The Freedom Forum has submitted a preliminary recommendation on draft national cyber security policy today, 23 April 2023.

FF appreciates the Ministry’s initiative, though late, to launch the draft of national cyber security policy.

It has made some observations on the policy. Compared to the previous draft of the policy, it has some positive changes. However, there are still some points missing to make the policy issues more comprehensive and inclusive, thereby addressing multi-stakeholders’ concern and ensuring human rights, eg: protection and promotion of FoE and privacy on digital/cyber space.

  1. The indicators of time and percent you mentioned in goal (8) should be better mentioned in monitoring and evaluation section with time frame, and goal mentioned clearly.
  2. It would be better to have separate strategy to each objective.
  3. In point no 10.6, the coordination and cooperation with civil society should be added.
  4. In point no. 11.1, what does ‘bidyaman kanoon’ (existing law) mean? It would be better specify law/act.
  5. Point no 11.4 is redundant because the country already has RTI Act, institutional mechanism, and constitutional provisions on RTI and individual privacy. So, remove it.
  6. Point no 11.26 and 11.27 should incorporate ‘without infringing citizen’s privacy and intercepting their data’.
  7. Point no 11. 61, and 11.64 should clearly state that citizen’s rights as freedom of expression would not be jeopardized while controlling digital contents that incite cyber bullying, harassment, hatred etc.
  8. Point no 12.4 (a) should incorporate a member advocating for human rights eg freedom of expression and privacy on digital space which can been picked from relevant civil society.
  9. Stakeholder engagement could be made effective through strategy and action plan rather than posing as risk factor in point no 16. (a)
  10. It is better to mention the policy implementation costing with time frame.

Most importantly, policy needs to make clear what is ‘cyber security’ and what are ‘cyber crimes’, and ensure essential values of internet- ‘open, credible, safe and interoperable internet’.

In addition to this, FF, as an organization working in the sector of digital and internet governance for long, made aware the Ministry about two literatures FF produced- which have adequate resources and references on how human rights can be ensured on digital/cyber space while formulating policy and laws on it. They are Human Rights Friendly National Cyber Security Strategy (link), and Policy Analyses Brief (link). Both are in Nepali language.

FF also showed readiness to cooperate for further consultation.