III. Surveillance policies
Lawful access powers of government agencies
The Bangladesh Telecommunications (Amendment) Act 2006 law allows intelligence and law enforcement agencies to monitor private communications with the permission of the chief executive of the Ministry of Home Affairs, under section 97A, entitled "Special provision for the security of state or public order."
In 2008 the government established a national monitoring centre made up of representatives from law enforcement and intelligence agencies to monitor and coordinate phone taps. Media and human rights groups complained that nonetheless the government continued to tap phones illegally. Police rarely obtained warrants as required, and officers violating these procedures were not punished. Human rights organisations alleged that the special branch of the police, the National Security Intelligence, and the Directorate of Intelligence Forces (DGFI) employed informers to conduct surveillance and report on citizens perceived to be critical of the government.
The security agencies already have the power to gain access to personal information held by individuals and organizations. Police investigators are required to obtain court permission to seize materials for accessing personal information, though there are reports that instead they use threats, intimidation, and coercion to bully the officials responsible for protecting personal information into disclosing the data they want without formal permission.
In addition, the two security agencies, the Rapid Action Battalion (RAB) and the DGFI have been given ancillary national security and counter-terrorism powers. The Amended Telecommunication Act 2006 amended the Bangladesh Telecommunication Act 2001 to establish the Bangladesh Computer Security Incident Response Team (BD-CSIRT) (set up in January 2012) and to mandate the use of wiretapping and Internet surveillance in cases of threats to state security, such as counter-terrorism, external threats, and high-profile crimes. There is no transparency in the investigation process, especially with respect to obtaining personal information. The security agencies are accountable only to the prime minster's office.
In the past several years, foreign countries have sought the background information of those suspected of belonging to Jihads, militant leaders, and wanted criminals who had taken refuge or were residing in Bangladesh. The police arrested and unofficially deported them, as Bangladesh does not have extradition treaties with most countries.
Intelligence and surveillance oversight
There are three main security agencies in Bangladesh: the Rapid Action Battalion, the Directorate of Intelligence Forces, and the police's National Security Intelligence (NSI).
The security agencies are accountable only to the prime minister's office. Civil society leaders have demanded the formation of an oversight committee that will include elected representatives in order to ensure accountability.
Although some officers have been punished for disciplinary infractions, none has been blamed for human rights violations. However, Human Rights Watch and Amnesty International have urged Bangladesh to probe RAB's extra-judicial killings, abduction, torture, and arbitrary detention.1 The government has refused to take action and instead has defended the RAB.
Immigration and privacy
As in many countries, the immigration authorities seek regular information from immigrants, foreigners, and Bangladeshi nationals, both residents and non-residents.
Registration is required within seven days of arrival for all foreigners, including immigrants holding visas valid for a period exceeding 90 days. Every foreigner entering Bangladesh is required to present in person to the appropriate Registration Officer to report their arrival; they must also register with the local police station where they are staying. Application for registration may also be made online.
All nationals and dual citizens are issued with a voter ID card and may apply for passports to travel abroad. The country has yet to begin biometric registration.
With the exception of a few countries' nationals,2 foreigners arriving in Bangladesh must apply in advance for a visa to enter the country.
Most of the data sought from foreigners and immigrants are not held securely, as they are kept in the form of handwritten forms and applications, and are not stored in secure locations. Previously, the authorities requested health information, but this practice ceased several years ago when human rights issues were raised by journalists.
Computerized information collected at airport or immigration registration offices is stored on CDs, which are also vulnerable to theft and inappropriate inventory practices.
The border authorities claim some right to search the contents of computers and devices of those belonging to suspects arriving at border crossings and airports.
Passenger Name Records
The Immigration and Customs departments are responsible for security scanning of travellers. Border Guards of Bangladesh (BGB) are responsible for border security, but do not conduct body searches or check luggage. Passengers are asked to walk through metal detectors and luggage is checked by customs officials. Male and female passengers are checked by same-sex officers. For checking, women are taken into a makeshift enclosure, while male passengers are publicly body-searched with handheld detectors.
Passengers name records are held by the immigration office and shared with intelligence agents in the arrival lounge, though the nature of this processing remains unclear.
There is no rule against racial profiling or other profiling, although the Constitution prohibits discrimination and promotes equality before the law.
The National Forensic DNA Profiling Laboratory (NFDPL) is the country's first ever-forensic DNA profiling laboratory. It was established with funds and technical support from the Danish government at Dhaka Medical College in January 2006 by the government of Bangladesh under the auspices of the Multi-Sectoral Programme on Violence Against Women, run by the Ministry of Women's and Children's Affairs.
The laboratory provides services to the various investigative agencies to investigate violent crimes. DNA analysis can also help solve disputes arising over issues like paternity, immigration, or inheritance, and determine the identity of missing children, disaster victims, or mutilated bodies.
The DNA lab has been extended with five additional laboratories at state-run medical college hospitals in Rajshahi, Chittagong, Sylhet, Barisal, and Khulna. These laboratories accept cases from peripheral regions and send collected samples to the National Forensic DNA Profiling Laboratory for analysis after preliminary screening.
As of July 2011, the National DNA Laboratory has carried out DNA analysis for 20 cases (11 paternity, six rape and three murder) and 62 DNA samples.
