The government in Pakistan has introduced a whirlwind of policies to control, regulate, protect, and oftentimes, limit internet freedoms. But usually, the government attempts to run roughshod over cyber rights due to their novel nature. As such, if one were to imagine the internet users of each country as citizens of a parallel nation that exists on the cyber plane, one can better analogise cyber rights to those that already exist in legal discourse.
Three laws that have recently been drafted could directly affect the Internet Republic of Pakistan. First came the Fair Trial Act, which legally expanded the right of security agencies to tap electronic communications, albeit requiring a warrant in many instances. The act requires internet service providers to acquiesce government requests to tap a customer’s communications. It was created to address the cyber proliferation of terrorist groups and past lapses in evidence-gathering for terrorism cases. This could be interpreted as a means to protect the citizens of Pakistan’s Internet Republic, however, it could also give legal cover to security agencies who wish to monitor political dissidents.
The second law, which is still in the drafting process, is the Prevention of Cybercrimes Act and it has also been advertised as a means to punish suspects who use the internet for criminal acts like harassment or fraud. This would fill the vacuum by proscribing punishment for cybercrimes that often have very real physical effects; one need only think of the consequences associated with identity theft, for example. This act would create specialised courts and agencies to prosecute cybercrimes and could be viewed as a way to make the Internet Republic safer.
However, as activist Nighat Dad has pointed out, the language of the draft must be improved, since earlier versions were far too open-ended and accommodating of the abuse of citizens’ cyber rights. Put differently, the government should not infringe on the privacy rights for all internet users by engaging in expansive electronic surveillance just to catch the few ‘villains’. Furthermore, this law could potentially be used to legitimise unnecessary surveillance of those holding politically unpopular opinions.
While the previously described laws were promoted as means to confront internal threats and domestic cyber villains, the Cyber Security Council Bill is a reaction to the external and international threats to cyber security. The revelations from US whistleblower Edward Snowden about the extensive nature of surveillance in Pakistan by America’s National Security Agency combined by the aggressive use of ‘hacker-armies’ by nations like China, have caused many politicians to call for the creation of an agency to monitor these international threats.
If it becomes law, the Cyber Security Council Bill would establish a council of 30 private and government cyber experts that would monitor international surveillance and hacking. If the government is creating this council as a means to ensure its citizens privacy and freedom from unwarranted intrusions in their electronic communications, it must consider including internet activists in the Council.
However, past actions by internet activists to challenge intrusions on cyber rights by the Pakistani state have been stymied or ignored by policymakers. One need only look to the multiple worthy challenges brought in court against the government’s ban on YouTube or its use of the FinFisher, a Trojan software that can infiltrate a computer.
The difficulty in challenging these governmental intrusions into internet privacy is to find constitutional precedence for the argument. While a nation can change laws and regulations to limit internet freedoms over time, as Pakistan is currently doing, the constitution remains static and predates the internet era.
However, for many judges and scholars, the constitution must be continually revisited and adapted to address modern problems. As such, while the Pakistani Constitution protects the right to freedom of speech, association, press and privacy, lawyers must make analogous arguments to expand these protections to the internet. Accordingly, the government should consider their advice on the myriad of cybercrime and security laws it is considering.
Published in The Express Tribune, April 18th, 2014.