Needed — legislation on cybercrime
Our LEAs are not equipped with the most important thing needed to fight cybercrime, i.e., properly developed laws.
In the virtual world, it is very difficult to draw lines for national and international borders for trying cybercriminals. However, governments must play a vital role in this respect. Whenever there is a cybercrime, people are concerned about which country the cybercriminal belongs to. This level of concern is needed to properly address the issue of cybercrime on both national and international levels. The criminal’s country of origin matters because the policies and laws of that country affect the whole cyber community.
During a 2012 Olympics event, I saw a picture of a person riding a bicycle and holding a red arrow gun. He was a Wi-Fi police officer. That picture shows that law-enforcement agencies (LEAs) are trying their best to fight cybercrime with whatever equipment is in their hand but the question is whether government policies are supportive of this. In our case, we are talking about the Pakistani government and its measures to counter cybercrime and cyberterrorism.
According to an unofficial survey, the software piracy rate in Pakistan is estimated to be about 85 per cent. The important point here is: are the people involved in this act aware that they are committing software piracy? Do they even know the meaning of this term? According to the public view, they are not stealing the CDs since they are paying money to obtain them, all in an open market; they pay consideration in the form of cash for the contents of the CD. Therefore, the person is satisfied on moral grounds.
In Pakistan, we are trying to control cybercrime without actually addressing it; i.e., without making laws and without equipping our officers with the latest knowledge and technology to fight state of the art cybercriminals. Recently, the US national security adviser warned China of potential cybercrimes. This should alert us to the serious threat that cybercrime has on the security and integrity of a nation.
In the past, senior police officers, judges and lawyers have asked me how cybercrime can being controlled without proper legislation. This is a puzzling question, indeed. Last week, I was involved in a case regarding cybercrime. The case appeared simple on the surface but facts revealed to me that our cybercrime LEA, i.e., the National Response Centre for Cyber Crime (FIA-NR3C) always has the lesser footing in case hearings. It is always short of equipment, weapons, training and, most importantly, moral support. However, time has taught the Centre how to manage itself despite all such lacking. One thing that cannot be managed, changed or manipulated to adjust the nature of the crime, however, is the law.
While the prosecution provided strong evidence for its case and despite the fact that I saw a crime being committed, there was no proper law under which that crime was to be covered. Therefore, the FIA-NR3C was forced to charge the accused with the only offences available to them. It seemed that the Centre was trying to fit the crime into the available set of laws. This was very pathetic and depressing. The FIA-NR3C had everything in place — even the criminal was already behind bars. But, due to the unavailability of proper laws, all efforts went in vain.
Our LEAs are not equipped with the most important thing needed to fight cybercrime, i.e., properly developed laws. Our agencies are always blamed for their acts despite the fact that they are working in pursuance of law and order and catching criminals. Without proper legislation, the FIA-NR3C is left vulnerable to loopholes and misuse of available legislation. Our law should focus on the procedures one can take to avoid any mishap in the cyber world. In today’s world, computers are weapons and, therefore, if we equip someone with this weapon, it is the duty of the government to also give the person awareness of this weapon for its positive use. The government should initiate an awareness campaign and, most importantly, the badly needed legislation for cybercrime.
Published in The Express Tribune, March 28th, 2013.
During a 2012 Olympics event, I saw a picture of a person riding a bicycle and holding a red arrow gun. He was a Wi-Fi police officer. That picture shows that law-enforcement agencies (LEAs) are trying their best to fight cybercrime with whatever equipment is in their hand but the question is whether government policies are supportive of this. In our case, we are talking about the Pakistani government and its measures to counter cybercrime and cyberterrorism.
According to an unofficial survey, the software piracy rate in Pakistan is estimated to be about 85 per cent. The important point here is: are the people involved in this act aware that they are committing software piracy? Do they even know the meaning of this term? According to the public view, they are not stealing the CDs since they are paying money to obtain them, all in an open market; they pay consideration in the form of cash for the contents of the CD. Therefore, the person is satisfied on moral grounds.
In Pakistan, we are trying to control cybercrime without actually addressing it; i.e., without making laws and without equipping our officers with the latest knowledge and technology to fight state of the art cybercriminals. Recently, the US national security adviser warned China of potential cybercrimes. This should alert us to the serious threat that cybercrime has on the security and integrity of a nation.
In the past, senior police officers, judges and lawyers have asked me how cybercrime can being controlled without proper legislation. This is a puzzling question, indeed. Last week, I was involved in a case regarding cybercrime. The case appeared simple on the surface but facts revealed to me that our cybercrime LEA, i.e., the National Response Centre for Cyber Crime (FIA-NR3C) always has the lesser footing in case hearings. It is always short of equipment, weapons, training and, most importantly, moral support. However, time has taught the Centre how to manage itself despite all such lacking. One thing that cannot be managed, changed or manipulated to adjust the nature of the crime, however, is the law.
While the prosecution provided strong evidence for its case and despite the fact that I saw a crime being committed, there was no proper law under which that crime was to be covered. Therefore, the FIA-NR3C was forced to charge the accused with the only offences available to them. It seemed that the Centre was trying to fit the crime into the available set of laws. This was very pathetic and depressing. The FIA-NR3C had everything in place — even the criminal was already behind bars. But, due to the unavailability of proper laws, all efforts went in vain.
Our LEAs are not equipped with the most important thing needed to fight cybercrime, i.e., properly developed laws. Our agencies are always blamed for their acts despite the fact that they are working in pursuance of law and order and catching criminals. Without proper legislation, the FIA-NR3C is left vulnerable to loopholes and misuse of available legislation. Our law should focus on the procedures one can take to avoid any mishap in the cyber world. In today’s world, computers are weapons and, therefore, if we equip someone with this weapon, it is the duty of the government to also give the person awareness of this weapon for its positive use. The government should initiate an awareness campaign and, most importantly, the badly needed legislation for cybercrime.
Published in The Express Tribune, March 28th, 2013.