The Constitution of Nepal 2015, a landmark document for the nation, provides a foundational framework for addressing the challenges of the digital age, including cybersecurity. While not explicitly a cybersecurity act, several provisions within the Constitution have significant implications for how Nepal approaches cybercrime and digital security.

Part 3: Fundamental Rights and Duties

    Article 16: Right to Live with Dignity

        Every individual has an inherent right to live a dignified life.
        In cyberspace, this translates to protecting individuals from:
            Online harassment, trolling, and cyberbullying.
            Misuse of personal or private information to harm their reputation or well-being.
        It mandates the government to enforce laws that ensure respect for digital identity and personal space online.

    Article 17: Right to Freedom
        Broadly covers the freedoms essential for a democratic society, extended to the digital sphere:
            Opinion and Expression: The right to freely express opinions on digital platforms, including social media, blogs, and forums.
            Media Freedom: Online journalism and blogging are protected as forms of free press.
            Assembly and Association: Participation in digital communities, online activism, and virtual organizations is a protected right.
        Restrictions:
            Cyber activities should not incite violence, disrupt public harmony, or threaten national security.
            Preventing misuse like fake news, hate speech, and online extremism.

    Article 19: Right to Communication
        Focuses on secure and unrestricted communication through digital means:
            Ensures accessibility to communication platforms without censorship or undue interference.
            Protects individuals from unauthorized surveillance or interception of digital communications.
            Promotes net neutrality to ensure equal access to online content and services.
        Exceptions: The state may impose restrictions to prevent cyber threats, protect privacy, and maintain public order.

Part 4: Directive Principles, Policies, and Responsibilities of the State

    Article 28: Protection, Promotion, and Use of Local Resources
        Envisions technology as a crucial resource for national development:
            Promotes the use of information and communication technology (ICT) for modernization and economic growth.
            Encourages the creation of an enabling environment for startups, IT industries, and innovation in technology.
        Cybersecurity and Data Protection:
            Policies to ensure the safety of digital infrastructure and protection of sensitive data.
            Strengthening local capacity to address cybercrimes and improve cybersecurity measures.
        Public Services:
            Integration of IT to improve governance, transparency, and service delivery through e-governance initiatives.

Broader Implications
 

These constitutional provisions emphasize balancing digital freedoms and responsibilities while addressing the challenges of cybercrime, privacy breaches, and online abuse.

They provide a foundation for laws like the Electronic Transactions Act, 2008 and pave the way for future legislative developments in cybersecurity and IT governance.

The state is tasked with fostering technological growth while ensuring its ethical use to protect citizens and promote national interests.

The Privacy Act, 2018 of Nepal, officially known as the Individual Privacy Act, 2075 (2018), is a legislative framework aimed at protecting the privacy and personal data of individuals. The act will aligns with the principles established in the Constitution of Nepal, 2015, particularly the right to privacy as a fundamental right under Article 28. Here are the key aspects of the act:

 Key Features of the Privacy Act, 2018

1. Right to Privacy

   • The Act emphasizes that every individual has the right to privacy, covering personal, family, and confidential information.
   • Unauthorized surveillance, interception, or disclosure of private information is prohibited.

2. Scope of Privacy

   • Protects the confidentiality of:
     • Personal information (identity, health, finance, etc.).
     • Private communications.
     • Private residences and locations.
     • Digital and physical data.

3. Data Collection and Usage

   • Organizations collecting personal data must:
     • Obtain explicit consent from the individual.
     • Inform individuals about the purpose, duration, and use of the data.
   • Data collection is restricted to what is necessary for the stated purpose.

4. Prohibited Activities

   • Publishing, broadcasting, or sharing private information without consent.
   • Misusing private data for fraud, defamation, or unauthorized commercial purposes.
   • Conducting unauthorized surveillance or monitoring of individuals.

5. Government Surveillance

   • Allows government surveillance under strict legal provisions, ensuring that it does not violate individual privacy unnecessarily.
   • Requires a court order or legal authorization for any surveillance or monitoring.

6. Protection of Sensitive Information

   • Strict rules for handling sensitive data, such as financial records, health information, and biometric data.
   • Institutions managing sensitive data must implement robust security measures.

7. Penalties for Violations

   • Violations of privacy rights can lead to:
     • Fines for individuals or organizations.
     • Imprisonment for severe breaches.
     • Compensation for victims of privacy violations.

8. Digital Privacy

   • Covers digital platforms, ensuring online data and communications are secure.
   • Addresses cybercrimes involving unauthorized access, hacking, or data breaches.

9. Oversight Mechanism

   • Establishes mechanisms to monitor and enforce the provisions of the Privacy Act.
   • Encourages individuals to report violations of their privacy rights.

Implications of the Privacy Act, 2018

• For Individuals: Ensures a legal framework to safeguard personal and digital privacy.
• For Businesses: Requires companies to adopt transparent practices for collecting, storing, and processing personal data.
• For the Government: Balances the need for security and surveillance with the protection of individual rights.

The Privacy Act, 2018 is a significant step in Nepal’s legal landscape, addressing modern privacy concerns and aligning with global trends in data protection and cybersecurity.

Disclaimer: This article is for informational purposes only and should not be considered legal advice.

Note: This article provides a general overview of the Privacy Act, 2075. For a comprehensive understanding, it is recommended to consult the full text of the Act and seek professional legal advice.