Privacy, as a construct, stands entirely revamped in the profoundly digitalised era of today. The cyber revolution has not merely transformed societal mechanisms, it has also compelled major jurisprudential re-evaluations of what it entails. Infringement of this universally guaranteed right no longer requires the physical presence of the perpetrator; the privacy of a person can now be evaded from yonder lands without his knowledge. In a 2021 survey by the Freedom House, Pakistan scored 26 out of 100 points on freedom of the internet, with 7 out of 40 points on violations against user rights. The report pointed towards several tech-related measures that “threaten the right to privacy”. Many jurisdictions have been expeditious in amending their legal regulations to cater to such vagaries. Yet, as personal information stands accessible with the click of a button, no adequate laws to restrict such crimes in this country exist.
According to an earlier 2015 report by Privacy International, the government has made use of international companies operating within the country, such as Huawei and Ericsson, for access to network surveillance for over a decade. Furthermore, a 2013 Citizen Lab report highlighted that unknown parties had access to the personal data of Pakistani citizens via Fin-Fisher spyware. This is especially concerning now, with the upcoming launch of Google’s liaison office in Karachi, and the company registration with SECP. The launch of Google in Pakistan is currently celebrated as a win for the local tech market, allowing data to be stored domestically instead of tapping into international platforms. Nevertheless, when the local laws do not afford sufficient operating guidelines, our information may now be even more vulnerable.
In a search for protection of digital privacy within Pakistan’s legal structure, one can find it shrouded under Article 14(1) of the Constitution of Pakistan which stipulates that “[t]he dignity of man and, subject to law, the privacy of home, shall be inviolable.” The wordings here denote a rather conventional understanding of the notion of privacy, primarily restricting illegal entrances to private properties. Higher courts of the country have previously extended this fundamental right to digital privacy as well, such as in precedent-setting cases of M. D. Tahir v. State Bank regarding private information collection of bank users and Muhammad Munir v. The State on creating fake Facebook profiles to defame a person. Nevertheless, a re-evaluation of the legal terminology and the jurisprudential understanding of the concept of privacy is required by lawmakers to make unambiguous inclusion of data privacy as a basic right of all citizens.
Outside of the Constitution, no specific statute has yet been passed by the legislators catering to specific rules and regulations on data protection. The Ministry of IT and Technology’s legal wing is geared up to unveil massive amendments brought to the last Personal Data Protection Bill, although the new Data Protection Bill 2022 is yet to pass the finish line, as it would soon be opened for public consultation, and to seek Parliament’s assent before becoming law. Currently, Pakistan Electronic Crime Act, 2016 and some sector-specific legislations are all that the nation’s data privacy functions on. These legislations are riddled with loopholes and inconsistencies, per the set international standards.
It is disquieting to observe, not only due to its swiftly growing tech industry but also as an Islamic nation, that such little heed is paid to the protection of citizens’ privacy and information. An important tenet of our religion, our privacy does not warrant the inattentiveness it is afforded. Even more troubling is our citizens’ lack of knowledge on what exploitations can occur with the info they so readily share online. Our approach to data protection is therefore two-pronged — enacting and implementing robust information privacy laws to minimise unwarranted data transfers and uses; and inculcating in our citizens the awareness of the rights they must demand and expect when sharing their CNIC, home address, personal phone number, banking information or card details online.
Published in The Express Tribune, December 22nd, 2022.
Like Opinion & Editorial on Facebook, follow @ETOpEd on Twitter to receive all updates on all our daily pieces.
COMMENTS
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