• info@mijarlawassociates.com.np
  • 9841114443

Law Relating to Cyber Crime in Nepal

Kushal Khadka 2023 Jun 23

Law Relating to Cyber Crime in Nepal

Cyber Crime Laws in Nepal

Cyber Crime

Any crime that involves a misappropriate use of a computer and a network is known as "cybercrime". These crimes have become a threat to individual privacy, where confident data individual's identity or photos and individuals videos etc. is stolen or intercepted by the attackers. Today's era is the age of science and technology but also cyber crime is increased a lot today. Cybercriminals who do this work cause mental and financial harm to people. Some do this to harm personally. While some do it in the greed of money or some commit to destroying a system, some create viruses to destroy computers. The major cybercrimes found in Nepal are: - Email fraud for ransom, cyberbullying, forgery, online gambling, Intellectual property theft, Identity theft, photo mutilation, pornography, child trafficking, sexting, sexual extortion, Imposter .etc.

Some types of cybercrime are listed below.

  1. Salami Attack:  Attack which is carried out for financial gains. In Salami Attack the key is to make changes so small that in a single case, they can unnoticed. It comes in two varieties i.e. penny shaving and salami slicing.
  2. Identity theft: It is a digital thief, an identity thief where a person purports to be some other person. For example: - Facebook Id, and Instagram Id thief by any other person using a network and computer.
  3. Spam: Spam is unwanted emails, and messages by using a computer, or network.
  4. Phishing: Phishing is a method where cyber criminals offer bait so that the person takes and give out the information they want. This involves the scammer luring the victim into providing them with personal information, such as credit card numbers, social security numbers, or other sensitive information that can use to make purchases, steal the person's identity. For instance; Phishing is the most common cybercrime nowadays where a person is mailed or message or phone call by a criminal saying that the person will get 2 lakhs if the person first paid the customs charge of 50,000 to the price sent from a foreign country where the victim by believing provide their details or bank details to the criminal and they going on trapped by the criminal.
  5. Scams: Scams that misuse the Microsoft name and other general technical support scams. Here the perpetrator develops a scheme using one or more elements of the Internet to deprive a person of property or any interest, estate, or right by a false representation of a matter of fact, whether by providing misleading information or by concealment of information. Scams are also of many types as Such: - A.) Boiler Room Scam:- It typically refers to a room where a salesman work by using unfair, dishonest sales tactics, sometimes selling foreign currency stock, private placements, or committing outright stock fraud.

 B.) Romance Scam:  The scammers make you have a feeling for him/her through phone, message, Facebook, Instagram or other network means. Scammers often claim for working overseas. They gain interest and trust, by giving gifts and sharing personal information. And after gaining your trust they will ask you either subtly or directly for money, gifts, banking credit card details, etc, and pretend that they need these for a variety of reasons like financial hardship, an ill family member, an accident, or medical bills. Etc.

C.) Lottery Scam: Out of nowhere a text message, email, or letter arrives from a lottery company that will advise you to win that lottery (a lot of money or prizes) in a lottery or competition. The scammers will give you a few days to collect the prizes by transaction the fees first and they will make money from it. Some scammers will also ask for bank details to claim as the real winner of that lottery and they will misuse the identity and steal any money the victim has in the bank account.

D.) Card Skimming: Card Skimming is the illegal copying of information from magnetic strips of credit or ATM cards. The scammers by stealing your details and ATM card may be able to borrow money or take loans in your name.

  1. Email Bombing: Email bombing means sending many thousands of emails to a victim causing the victim's mail account or mail server to crash.
  2. Online gambling: Gambling over the Internet is a violation of many laws because gambling service providers require electronic payment for gambling through the use of a credit card.
  3. Cyber Trespass:  This is hacking to enter an electronic network without permission.
  4. Computer Intrusions: It is any malicious activity that harms a computer, or causes a computer or a computer network to work in unexpected manners.
  5. Denial of Service: This type of attack intent is to make the resource of service unavailable to its intended users. These are usually carried out on websites to stop them from functioning.
  6. Child pornography: The use of computer networks to create, distribute, or access materials that sexually exploit underage.

 

  1. The elements of cybercrime are Actus Reus (physical element), Mens Rea (mental element), and Modus Operandi (Computer equipment, Internet).

In the context of Nepal, Electronic Transaction Act 2063 is only the IT law in Nepal. According to Section 47, of the Electronic Transaction Act (ETA), 2063, the most used section to prevent cybercrime in Nepal. The following materials in electronic media including computers and the Internet are prohibited to publish or display or make someone publish or display:-

  • Anything which is prohibited to publish or displayed by the prevailing laws,
  • Anything which is contrary to public morality,
  • Anything which is contrary to decent behavior,
  • Anything which may spread hate or jealousy against anyone,
  • Anything which may jeopardize the harmonious relations subsisting among the people of various castes, tribes, and communities,
  • Anything that amounts to teasing, harassing, disrespecting, and dishonoring women.
  • Anyone who violates the acts mentioned above will be punished with a fine not exceeding one lakhs rupees or imprisonment up to five years or both. And those people who commit the same crime from time to time will punish for one and one-half percent of the punishment of the previous punishment for committing each time.

