Government's Cybersecurity Strategy Sparks Concerns Over Privacy and Execution

Government's Cybersecurity Strategy Sparks Concerns Over Privacy and Execution
Credit goes to Anup Ojha

On August 8, the government approved the National Cyber Security Policy 2080 BS (2023) in response to the growing number of cybercrimes and related grievances. Although the initiative was generally well-received, critics argue that the policy mirrors those of neighboring countries and lacks a collaborative spirit.

Key Points:

  • Limited Consultation: The government's engagement with stakeholders was minimal, and the feedback received was largely ignored. Observers note the policy's resemblance to cybersecurity measures in India and China.
  • Surveillance Concerns: The policy introduces a centralized internet gateway, raising fears of increased surveillance. Such systems are typically associated with authoritarian regimes, as highlighted by Digital Rights Nepal.
  • Previous Legislation: Cybercrimes were previously addressed under the Electronic Transactions Act, 2063 (2008), which was deemed insufficient for tackling specific cyber threats.
  • Control vs. Trust: Experts believe the policy leans more towards controlling user data rather than fostering trust in digital systems.
  • Implementation Challenges: While the policy's introduction is a positive step, its success hinges on the development of robust infrastructure and supporting laws.
  • Historical Context: The country has witnessed numerous security breaches, with hackers targeting government websites.
  • Cybercrime Statistics: The cyber bureau received over 16,000 complaints in the past four years, with a recent surge in daily complaints.
  • Legislative Hurdles: The translation of the cybersecurity policy into law may face challenges in Parliament, especially given its complexity.
  • Policy Provisions: The strategy discusses creating a cyber-resilient space, promoting ethical hacking, digital literacy programs, and measures to combat online harassment.
  • Stakeholder Feedback: Digital Rights Nepal expressed concerns about certain provisions, emphasizing the need for clarity on the National Internet Gateway's objectives.

  • The government's new cybersecurity policy, while a step in the right direction, has raised several concerns among stakeholders. The centralization of internet traffic and the potential for increased surveillance are particularly contentious points. Successful implementation will require a comprehensive approach, including infrastructure development and supportive legislation.