Cyber Crime Laws in Nepal

Cyber Crime Laws in Nepal

Cyber crime is a term that refers to any illegal activity that involves the use of a computer, a network or the internet. Cyber crime can range from hacking, phishing, identity theft, online fraud, cyber bullying, cyber stalking, cyber terrorism, cyber warfare, to child pornography, cyber sex trafficking, online gambling and more.

Cyber crime is a global phenomenon that poses serious threats to individuals, businesses, governments and society at large. According to the Global Cybersecurity Index 2020, Nepal ranks 87th out of 194 countries in terms of cybersecurity readiness and performance.

In this article, we will explore the cyber crime laws in Nepal, covering the following topics:

• The legal framework for cyber crime in Nepal
• The types and trends of cyber crime in Nepal
• The challenges and issues in combating cyber crime in Nepal
• The recommendations and suggestions for improving cyber crime laws in Nepal

The Legal Framework for Cyber Crime in Nepal

Nepal does not have a specific law that deals exclusively with cyber crime. However, there are some laws and policies that regulate and address various aspects of cyber crime in Nepal. These include:

• The Electronic Transactions Act 2008 (ETA): This is the main law that governs electronic transactions, digital signatures, intellectual property rights and cyber crime in Nepal. The ETA defines cyber crime as any act that is punishable under the prevailing laws if committed by using a computer, computer network or electronic means. The ETA provides for various offences and penalties related to cyber crime, such as unauthorized access, data theft, data tampering, hacking, phishing, spamming, denial of service attacks, cyber defamation, obscenity and pornography. The ETA also establishes the Comptroller of Certification Authority (CCA) as the regulatory body for digital signatures and encryption in Nepal.
• The Banking Offence and Punishment Act 2008 (BOPA): This is the law that deals with banking offences and punishments in Nepal. The BOPA covers offences related to electronic banking transactions, such as forgery, fraud, cheating, embezzlement and money laundering. The BOPA also provides for confiscation of property and assets derived from such offences.
• The Information Technology Tribunal 2008 (ITT): This is the judicial body that hears and decides cases related to electronic transactions and cyber crime in Nepal. The ITT consists of a chairperson appointed by the government from among the judges of the appellate court or district court and two members appointed by the government from among the experts in information technology or law. The ITT has the jurisdiction to hear cases involving offences punishable under the ETA or BOPA or any other prevailing laws related to information technology.
• The Cyber Security Bylaw 2020 (CSB): This is the regulation that sets the standards and guidelines for cybersecurity for telecommunication service providers (TSPs) and internet service providers (ISPs) in Nepal. The CSB mandates TSPs and ISPs to implement security measures such as firewalls, antivirus software, encryption techniques and authentication systems to protect their networks and systems from cyber attacks. The CSB also requires TSPs and ISPs to report any incidents of cyber attacks or breaches to the Nepal Telecommunications Authority (NTA), which is the regulatory body for telecommunication services in Nepal.

The Types and Trends of Cyber Crime in Nepal

According to the data from the Central Investigation Bureau (CIB) of Nepal Police, there were 1,029 cases of cyber crime registered in Nepal in 2020/21 fiscal year. This was an increase of 69% from 608 cases registered in 2019/20 fiscal year.

The most common types of cyber crime reported in Nepal are:

• Online fraud: This involves deceiving or cheating people online by using fake identities, websites or emails to obtain money or personal information. Some examples of online fraud are lottery scams, phishing scams, romance scams and job scams.
• Hacking: This involves gaining unauthorized access to a computer system or network by exploiting its vulnerabilities or weaknesses. Some examples of hacking are stealing data, defacing websites or launching denial of service attacks.
• Identity theft: This involves stealing someone's personal information such as name, address, date of birth, bank account details or social media accounts and using it for fraudulent purposes. Some examples of identity theft are opening bank accounts or credit cards in someone else's name or impersonating someone online.
• Cyber bullying: This involves harassing or threatening someone online by sending abusive messages or posting offensive comments or images. Some examples of cyber bullying are spreading rumors or lies about someone online or creating fake profiles or groups to target someone online.
• Cyber stalking: This involves monitoring or tracking someone's online activities or movements by using spyware, malware or GPS devices. Some examples of cyber stalking are sending unwanted messages or calls to someone online or following someone's social media posts or location updates.
• Cyber pornography: This involves producing, distributing or accessing sexually explicit or obscene materials online. Some examples of cyber pornography are uploading or downloading child pornography, revenge porn or sextortion.