 

Now, according to Section 48 of the ETA act (Confidentiality to Divulge):  if any person who has access to any record, book, register, correspondence, information, documents, or any other materials under the authority conferred under this act or rules framed there under divulges or causes to divulge confidentiality of such record, books, registers, correspondence, information, documents or materials to any unauthorized person, he/she shall be liable to punishment with a fine not exceeding Ten Thousand Rupees or with imprisonment not exceeding two years or with both, depending on the degree of the offense.

 

In the case of pirating, destroying, or altering computer source data we have Section 44 of the ETA, 2063, if any person, knowingly or with malafide intention, pirates, destroys, alters computer sources code to be used for any computer, computer programmer, computer system or computer network or cause, other to do so, he/she shall be liable to punishment with imprisonment not exceeding three years or with a fine not exceeding two hundred thousand Rupees or with both.

 

Likewise, in Section 45 of the ETA, 2063 there is a provision for Unauthorized Access to computer materials which is punishable by law. If any person to have access to any programmed, information or data of any computer, uses such a computer without authorization of the owner of or the person responsible for such a computer or even in the case of authorization, performs any act with an intention to have access in any programmed, information or data contrary to from such authorization, such a person shall be liable to the punishment with the fine not exceeding two hundred thousand rupees or with imprisonment not exceeding three years or with both depending on the seriousness of the offense.

 

In case of damage to any computer and information system we have Section 46 which says If any person knowingly and with a malafide intention to cause wrongful loss or damage to any institution destroys, damages, deletes, alters, disrupts any information of any computer source by any means or diminishes the value and utility of such information or affects it injuriously or causes any person to carry out such an act, such a person shall be liable to the punishment with the fine not exceeding two thousand rupees and with imprisonment not exceeding three years or with both.

 

If any person, with an intention to commit any fraud or any other illegal act, creates, publishes, or otherwise provides a digital signature certificate or acquires benefit from the payment of any bill, the balance amount of any one's account, any inventory or ATM card in connivance of or otherwise by committing any fraud, amount of the financial benefits so acquired shall be recovered from the offender and be given to the person concerned and such an offender shall be liable to the punishment with a fine not exceeding one hundred thousand rupees or with imprisonment not exceeding two years or with both. (Section 52, ETA, 2063)

 

Likewise, the abettor of the computer-related offense will be also punishable by the law, according to section 53 of the act "A person who abets another to commit an offense relating to computer under this act or who attempts or is involved in the conspiracy to commit such an offense shall be liable to the punishment with a fine not exceeding fifty thousand rupees or with imprisonment not exceeding six months or with both, depending on the degree of the offense."According to Section 54 of the ETA act,"A person who assists others to commit any offense under this act or acts as an accomplice, by any means shall be liable to one-half of the punishment for which the principle is liable.

 

No one will be free if commits the offense even outside Nepal, as Section 55, ETA 2063 has the provision as if any person commits any act which constitutes an offense under the ETA act and which involves the computer, computer system, or computer network system located in Nepal, even though such an act is committed while residing outside Nepal, a case may be filled against such a person and shall be punished accordingly.

 

According to Section 57 of the ETA, 2063, if any act is done by a corporate body that deems an offense, such as offense shall be deemed to have been committed by a person who was responsible as chief for the operation of the corporate body at the time of committing such an offense.

 

Also, some of the cyber-related crimes in Nepal are regulated by part 3 (offense against individual privacy and prestige) of the National Penal Code, 2074. Section 293 of the Act says "No person shall be allowed to listen to or record the conversation held between two or more people without their consent or permission from a competent authority or else such person shall be liable for a term not exceeding two years or a fine not exceeding twenty thousand rupees or both." Likewise, Section 294 of the Penal code says "No person shall be allowed to disclose confidential matter known to them from their professional work except when compelled by law or else he/she shall be liable to a sentence of imprisonment for a term not exceeding one year or a fine not exceeding ten thousand rupees or both." Likewise, Section 295 secures the person by prohibiting taking and disfiguring any person's photographs without their consent. Those committing will be liable to a sentence of imprisonment for a term not exceeding two years or a fine not exceeding twenty thousand rupees or both. And Section 296 secures by prohibiting giving or selling one's photograph to another without consent. Those who commit will be liable for imprisonment not exceeding three years and a fine not exceeding thirty thousand rupees or both.

The Penal code has a provision Prohibition breaching privacy through electronic means " No person shall be allowed to breach privacy or access any notice or information lying in an electronic form in an unauthorized manner or else such person shall be liable for imprisonment not exceeding two years or a fine not exceeding twenty thousand or both sentences. (Section 298).

 

Hence, Mijar Law Associates will represent its client related to cybercrime. Any queries regarding cyber security and cyber law can be consulted via 9841114443.