The ICT Division on Monday declared 29 organizations as 'critical information infrastructure' under the Digital Security Act for the safety of sensitive data under which any illegal access to computers, digital devices or networks is a punishable offence.
'Critical information infrastructure' in the controversial Act means any external or virtual information infrastructure declared by the government that controls, processes, circulates or preserves any information-data or electronic information and, if damaged or critically affected, may adversely affect public safety or financial security or public health and national security or national integrity or sovereignty.
Section 15 of the Digital Security Act authorizes the government to declare any computer system, network or information infrastructure as 'critical information infrastructure.
The law states anyone causing or trying to cause damage to a critical information structure or render it inactive intentionally through illegal access will be doing an offence.
It defines illegal access as "making or abetting to make illegal access to any computer, computer system or computer network" and "making or abetting to make illegal access with intent to commit an offence".
Such an offence will be punished with imprisonment for a maximum term of seven years, or a fine not exceeding Tk25 lakh, or both.
Accessing the systems illegally with the intent of harming it will carry a prison term for a maximum of 14 years, or a fine not exceeding Tk1 crore, or both.
A second or further attempt to breach the system illegally will be met with imprisonment for life, or fine not exceeding Tk5 crore, or both.
Journalists' groups, human rights organizations including Human Rights Watch and Amnesty International have criticized the Digital Security Act and said it would stifle freedom of expression, but the government says it is needed to protect people's privacy and sensitive data that matters to the country.
In a notice issued by the ICT Division on Monday listed the following organizations under the 'critical information infrastructure':
President's office
Prime Minister's Office
National Board of Revenue
Bangladesh Data Center Company Ltd
Bridges Division
Department of Immigration and Passports
National Data Center of Bangladesh Computer Council
Bangladesh Telecommunication Regulatory Commission
National Identity Registration Wing of Election Commission Secretariat
Central Procurement Technical Unit
Rooppur Nuclear Power Plant Establishment Project
Biman Bangladesh Airlines
Immigration Police
Bangladesh Telecommunication Company Ltd
Bangladesh Water Development Board
Power Grid Company of Bangladesh
Titas Gas Transmission and Distribution Company Ltd
Bangabandhu Satellite Company Ltd
Civil Aviation Authority Bangladesh
Birth and Death Registration unit of the Office of the Registrar General
Bangladesh Bank
Sonali Bank
Agrani Bank
Janata Bank
Rupali Bank
Central Depository Bangladesh Ltd
Bangladesh Securities and Exchange Commission
Dhaka Stock Exchange
Chittagong Stock Exchange
Thursday, June 04, 2026
