The report says the country's Inter Services Intelligence (ISI) agency hired intermediary companies to acquire domestic spying toolkits from Western and Chinese firms for domestic surveillance.
It also claims the ISI sought access to tap data from three of the four "landing sites" that pass through the country's port city of Karachi, effectively giving it access to Internet traffic worldwide.
Read: Over 5,000 phones being tapped by IB, SC told
Pakistan was in talks with a European company in 2013 to acquire the technology but it is not clear whether the deal went through – a fact the rights organisation said was troubling.
"These cables are going to route data through various countries and regions," Matthew Rice, an advocacy officer for Privacy International, told AFP.
"Some will go from Europe to Africa and all the way to Southeast Asia. From my reading that's an explicit attempt to look at what's going on."
Read: Espionage charges: Court directs PAF to try detained officer per law
Traffic from North America and regional rival India would also be routed via the cables, he said.
The report, based on what it called previously unpublished confidential documents, said the data collection sought in the ISI's proposal "would rival some of the world's most powerful surveillance programmes" including those of the United States and Britain.
A spokesman for Pakistan's military said he was not able to comment on the issue at the present time.
Last month Pakistani rights campaigners and opposition lawmakers urged Islamabad to protect the privacy of its citizens after leaked top-secret documents appeared to show British intelligence had gained access to almost all the country's Internet users.
The country is also in the process of debating its own cyber-crime bill, which rights campaigners say threatens to curtail freedom of expression and privacy in its current form.
Rights groups also expressed concern over a provision that allows the government to share intelligence with foreign spy agencies, such as the American National Security Agency, and the mandating of service providers to retain telephone and email records for up to a year.
COMMENTS (21)
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