Internet watchdog: More censorship likely in the days to come
The Pakistan Telecom Authority has prescribed into law the practice of allowing authorities to monitor and view all internet traffic in Pakistan.
It is no secret that the PTA possesses the ability to censor and monitor traffic coming in and going out of the country but the Statutory Notification SRO 186 (1)/2010 goes a little further and clearly outlines the authorities’ stance on the matter.
While wire-tapping and similar monitoring are considered fair-game for governments to protect their interest, they are commonly enforced through a strict regulatory framework. Even so, on the internet a lot of these monitoring efforts fall flat.
Typically, internet connections can be easily secured through encryption schemes which are commonly utilized to protect users from a common security concern known as man-in-the-middle attacks. Under this attack vector, any intermediary can sniff the information that it is meant to relay. This means that anyone from the corporate IT department to the ISP of the final email recipient can monitor the contents of an email message, or other communication. To prevent this, web-based corporations often use encryption schemes which allow them to decrypt data using a special key known only to them. Most commonly this is noticeable when visiting a website with an HTTPS prefix instead of the usual HTTP. That means all HTTP traffic without the “S” can easily be sniffed.
Encryption schemes are fairly commonplace and it is trivial for any two parties to have a secure conversation that can evade the most powerful authorities.
This poses a problem for regulatory authorities since their interest lies in being able to monitor traffic in granular details. Under the new PTA regulations the obligation on any licensee, typically an ISP is set out as follows:
“The Licensee(s) and Access Provider shall ensure that signalling information is uncompressed, unencrypted, and not formatted in a manner which the installed monitoring system is unable to decipher using installed capabilities”
This lays the groundwork for any future contentions that may arise. It is foreseeable the Lahore High Court may issue a legal notification to disallow HTTPS or encrypted Gmail and Hotmail services - a notion that doesn’t seem at all far-fetched following the ban on Facebook.
The writer heads Online Strategy and Development at Express Media and can be contacted at aleem.bawany@express.com.pk
Published in The Express Tribune, August 1st, 2011.
COMMENTS (17)
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ
1731570357-0/elon-musk-(1)1731570357-0-270x192.webp "republicans accused of protecting elon musk")
there should be some sort of restriction like in sauduarabia on certain websites but not on social media
@Saad Durrani: There is no use of Buying Encryption or VPN Service as well, as PTA plans to ban the use of it as well, here is the link to the PTA letter to ISPs in Pakistan http://www.bestvpnservice.com/blog/pakistan-vpn-pta-notice. This is absolutely ridiculous.
Oh really let me use proxy services for that or I am having a feeling next target of Anonymous and LulzSec would be PTA.
@Anwar: Do you even understand what the honey are we talking about? Please are talking about privacy concerns here, and you somehow dragged porn in.
@Anwar: Be assured, sir, that even a ban on government level can be worked-around with proxies. Wait a second, did you just justify that the whole of a nation should be made vulnerable to cyber attacks just so that your kids don't view porn?
Oh brilliant... we are going to make it easy for all the crooks in our country to steal our bank account information, credit card numbers, etc. etc... let us go backward in the fight against cyber-crimes instead of forward... After all, isn't this our national motto: "Why go forward, when we can go backwards?"
@Majid: I have tried everything. The children are way ahead. They can override just about any block you put. I for one would like some kind of restriction at the government level.
i don't think they can ban https, i mean all online banking, trading and major email provider use https for enhanced safety... but who knows, maybe the isps forgot to deposit the prescribed 10%
@Anwar If you want your internet restricted, just get a content filtration program for your own computer. We do not want any kind of moral police in Pakistan. I am sure this step is being taken to keep tabs on political discourse as is the case in many Arab countries. Would you be willing to raise your voice against lets say a dictator or tyrant if you knew that you internet traffic is being monitored? I think not. Pakistan needs more freedom, not less.
What the facebook!
Is it possible to disallow https? Can someone enlighten me? For example Gmail will be https by default soon...
Time to buy some encryption or VPN.
Email accounts, online banking system, secure credit card transactions such as online airline reservation systems are few examples of services that use https. A blanket ban will have a bigger impact than just disruption of social media sites. Sadly, decisions without taking the consequences into consideration is a norm in our country so a decision like this unfortunately doesn't seem unlikely at all.
There should be some censorship on the internet. I live in Qatar and all pornographic sites are blocked on the internet.. This is very very good. The internet is for useful purposes only not to watch X rated films.
OMG! This is ridiculous of PTA, disallowing HTTPS clearly means, don't get far from our hands. Don't know how they believe it is important to serve the nation.
This is because only, internet is left as free media in Pakistan, and SOMEONE don't want so.
I request PTA to reconsider such action and take it to someone professional enough to understand the security of users.