The Challenges and Issues in Combating Cyber Crime in Nepal

Despite the existing laws and policies, cyber crime in Nepal remains a serious and growing problem. There are many challenges and issues that hinder the effective prevention, detection and prosecution of cyber crime in Nepal. These include:

• Lack of awareness and education:Many people in Nepal are unaware of the risks and consequences of cyber crime. They do not have adequate knowledge and skills to protect themselves and their devices from cyber attacks. They also do not report cyber crime incidents to the authorities due to fear, shame or ignorance.
• Lack of resources and capacity: The law enforcement agencies and the judiciary in Nepal lack sufficient resources and capacity to deal with cyber crime cases. They do not have enough trained personnel, equipment, tools and facilities to investigate, collect evidence, analyze data and prosecute cyber criminals. They also face difficulties in coordinating and cooperating with each other and with foreign agencies due to legal, technical and jurisdictional barriers.
• Lack of legislation and regulation: The existing laws and policies in Nepal are not comprehensive and updated enough to address the emerging and evolving forms of cyber crime. They do not cover all aspects of cyber crime such as cyber terrorism, cyber warfare, cyber espionage and cyber sabotage. They also do not provide for adequate penalties and remedies for cyber crime victims. Moreover, there is no clear definition and classification of cyber crime in Nepal, which creates confusion and inconsistency in the application and enforcement of the laws.
• Lack of cybersecurity culture: The government, the private sector and the civil society in Nepal do not have a strong cybersecurity culture. They do not have a clear vision, strategy and policy for cybersecurity. They do not have a robust cybersecurity framework, governance and management system. They do not have a regular cybersecurity audit, assessment and evaluation mechanism. They do not have a proactive cybersecurity awareness, education and training program.

The Recommendations and Suggestions for Improving Cyber Crime Laws in Nepal

To address the challenges and issues in combating cyber crime in Nepal, the following recommendations and suggestions are proposed:

• Enhance awareness and education: The government, the private sector and the civil society should work together to raise awareness and education on cyber crime among the public, especially the youth, women and marginalized groups. They should conduct campaigns, workshops, seminars, webinars and competitions on cyber crime prevention, detection and reporting. They should also provide guidance, counseling and support services for cyber crime victims.
• Strengthen resources and capacity: The law enforcement agencies and the judiciary should enhance their resources and capacity to deal with cyber crime cases. They should recruit, train and retain qualified personnel with expertise in information technology, forensics, law and criminology. They should acquire, upgrade and maintain modern equipment, tools and facilities for cyber crime investigation, analysis and prosecution. They should also establish effective coordination and cooperation mechanisms with each other and with foreign agencies for information sharing, mutual assistance and extradition.
• Update legislation and regulation: The government should review, revise and update the existing laws and policies on cyber crime to make them more comprehensive, relevant and effective. They should enact new laws or amend existing laws to cover all forms of cyber crime such as cyber terrorism, cyber warfare, cyber espionage and cyber sabotage. They should also provide for appropriate penalties and remedies for cyber crime offenders and victims. Moreover, they should define and classify cyber crime clearly and consistently in accordance with international standards and best practices.
• Promote cybersecurity culture: The government, the private sector and the civil society should foster a strong cybersecurity culture in Nepal. They should develop and implement a national cybersecurity vision, strategy and policy that aligns with the national security, development and human rights objectives. They should establish and enforce a robust cybersecurity framework, governance and management system that follows the principles of risk management, accountability, transparency and participation. They should conduct regular cybersecurity audit, assessment and evaluation to measure and improve their cybersecurity performance. They should also initiate and support a proactive cybersecurity awareness, education and training program for all stakeholders, including government officials, business leaders, academics, journalists, activists, students and citizens.