Communications surveillance and data retention
The Bangladesh Telecommunication Regulatory Commission (BTRC) is authorised to routinely collect communications information, both traffic data and content, in order to monitor illegal activities.
BTRC is an independent commission established under the Bangladesh Telecommunications Act 2001 (Act no. 18 of 2001), published by the Parliament in the Bangladesh Gazette. BTRC began functioning on January 31, 2002.
BTRC envisages facilitating affordable telecommunications services of acceptable quality for all, regardless of location. The commission issues and renews licenses and monitors providers on a regular basis. Violators are strictly penalised and threatened with legal action and the revocation of their licenses. The affected operators include:
- The nationwide telecommunication transmission network;
- Broadband wireless access service providers;
- International gateway service providers;
- Interconnection exchange service providers;
- International internet gateway service providers;
- Mobile phone operators;
- PSTN operators;
- VSAT operators;
- Internet service providers;
- Call centres; and
- The optical fiber telecommunication transmission network.
In 2007, BTRC collected names, addresses, logins, and usage statistics from all ISPs in order to profile the country's more than 450,000 Internet subscribers. BTRC ordered ISPs to collect complete information regarding customers' exact location, warning that failure to comply might result in the ISP's closure.
What BTRC does with the traffic data it acquires from service providers is unknown.
CCTV is widely used to monitor airports, traffic, private offices, warehouses, and other areas. Law enforcement agencies use CCTV temporarily during religious and cultural festivals and also during public political gatherings under the pretext of ensuring the safety and security of those who are attending the events.
There is no rule, law, or code of practice governing visual surveillance, but it is not a common practice. However, when the former military dictator General H.M. Ershad was in prison (1990-1997), CCTV was used to monitor him after there were several complaints that he was violating prison codes.
Bangladesh does not currently use advanced techniques such as facial recognition or automated vehicle number plate recognition.
A woman found a closed-circuit TV camera in her changing room in a spa at a beauty parlour in September 2011. In October 2011 the High Court ordered the government to take out all close-circuit TV cameras from beauty parlours on a writ petition filed by Bangladesh Human Rights Foundation chief executive Elina Khan.3
Restrictions on Internet use
Although individuals and groups can generally engage in the peaceful expression of views via the Internet, local human rights organizations report continuing government monitoring of Internet communications.
All the Internet cafes have rules users must comply with in order to use the facilities. These rules are decided by the Cybercafe Owners Association of Bangladesh (COAB). Members of the COAB are required to abide by these rules, which include maintaining customer privacy and limiting use by school students. They are also urged to cooperate fully with law enforcement agencies. They are also required to collect identifying information on all users.4
Many of the suspects arrested for cybercrimes are apprehended as a result of their activities in cybercafes. Cybercafe owners are accordingly extra-vigilant about new customers and are known to monitor anyone who looks suspicious.
Outside of cybercafes, there are no restrictions on Internet users. No one has to register or seek permission to open an email account, either online or via an ISP. Similarly, there are no additional restrictions on using social networks such as Facebook, YouTube, Twitter, or blogging sites.
In July and October 2011, bloggers were briefly detained, though not arrested, for uploading articles, critical comments, and photos during protests against the Bangladeshi government's deal with US energy giant ConocoPhillips allowing deep sea gas exploration.5 The government was unhappy about the bloggers' activities. But as these did not fall into the category of blasphemy and they couldn't be accused of cybercrime, the bloggers were released on condition that they would act more responsibly. However, they were coerced into disclosing the names and IDs of other bloggers.
The main types of cybercrime cases pursued in Bangladesh include: malicious mail to foreign diplomatic missions and other VIPs; pornography; use of email for illegal activities; use of the Internet to transmit false and malicious information; use of the Internet for prostitution; and use of the Internet for trafficking in women and children.
There are mounting concerns about the risk of cybercrime due in part to the gradual increasing dependence on and extensive use of computer and information technology by financial institutions such as banks, insurance companies, and other non-government organisations. Computers have been used as tools for crimes like making forged certificates and documents for a number of years in Bangladesh, though incidents targeting computers or computer systems are very rare.
There have been no allegations from Internet users or privacy and media rights groups that government agencies have introduced viruses or conducted hacking in a bid to gain access to personal information. Similarly, there are no allegations that the government has deliberately crashed any network. Some believe that the lack of allegations is because the government really doesn't have the technical know-how to conduct such forms of surveillance.
- 1. See 'Bangladesh: Broken Promises From Government to Halt RAB Killings', Human Rights Watch, May 10, 2011; and 'Extra-judicial killing: Strong Police Complaints Commission needed', Diya Nag, Daily Star, June 22, 2012.
- 2. Exemptions apply to nationals of Barbados, Bhutan, Botswana, Burkina Faso, Fiji, Gabon, Gambia, Ghana, Grenada, Guinea, Guinea-Bissau, Jamaica, Lesotho, Malawi, Seychelles, Swaziland, Western Samoa and Zambia.
- 3. 'HC order to remove CCTV from parlours', The Independent, October 11, 2011.
- 4. For the collection requirements, see http://www.btrc.gov.bd/index.php/industry-focus/telecom-sectors/cyber-cafe
- 5. Bangladesh: Bloggers Arrested While Protesting Against Energy Deal http://globalvoicesonline.org/2011/07/03/bangladesh-bloggers-arrested-wh...