Farrukh Khosru :
The Cyber Security Ordinance 2025, hailed by Bangladesh’s interim government as a milestone in digital rights reform, was gazetted on 21 May 2025, replacing the widely criticised Cyber Security Act 2023. While the Ordinance introduces notable changes – such as repealing nine controversial sections, ensuring bail for speech-related offences, and recognising internet access as a civil right – it ultimately falls short of offering meaningful protection for press freedom, freedom of expression and the public’s right to know.
Despite its surface-level progress, the new Ordinance remains deeply embedded in the architecture of state surveillance and control, continuing the legacy of its predecessors: the Digital Security Act (DSA) 2018 and the Cyber Security Act (CSA) 2023. Although 95 per cent of existing cases under previous legislation are set to be dismissed, and harsh penalties for expression have been softened, the core mechanisms enabling censorship, intimidation, and repression remain largely intact.
The most symbolically significant inclusion in the Ordinance is the so-called “right to uninterrupted internet access”, as described under Section 2(1)(?). However, it appears solely in the definitions section, rendering it legally hollow. For a right to be meaningful, it must be embedded in substantive provisions, be enforceable through judicial mechanisms, and be accompanied by clear avenues for redress. Placing this “right” amid technical definitions deprives it of any binding legal force.
In theory, this definition may influence interpretation when “cyber security” is referenced, particularly in decisions made by the National Cyber Security Council under Section 13. Yet, Bangladesh’s recent record of internet shutdowns – especially during the Monsoon Revolution of 2024 – suggests that such language can be circumvented or ignored in practice. Without robust judicial enforcement, this “right” remains more rhetorical than real.
The Ordinance establishes a Cyber Safety Council, chaired by the Prime Minister or Chief Adviser, and introduces a Content Removal Authority. While the latter includes members of civil society and requires court approval within 72 hours of content removal, these changes are procedural rather than structural. Content may still be taken down without prior judicial scrutiny – a loophole ripe for abuse.
Meanwhile, the state retains centralised control over internet infrastructure, a legacy of the Awami League’s digital authoritarianism. There are no clear constraints on executive overreach, nor transparent processes for public accountability in decisions affecting media freedom and digital expression.
Although the Ordinance repeals several contentious provisions of the CSA 2023, it still contains vague and broadly worded offences, such as “cyberbullying”, “spreading hate”, and “insulting symbols”. These terms are ill-defined, enabling expansive interpretations that can criminalise journalistic investigation, political satire, peaceful dissent, or coverage of state failures.
Such legal ambiguity violates the principle of legal certainty and opens the door to selective enforcement, disproportionately targeting journalists, activists, and critics. Even though these offences are now bailable and carry lighter penalties, the judicial process itself becomes a form of punishment, fostering a climate of self-censorship and fear.
The introduction of oversight by a retired Supreme Court judge is a welcome gesture towards accountability. However, judicial protection relies not only on the law but also on judicial independence, which has often been questioned in politically sensitive cases. Provisions such as Section 49, which allow the government to introduce new regulations, could be misused to legitimise future shutdowns or censorship, unless proactively contested in court.
Moreover, the lack of transparent and meaningful stakeholder consultation in drafting the Ordinance, despite claims of 25 rounds of revisions, casts doubt on its democratic legitimacy. Civil society organisations, media professionals, and digital rights advocates remain sceptical, pointing to a history of “reforms” being used to centralise power rather than decentralise it.
The Ordinance continues to undermine investigative journalism and whistleblower protections, especially in cases involving powerful state or corporate actors. The persistent threat of being accused of “spreading misinformation” or “inciting hatred” fosters a culture of silence and suppresses public discourse.
In a digital era where press freedom and internet freedom are inseparable, the Ordinance does not go far enough to safeguard the public’s right to information, a cornerstone of democratic societies. As Bangladesh approaches a potential national election, the pressure on independent journalism and civic dialogue is likely to intensify.
While the Cyber Security Ordinance 2025 marks an improvement over previous legislation, it remains largely cosmetic rather than transformational. It addresses some symptoms of digital repression but leaves the underlying structures of state control untouched – a centralised, opaque, and unaccountable security apparatus prioritising control over rights.
For Bangladesh to genuinely uphold freedom of expression, press independence, and digital rights, it must move beyond rhetorical reforms. What is needed are binding legal standards, institutional independence, and inclusive, transparent lawmaking. Until such structural changes are implemented, the promise of a free, open, and rights-respecting digital future will remain unfulfilled.
(The writer is the Executive Editor of The New Nation and is also in charge as the News Editor.)
