A new cybercrimes law

Published: February 2, 2014
The writer is the founder and director of the Digital Rights Foundation and tweets @nighatdad

The writer is the founder and director of the Digital Rights Foundation and tweets @nighatdad

After a long struggle by the civil society and digital rights activists, the Pakistani government is pushing forward a cybercrime act. The government is in the process of not only passing the Electronic Documents and Prevention of Cybercrimes Act, 2014 but would also be setting up a cyber authority, according to recent updates from parliament.

While this act should have come as a welcome step for Pakistan’s booming online community, it has done the reverse. Available publicly, the Cyber Crimes Act, 2014 is open for anyone’s perusal and shows just how insecure, fragile and extreme it is when it comes to the suggested punishments.

This long-awaited cybercrimes act was supposed to help those who are being threatened, harassed and robbed online while not affecting the ease, availability and openness of online spaces. It lists strict punishments for even minor offences. Bolo Bhi and the Digital Rights Foundation, which are civil society organisations working on digital security, free access and internet openness in Pakistan, carefully dissected the proposed Cybercrimes Laws, 2014 in an attempt to point out concerns and policies for better clauses and acts.

The entirety of the draft shared with media outlets and civil society organisations contains vague definitions of crimes and misses to detail the processes by which any crime would be determined. In the cyber space, it is important to identify the processes and not just the crime itself. What if the alleged offender’s account was hacked and utilised for committing crimes by someone else? Recognising and identifying the chain of events that lead to a crime is crucial for any cyber law in order to secure innocents from being charged.

The Cyber Law, 2014 contains a clause giving permission to authorities to “add or omit any electronic signature and the procedure for affixing such signature” thereby violating citizens’ right to privacy.

Another startling and rather disturbing clause gives the authorities warrantless permission to intercept electronic transmission. This would let the officials “collect or record by electronic means traffic data in real-time associated with specified electronic documents transmitted by means of electronic devices” much like what the notorious National Security Agency (NSA) has been doing in the past. While activists and the online community is fighting against the NSA’s policies after Edward Snowden leaked documents containing sensitive information, Pakistanis are being dragged towards this draconian cyber era by legitimising such surveillance by making it into a law.

Apart from the vaguely defined laws and severe punishments, the process of establishing a cyber authority also remains undefined. The draft mentions that the authority will comprise seven members with five from the private sector. However, neither the selection nor election process is defined, nor does it indicate whether the private sector members will come from businesses or civil society, or both.

It is also quite alarming to see that various portions of this legislation have been copied from the Information Technology Act, 2000 of India. It should be noted here that Information Technology Act of India has itself been criticised for infringing upon the citizens’ liberties and has been long policed against by activists globally. The Act was thereby amended and introduced as the Amended IT Act of 2008.

“Of even greater concern is a risk that the bill could become a template in the Islamic world that further retards online growth for nearly a quarter of the world’s population,” writes expert privacy advocate Simon Davies in his well-known blog, the ‘Privacy Surgeon’.

The law in itself and the proposed set-up of a government-controlled, centralised cyber authority will give extreme powers to some officials. While this law will definitely affect the online community in Pakistan and attack its openness, it will also set an unsettling precedent for other Muslim countries, as mentioned by Davies, who would just copy portions of the laws and perhaps, make the punishments even worse.

Published in The Express Tribune, February 3rd,   2014.

Like Opinion & Editorial on Facebook, follow @ETOpEd on Twitter to receive all updates on all our daily pieces.

Facebook Conversations

Reader Comments (5)

  • Feb 3, 2014 - 12:40PM

    Good and much needed article.


  • Feb 3, 2014 - 6:03PM

    Nighat Dad,This article is providing information regarding the forth coming cyberspace law at Pakistan . The indicators written in this article about the proposed law and authority are very alarming. Pakistan Govt will enforce a law for cyberspace, but they should have to incorporate all the norms, values and properties so for established for the openness and privacy of the cyberspace. This law should be under the fundamental laws for human rights and the cyberspace rights otherwise it will labeled as black Law.
    if this law is implemented in a non acceptable form at Pakistan then it will have no value at the rest of the world. The cyberspace is very wide range and the law may cover that wide space by incorporating the required norms and qualities of an international law because the law will cover the users not only from Pakistan but the whole world. The cyber governing authority should be of the international stature, so that to enforce and coordinate the law in the world. This authority must have links and close coordination with the law enforcing agencies in and out of the country. The last but not the least that the implementing authority must establish a sort of consortium with the other countries of the nation for implantation of the proposed law. Before launching this law it must be open for debate in the country and internationally so that the required element may be incorporated before grounding the law.


  • Crazy Canuck
    Feb 3, 2014 - 10:47PM

    Wow! I guess the long awaited democracy is finally bearing fruit. Eating away at our liberties like an incurable tumor just a little bit at a time.Recommend

  • Abbas
    Feb 4, 2014 - 12:00AM

    Like any other law cyber crime can not be left open for interpretations, especially when the judicial and prosecution bodies do not currently have the skill set to exercise their judgement. Having said that, boundaries within the internet space are not yet well defined globally. Debates are still held of what should be considered an intrusive activity, such as simply scanning someone’s computer can be equated to knocking on the door, but it may eventually lead to a complete compromise of the system.Recommend

  • observer
    Feb 4, 2014 - 6:05PM

    Better to have no law, than to have bad laws, to be misused by people of ulterior motive. Who would want to go on the net, knowing well that he or she is being monitored??. Those who wish to disrupt can do so, from outside Pakistan, many countries employ thousands, just to do exactly this work. Does Pakistan have the resources or the will or the capacity to counter, any group of hacking specialist outside the country. What will happen is that the small fish will get caught as an example, and the big fish outside the country will do what they wish to. As it is all internet activity in Pakistan is already monitored. There are no secrets as such. Consider that all countries are doing so 24/7, on each other without a doubt. What exactly will be the purpose of this law, what will it safeguard, and how sure can anyone be that it is doing good than doing more harm. Who will debate and with whom???.


More in Opinion