Nepal institutes first cybercrime law as cabinet approves National Cyber Security Policy 2023

KATHMANDU: In a significant development, Nepal has officially enacted its inaugural legislation to combat cybercrime, marking a major stride in digital security. The National Cyber Security Policy 2023 was unanimously endorsed during a Cabinet meeting held on Tuesday, as reported from Kathmandu.

Rekha Sharma, government spokesperson and Minister for Communication and Information Technology, shared with journalists that the policy had received the Cabinet’s seal of approval. She explained that the policy outlines a comprehensive roadmap for future strategies, operational guidelines, objectives, and plans concerning cybersecurity.

A pivotal aspect of the policy revolves around ensuring a secure online environment for all users. The document also evaluates the historical context and current status of cybersecurity while concurrently outlining the framework for forward-looking initiatives.

Netra Prasad Subedi, representative for the Ministry of Communication and Information Technology, elaborated, “The policy encompasses an in-depth analysis of the nation’s current internet landscape, and sets forth the vision, mission, objectives, strategies, and implementation plans concerning cybersecurity across government, private, and non-government sectors.”

Subedi went on to clarify that the policy will address various facets including the establishment of an infrastructure for cybersecurity, fostering capacity development, and safeguarding data integrity. Additionally, the policy envisions the establishment of a distinct entity, the ‘Cyber Security Center,’ with the aim of enhancing the effectiveness of related initiatives.

Amidst the rise in digital-related crimes due to regulatory gaps, Nepal Police records indicate a steady surge in cases of cyberbullying since 2014.

Over recent years, incidents involving data breaches within e-commerce enterprises, internet service providers, the Central Library, ATM systems, and social media platforms have become increasingly common, highlighting vulnerabilities in Nepal’s cybersecurity framework. Moreover, several instances have been documented wherein government offices have been incapacitated due to data breaches.

In the absence of specific cybercrime legislation, offenses have typically been addressed under the provisions of the Electronic Transaction Act 2008. To tackle cybersecurity threats like hacking and phishing, an expert group named the Computer Emergency Response Team (CERT) has been operational within the Department of Information Technology for the past few years.

The newly enacted policy is poised to bridge gaps in the legal structure and operational processes within the realm of cybersecurity. Various stakeholders have rallied for government commitment towards incorporating key responsible agencies and resources to execute the policy effectively.

This includes embracing principles of open and secure internet, individual privacy, credibility, neutrality, accountability, interoperability, partnership, and a multi-stakeholder approach.

To facilitate this transformation, a high-level panel was convened in March 2023, tasked with compiling a comprehensive report to draft the cyber security policy. The panel, spearheaded by information technology expert Juddha Bahadur Gurung, comprised members like Baburam Dawadi, Saroj Lamichhane, Mona Nyachho, Prakash Rayamajhi, and Bijay Gautam.

Furthermore, experts from Nepal Police and the Nepalese Army were integrated into the panel, while a representative from the Ministry of Communication and Information Technology assumed the role of member secretary.

Umesh Poudel |
Wednesday August 9, 2023, 10:51:53 AM |

Leave a Reply

Your email address will not be published. Required fields are marked *