Draconian Cyber Crime Law in Pakistan

Pakistan Cyber Crime Bill 2007Yesterday a few concerned Pakistanis gathered together at The Second Floor to discuss the Cyber Crime Bill (Prevention of Electronic Crimes Act 2007). The event was hosted at T2F and sponsored by Alchemy Technologies allowing Barrister Zahid Jamil an opportunity to explain / interpret in simpler terms the impact of this bill on our daily lives once this bill has been promulgated into effect by the National Assembly.

To be honest when I was informed of the seminar I was interested to find out what the fuss was all about, the reading material provided was interesting but made little sense until Zahid explained the legal implications of such a bill if promulgated as is. After the two hours of understanding the problem I am worried enough to feel the need to push the government to revamp the bill and poses to be a very dangerous law for us all, forget the criminals with, it can easily affect innocent Pakistanis who use computers on a daily basis, very simple issues like the act of formatting your hard disk [Destruction of Data] can lead you to a seven years in jail &/or Rs. 1 Million in fines. The consequences appear to have far more serious implications then what Faisal Chohan faced in 2006

There are seemingly 21 ‘cyber’ issues ranging from Malicious code, Cyber Terrorism to spamming and spoofing, overtly it may seem to cover all aspects of the new digital era but a closer and detailed look shows quite the contrary, allow me to explain, as novice trying to decipher Zahid’s excellent explanation (For those bored by the technicality head down to the Call for Action section at the bottom)

  1. Practically in all issues the government has gone the extra mile to reinvent a new definition, significantly deviating from the internationally accepted norms leaving more grey areas for confusion / exploitation within the law
  2. There seems to be an elaborate play of words within the document, which does nothing, but allow room for the regulating body (FIA) to confuse and entrap the innocent people, a ‘book ’em up’ charge sheet on all counts
  3. The FIA, has been given complete and unrestricted control to arrest and confiscate material as they feel necessary, without forcing them to present a credible case before an arrest warrant is issued, if the FIA follows the law by the book they can pick up any person or property, hold them in custody for up to one year (extensions allowed) before even presenting the case in court. A very dangerous supposition as it opens the door for the rouge FIA agency to do as they please without any safeguards and protection for the innocent
  4. I share with you one example of the hideous nature of the bill. The Government has literally attempted to insert a new word in the English language, when the bill discusses the law of Cyber Terrorism (item #17)

    Cyber Terrorism: Any person, group or organization who, with terroristic intent utilizes, accesses or causes to be accessed a computer or computer network or electronic system or electronic device or by any available means, and thereby knowingly engages in or attempts to engage in a terroristic act commits the offense of cyber terrorism.

    The word TERRORISTIC is without doubt a figment of their imagination vocabulary, hence they attempt to define the word, quite literally compounding the problem at hand

    Explanation 1.–For the purposes of this section the expression “terroristic intent” means to act with the purpose to alarm, frighten, disrupt, harm, damage, or carry out an act of violence against any segment of the population, the Government or entity associated therewith.

    Explanation 2.– For the purposes of this section the expression “terroristic act” includes, but is not limited to,–

    • (a) altering by addition, deletion, or change or attempting to alter information that may result in the imminent injury, sickness, or death to any segment of the population;
    • (b) transmission or attempted transmission o a harmful program with the purpose of substantially disrupting or disabling any computer network operated by the Government or any public entity;
    • (c) aiding the commission of or attempting to aid the commission of an act of violence against the sovereignty of Pakistan, whether or not the commission of such act of violence is actually completed; or
    • (d) stealing or copying, or attempting to steal or copy, or secure classified information or data necessary to manufacture any form of chemical, biological or nuclear weapon, or any other weapon of mass destruction.

    It seems the above example they have actually defined what real-life terrorism might be, but fail to explain what they mean by the word Cyber in cyber terrorism, if they hope to mean cyber-stalking, which incidentally is already covered as item #13 (this also has one too many loopholes). They could also be referring to the actual real-life Terrorism but that too as I am told is extensively covered in the Anti-Terrorism Ordinance of 1999. What I share is the concern that there happens to be no clear-cut explanation on how a Cyber Terrorism crime is committed.

This is only ONE example only, but actually there are gaping holes in practically all 21 items of the Digital Crimes Act. They even go to the extent that for eg. everyday usage of a Microsoft Windows software on your computer (which is famously known to be buggy) can land you with a punishable crime of seven years behind bars, How? Under the Malicious Code section [item 13] it seems that any code that crashes and damages the data on your computer can make you guilty of the crime. an oversimplified example

Call For Action (in development)

  1. A pressure group must be created to contest this bill forcing a total write-up according to industry standardsAn online petition should be launched to promote this effort
  2. Local and International media must be used to exert pressure on the Ministry of IT to readdress all genuine issues
  3. T2F is arranging for a series of repeat seminars to better explain the impact of this draconian law
  4. Creation of an online campaign, banners, buttons etc
  5. Due to the complex nature of the argument, we would like to entertain ideas from willing film makers / animators to help us create a short documentary (10 minutes for YouTube) – URGENT CALL – Saturday 8th September 4:00pm at T2F
  6. A website, (temporarily I have placed this issue on the Don’t Block the Blog – DBTB.org website until we decide to form something else), A mailing list.
  7. These are just initial steps and I hope we can rally concerned Pakistanis for this cause

References:


Zahid Jamil’s Presentation made at T2F

I must confess this presentation does little justice to his actual verbal comments but its important to understand the issue – Zahid has BOLDED the important words in the draft bill that are of serious concern

Disclaimer: This entire article is written with my own limited understanding of law and would gladly amend and correct mistakes if any


Posted

in

, , , ,

by

Comments

20 responses to “Draconian Cyber Crime Law in Pakistan”

  1. Momekh Avatar

    Absurd!
    What you say, if it is true, makes this whole thing absurd.
    I will send this to some of my lawyer friends as well.
    Good work, this you are doing.
    I say we make a pressure group. How, when and where?

