DRN Launched Preliminary Assessment of National Cyber Security Policy, 2080
On August 23, 2023, the Government of Nepal adopted the National Cyber Security Policy 2023, aiming to establish a robust legal and structural framework for enhancing cybersecurity within the nation. Digital Rights Nepal (DRN) was constructively engaged in the entire policy development process. In 2021, it reviewed the initial draft of the policy, and provided feedback and recommendations to the government after engaging with relevant stakeholders. When the government made public a revised draft in April 2023, DRN again engaged with stakeholders to solicit feedback and submitted a memorandum to the government. With the policy now officially approved, DRN has conducted a preliminary analysis of the policy. Proposal of National Internet Gateway, disregard of civil and fundamental rights in the policy, lack of implementation plan, superficial problem analysis, absence of coordination mechanism, among others, are some of the key points highlighted in the preliminary analysis of the National Cyber Security Policy 2023.
In light of these concerns, Digital Rights Nepal calls for reforms in the National Cyber Security Policy 2023, and urges the government, parliament, political parties, civil society, and media to amend problematic provisions, including the National Internet Gateway concept, to ensure individual freedoms, human rights, and a comprehensive cybersecurity framework.
|
|
|
Implementation of TERAMOCS Halted
After facing widespread criticism and controversy surrounding the TERAMOCS technology, which has the potential to collect sensitive personal information such as call details and SMS messages of citizens, the government has reversed its decision. Prime Minister Pushpa Kamal Dahal announced on August 15 that the TERAMOCS project initiated by the Nepal Telecommunication Authority (NTA) will not be immediately implemented. Despite the significant investment in purchasing the necessary equipment and technology, PM Dahal emphasized that the technology involving phone call surveillance will not be activated.
TeLCOs defy Cybersecurity Audits
Telecom providers in Nepal prefer paying a penalty over costly external cybersecurity audits required by the 2020 Cyber Security Bylaw. Cyber Security Bylaw, issued by the NTA, provides for both internal and external audits to ensure data protection and cybersecurity to safeguard information systems from cyber threats. However, the TeLCOs have defied the provision of security audits and expressed a preference for paying the relatively low fine of Rs50,000 for non-compliance rather than undertaking the expensive external audits, which can cost between Rs 600,000 to Rs1.2 million. It’s worth noting that the lax approach to external audits is raising alarm bells within the industry and among experts. Neglecting these audits could lead to compromised data privacy, security breaches, and potentially harmful cyber incidents. Data privacy advocates and digital rights activists are emphasizing the necessity of robust audit mechanisms to ensure the protection of sensitive customer information and the overall security of the telecommunications infrastructure.
NTC’s Profits Decline in FY 2079/80
In the Fiscal Year FY 2079/80, Nepal Telecom (NTC) witnessed a 7.86% decline in profits. According to its recent financial report, the state-owned company’s profit decreased by over Rs 66 crores, earning a total profit of over Rs 7.80 Arab. Despite the profit dip, the company managed to increase its total revenue by over Rs 49 Crores, surpassing Rs 44 Arab in total revenue. In FY 2079/80 (until the end of Ashar, 2080), the company recorded a profit of Rs 7 Arab, 80 Crores, 45 Lakhs, and 26 thousand, reflecting a decrease of 7.86% or Rs 66 crores, 62 lakhs, and 7 thousand compared to FY 2078/79.
Against the Constitutional Mandate, Bhaktapur imposes Tax to ISPs
Bhaktapur Municipality has instructed internet service providers within its jurisdiction to pay taxes based on a classification system. They have categorized ISPs into three categories, based on number of subscribers, i.e. ISPs having over 1,000 subscribers are categorized as ‘A’, ISPs having 501 to 1,000 subscribers are under ‘B’ and having less than 500 subscribers are categorized under ‘C’. The municipality has set the tax amounts at Rs 50,000 for ‘A,’ Rs 30,000 for ‘B,’ and Rs 20,000 for ‘C’ category providers. This approach of taxing ISPs by the local government contradicts constitutional provision assigning telecommunications and related matters to federal government. However, no ISPs so far have opposed this issue.
|
|
|
DRN and NHRC Explored Digital Rights and Safety Issues
On August 13, 2023, Digital Rights Nepal organized an Interaction Program on Digital Rights and Digital Safety in collaboration with National Human Rights Commission (NHRC). The program aimed to equip NHRC commissioners and officials with knowledge and skills to address digital rights and safety concerns, enhancing human rights promotion in Nepal.
DRN Co-Founders Santosh Sigdel and Tanka Raj Aryal presented on Understanding Digital Rights and Digital Safety, respectively, delving into the concepts’ development, challenges, and NHRC’s role. Interactive sessions revealed participants’ recognition of citizen’s digital hygiene levels, and the need for rights-based policy considerations. The event emphasized collaboration between DRN and NHRC and concluded with Hon. Manoj Duwadi advocating secure digital practices and the integration of digital rights promotion in NHRC’s work.
|
|
|
|
Stakeholder Interaction on National Cyber Security Policy 2080
On 18 August 2023, Digital Rights Nepal partnered with the Center for Cyber Security Research and Innovation (CSRI) and NPCERT, to host a stakeholder interaction aimed at deciphering the National Cybersecurity Policy 2080. This session was convened to address the pressing matters embedded within the recently ratified national cybersecurity policy. The dialogue drew participation from 30 individuals representing various sectors, including telecommunications, information technology, academia, civil society, and legal professionals.
During the event, several critical concerns were identified and emphasized. These included issues surrounding the national internet gateway, the preservation of civil and fundamental rights, as well as the government’s approach, which was deemed overly prohibitive and restrictive in its management of the online sphere. The discussions culminated in a consensus to collectively raise these concerns with the relevant ministry and governmental authorities.
|
|
|
Digital Rights Weekly is a week-based update on Digital Rights and ICT issues, that happened throughout the week, compiled and analyzed from the digital rights perspective by Digital Rights Nepal (DRN). DRN is a not-for-profit initiative dedicated to the protection and promotion of digital rights, including the right to online freedom of expression and association, online privacy, access to information, and related issues such as internet governance, cyber laws/policies, and cyber securities in Nepal.
|
|
|
|
