ARTICLE 19 urges consultation on Draft Cyber Protection Ordinance

ARTICLE 19 has urged the interim government of Bangladesh to carry out meaningful and effective consultation with relevant stakeholders before the enactment of the Draft Cyber Protection Ordinance 2025. 

The advisory council approved the draft ordinance on 24 December 2024. 

In a press statement issued yesterday (3 February), ARTICLE 19 observes that the interim government failed to conduct meaningful consultations with relevant stakeholders prior to drafting the ordinance. 

It says the draft ordinance in its present form could severely undermine independent journalism, as well as the rights to freedom of expression, in the country. 

In its statement, ARTICLE 19 called for the Cyber Protection Ordinance 2025 to comply with international human rights standards, particularly those related to freedom of expression and privacy.

It also urged the interim government to ensure that the ordinance provides clear and precise definitions for terms like 'cyberbullying,' 'aiding,' and 'spreading hate,' ensuring they are narrowly tailored to target only harmful, illegal activities like incitement to violence.

ARTICLE 19 also wants the ordinance to ensure that government bodies, including law enforcement, operate with greater transparency and be subject to independent oversight, ensuring that these bodies' actions are publicly accountable and that decisions, particularly those affecting citizens' rights, are subject to review.

It also urged the integration of robust safeguards to protect privacy and personal data as well as safeguards against mass surveillance, ensuring that cybersecurity measures do not compromise individuals' fundamental rights.

Problematic provisions as identified by ARTICLE 19

Mentioning that the draft ordinance has faced harsh criticism in Bangladesh, ARTICLE 19 says journalists, lawyers, teachers, human rights defenders, and activists have severely criticised it, as the proposed law uses many terms that lack clear definitions, creating opportunities for misuse due to their vagueness and ambiguity. 

"Members of civil society have questioned the drafting process, noting the lack of an inclusive and meaningful consultation process."

The statement says the interim government initially allowed only three days for comments on the draft law. Amid widespread criticism, the government has uploaded an amended version of the draft ordinance on the Information and Communication Technology (ICT) Division website and reopened the opportunity for comments from 22 January 2025 to 6 February 2025.

The British human rights organisation also says the newly-approved draft retains several provisions from its predecessors, which had been widely criticised for suppressing freedom of expression. 

"Similar to its predecessors, the newly drafted ordinance raises significant concerns due to its far-reaching implications for human rights, governance and accountability, specifically provisions that restrict free speech and could potentially be used to harass individuals," reads its statement. 

Unchecked authority to executive to block, filter information

ARTICLE 19 has identified some of the problematic provisions, including Section 8 of the draft ordinance, which it says grants broad and unchecked authority to the executive to block or filter information it finds objectionable. 

"Under international law, any restrictions on freedom of expression must be prescribed by law and meet the criteria of necessity in a democratic society."

Under Articles 12 and 13 of Chapter IV, the establishment of a National Cybersecurity Council is proposed. "This body would wield expansive and unchecked powers to develop inter-institutional policies, enact regulations, and effectively control 'cybersecurity infrastructural development.' It would also oversee the Cybersecurity Agency, which is to be created under the same ordinance," reads the statement. 

The British human rights organisation says the ordinance further grants significant authority to the director general of the National Cybersecurity Agency according to Section 8. The director general could request the removal or blocking of any information deemed to pose "cybersecurity risks." 

"Without judicial oversight, such powers carry a high risk of misuse. Of particular concern is the composition of the Council, which will be chaired by the country's Head of State and supported by a high-ranking contingent of government officials, including the ICT Minister and Directorate Generals of various intelligence and defence agencies. This concentration and centralisation of authority raises serious concerns about accountability and the potential for government overreach with limited checks and balances," reads the statement. 

ARTICLE 19 observes that Bangladesh's persistent challenges in the ICT sector stem from a deliberate policy of centralising communications infrastructure and control under the former regime. It says this approach allowed authorities to coercively and arbitrarily pressure internet service providers to intercept data, censor content, and implement internet shutdowns on multiple occasions. 

These actions resulted in serious human rights violations under international law and produced widespread disruptions to public life, hindering economic activity and violating people's right to access information, carried out with absolute impunity. 

"The ordinance gives authorities the power to intercept communications and monitor digital activities under the guise of cybersecurity. This raises privacy concerns and risks creating a surveillance state," reads its statement.

Definition of cyberbullying 'vague'

Section 25A of the ordinance defines cyberbullying as acts of intimidating, threatening, or harassing individuals or groups online, as well as disseminating harmful information, defamatory content, or abusive language that damages a person's reputation or mental well-being. 

However, the broad and vague nature of this definition creates significant potential for misuse, observes ARTICLE 19.

"It could discourage people from expressing their opinions for fear of causing offence, thereby shrinking the space for open criticism. Journalists, too, would need to exercise extreme caution in their reporting to avoid falling afoul of this provision. If someone claims to feel defamed, insulted, or mentally harmed, they could file a case, leading to the possibility of warrantless arrests by the police," reads the statement.

'Seeks to protect religious values rather than right to freedom of religion'

ARTICLE 19 says Section 26 [of the ordinance] criminalises the publication of information, in any form, that intends to spread hate. This provision is inconsistent with international standards on freedom of expression, as it seeks to protect religious values or feelings rather than an individual's right to freedom of religion. 

"Vague terms like 'hate' can be misinterpreted or exploited to suppress legitimate criticism or dissent, especially on sensitive topics like religion, where such provisions have been used disproportionately against minority groups, journalists, activists, and political opponents. In addition, by criminalising speech that 'intends to spread hate,' the provision risks creating a chilling effect, where individuals refrain from discussing or critiquing religious practices, institutions, or policies out of fear of legal repercussions," it says in the statement.

The British human rights organisation says this discourages open dialogue, restricting people's right to freedom of expression and may disproportionately target minority voices.