 of the ICCPR, which forbids arbitrary detention, as well as Articles 32 and 33 of the Constitution, which protect due process and individual liberty. In practice, these clauses provide authorities the freedom to target journalists, activists, and regular people as they see fit, stifling dissent, instilling fear, and undermining judicial supervision.
Impunity of State Officials
Md. Saleh Akram, Assistant Professor & Coordinator, LLM (General) Program, University of Asia Pacific[20], Officials who operate in good faith are protected under Section 46 of the ICT Operate, which essentially exempts them from responsibility. This protection is extended to other state agents by the DSA and BTRA’s broad enforcement powers, which permit the arbitrary use of power. According to Article 8 of the UDHR and Article 2(3) of the ICCPR, victims have limited recourse against rights abuses because of these restrictions, which undermine their right to an effective remedy. The culture of impunity that results weakens the rule of law, erodes public confidence in the legal system, and promotes abuse of authority.
Restriction on Access to Information
According to Mr. Md. Asaduzzaman, Associate Professor and Head of the Department of Law and Human Rights at the University of Asia Pacific (UAP)[21]Authorities are empowered to terminate telecom licenses, ban websites, or restrict internet access under Sections 55 of the BTRA, Section 8 of the Cyber Security Ordinance, and certain DSA provisions. In violation of Article 39 of the Constitution, Article 19(2) of the ICCPR, and international standards that acknowledge internet access as a fundamental human right, these actions severely restrict individuals’ access to information, especially during protests or political upheaval. Discretionary use of these authorities frequently undermines democratic involvement and accountability by stifling criticism, limiting civic engagement, and controlling public debate.
Judicial Practice in Cyber Law Cases in Bangladesh
1.Shahidul Alam v. Government of Bangladesh (2018)[22]
Because of his Facebook posts criticizing the government’s handling of student demonstrations, well-known photographer and activist Shahidul Alam was detained in August 2018 under Section 57 of the Information and Communication Technology (ICT) Act, 2006. Alam claimed that the accusations infringed upon his fundamental rights to freedom of expression and protection from arbitrary arrest under Articles 39 and 32 of the Constitution in a writ petition he filed with the High Court Division.
The High Court placed a stay order on the inquiry, requiring the authorities to defend the legitimacy of the allegations, which was subsequently affirmed by the Appellate Division. An important example of court protection against the abuse of cyber laws was demonstrated by this case. It emphasized how Article 19 of the ICCPR, which protects the right to freedom of expression, was undermined by Section 57’s ambiguous and overbroad wording, which permitted arbitrary limits on online communication.
2. Mamunur Rashid Nomani v. Government of Bangladesh (2023)[23]
Journalist Mamunur Rashid Nomani, editor of Barishal Khobor, was accused in September 2023 under the Digital Security Act (DSA), 2018, for allegedly distributing online information that was derogatory of public authorities and hurtful to religious sensibilities. He challenged the allegations as illegal and in breach of Articles 39, 43, and 32 of the Constitution, which safeguard due process, freedom of expression, and privacy, in a writ petition submitted to the High Court Division.
The administration was asked to defend the disputed sections in a rule nisi issued by the High Court. The lawsuit, which is continuing, shows how the DSA’s compliance with Article 19 of the ICCPR and constitutional rights is coming under increased judicial scrutiny. It draws attention to the general worry that the DSA’s ambiguous and expansive provisions are being abused to stifle dissent and silence journalists, which would have a chilling impact on press freedom and free speech in Bangladesh.
Recommendations
Cyber laws must precisely define ambiguous concepts like false, offensive, or threatening social harmony to prevent arbitrary enforcement and promote digital rights in Bangladesh. All forms of monitoring, data collection, and arrests should be subject to judicial scrutiny in order to safeguard citizens’ rights and stop abuse of authority. In order to reduce impunity and strengthen the rule of law, it is imperative that robust accountability procedures be put in place to hold public officials accountable for transgressions. Laws that punish dissent, criticism, or nonviolent religious discourse ought to be changed to conform to international human rights norms and constitutional protections. To secure private communications and stop illegal third-party access, comprehensive data protection laws are necessary. Particularly during protests or times of political turmoil, restrictions on internet access, website blocking, or telecom license suspension must be clearly stated, legal, and appropriate. For law enforcement, the courts, and government representatives to comprehend digital rights and human rights duties, capacity building and awareness initiatives are essential.
Reference(S):
[1] Bangladesh Telecommunication Regulatory Act 2001 (Act No. 18 of 2001).
[2] Digital Security Act 2018 (Act No. 46 of 2018).
[3] Cyber Security Ordinance 2025 (Draft, Government of Bangladesh, Ministry of Posts, Telecommunications and Information Technology, 2025).
[4] Information and Communication Technology Act 2006 (Act No. 39 of 2006).
[5] Constitution of the People’s Republic of Bangladesh (adopted 4 November 1972, entered into force 16 December 1972) arts 32, 33, 39, 41, 43.
[6] Human Rights Watch, No Room for Criticism: Bangladesh’s Crackdown on Free Expression Online (HRW Report, 2018).
[7] United Nations Human Rights Council, Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression (A/HRC/29/32, 2015).
[8] Amnesty International, Caught in the Net: Freedom of Expression in Bangladesh (2018).
[9] Reporters Without Borders, Bangladesh: The Digital Security Act Is Used to Silence Journalists (2020).
[10] Transparency International Bangladesh, Human Rights and Digital Governance (Policy Paper, 2021).
[11] Constitution of the People’s Republic of Bangladesh (1972) arts 39(1)–(2); International Covenant on Civil and Political Rights (adopted 16 December 1966, entered into force 23 March 1976) 999 UNTS 171 art 19.
[12] Human Rights Watch, No Place for Criticism: Bangladesh’s Crackdown on Free Expression Online (2018)
[13] Amnesty International, “Muzzling Dissent Online”: Bangladesh’s Digital Security Act and Suppression of Free Expression (2021)
[14] Reporters Without Borders, Bangladesh: DSA Used to Silence Journalists and Human Rights Defenders (2022)
[15] Rahman, T., The Evolution of Cyber Legislation in Bangladesh: From ICT Act to Cyber Security Ordinance (Bangladesh Institute of Legal Studies, 2025).
[16] Rahman, T., The Evolution of Cyber Legislation in Bangladesh: From ICT Act to Cyber Security Ordinance (Bangladesh Institute of Legal Studies, 2025).
[17] Noor-E-Medina Suraiya Jesmin, personal communication (Dhaka, 20 October 2025).
[18] Md Asaduzzaman, personal communication (Dhaka, 20 October 2025).
[19] Noor-E-Medina Suraiya Jesmin, personal communication (Dhaka, 20 October 2025).
[20] Md Saleh Akram, personal communication (Dhaka, 21 October 2025).
[21] Md Asaduzzaman, personal communication (Dhaka, 20 October 2025).
[22][22] Shahidul Alam v Government of Bangladesh, Writ Petition No. 11230 of 2018, High Court Division, Supreme Court of Bangladesh (stay order 20 August 2018).
[23] Mamunur Rashid Nomani v Government of Bangladesh, Writ Petition No. 5732 of 2023, High Court Division, Supreme Court of Bangladesh (rule nisi issued September 2023).