  2. Jehan Avatar

    This Bill has been drafted by the Ministry of IT & Telecom, passed through the Cabinet, cleared by the Ministry of Law and has been adopted by the Cabinet. All that remains for it to be enacted into law is for it to be passed by the National Assembly.

    Some of us have been agitating against it for the past few years asking for amendments to be made but it continues to be in its original form with only a few of our concerns being addressed.

    This affects all of us – business, individuals, civil society, bloggers – in fact anyone that uses a computer or a mobile phone. It gives too much authority – search and siezure – with no protection. For those of you who remember the Faisal Chohan case, this opens the doors to much more misuse of power.

  3. Mushtaq Avatar
    Mushtaq

    TM, I am guessing you have something to hide. 🙂

  4. fahad khalil Avatar
    fahad khalil

    Thing is, our laws are so obfuscated that one can derive anything stupid out of them.

    Like, there is a law in corporate law; that share holders of a public company can remove board member; but they cannot appoint one! What good this law is?

    And all of this is done:

    1 – intentionally, so that big guns can get out whenever they want to – like importing beemers without duty…
    2 – incompetent legislation authorities (national assembly)

    In this particular case, I think second is the case. They don’t even know what the HELL is IT other then IT earns a lot.

    I will definitely spread this word.

    This is very important for IT related people to know whats going on.

    Thanks for posting.

  5. shobz Avatar

    are they out of their minds or what? this reminds me of the orwellian settings of 1984. this cyber crime bill is absurd and doesn’t tackle any issues properly. i guess some insane power hungry wacko drafted this bill without any consideration. note to stupid govt: research cyber crime bills before making a mess of everything.

  6. Publia Padena Avatar

    Eternal vigilance is the price of liberty, and there isn’t any liberty in warrantless searches and seizures, or being unable to confront one’s accusers and present a defense in a court of law. That beng said, I don’t understand how anyone could be found to be guilty of this law inadvertantly from what is posted above.

    These acts require “terroristic intent,” “acting with the purpose to alarm, frighten, disrupt, harm, damage, or carry out an act of violence.” That is the state of mind required when doing the acts enumerated above.

    On the other hand, the proposed law could land people posting al-Quada tapes on the Internet and those who are actively working on jihaddist websites (including the posting of videos such as Osama bin Laden tapes and tapes of private revenge executions)in a great deal of trouble.

    It’s really unclear from your post whether the act is

    1. in need of technical corrections, or
    2. redundant, in that earlier legislation addresses the issues adequately, or
    3. disliked by those who wish death and destruction to others.

    If the presentation is going to be given again, why not post that to Youtube? That might help give some understanding to the slides that would more clearly point out the danger of the act.

  7. Jehan Avatar

    In answer to some of the queries posed by PP above,

    1.The proposed Bill requires technical corrections because the definitions of spoofing, spamming, cybersquatting, phishing, etc are incorrect and don’t coincide with internationally recognized definitions.
    2.The Cyber Terrorism part is not necessary because there is existing legislations covering terrorism – which is the Terrorism Act
    3. There is no balance in so far as the protection of the rights of the accused. There are no grounds required for search and seizure; there is no chain of custody; there are no defined parameters for what can be seized and no back up of the data seized is provided so that any additions and deletions can be tracked.

    There are vague terms used that are not defined at all and these would be open to interpretation by the powers that be.

    Lots of things like that which make it a scary law. We have a team that is working on putting up clips on YouTube so that more clarity can be provided.

  8. M. Faisal Naqvi Avatar

    Kindly look at the other side of the picture as well

    Response to the Criticism on Prevention of Electronic Crimes Law:
    http://www.slideshare.net/mfnaqvi/response-to-criticism-on-e-crime-law

    Regards
    Faisal

  9. Ali Khan Avatar
    Ali Khan

    Good.. Every body has got their own point of view, one might not agree to what govt want and every one might not agree with this point of view.. The basic point here is that instead of talking only one should change the bill show where and which changes are made and why.. and then lobby this bill into enactment…

    This is the way ahead.. instead of just working the other way around.

    We shall protest but do the right way.. there are many things that i don’t really agree to and there are some points made by J&J

    One also has to appreciate that there was no law before.. at least we got ONE NOW!

    Regards
    Ali

  10. zar Ali Musazai Avatar

    The bill is draconian and based on the bias and malafide intentions.The rulers have no right to curb the positive activites of the people and citizens.The rulers themselves have occupied the government unlafully how a thief can direct other not to do.Terrorism is a menace and is condemned by us all but the government of musharraf is using it for his own benifit.It is a fact that when a dictator becomes weak and sees his fall he takes the steps like generals but such tyrant acts will not prove to be helpful anymore.

  11. zar Ali Musazai Avatar

    Regards
    Zar ali musazai
    Chairperson
    pashtun democratic council
    Peshawar

  12. FATIMA Avatar

    please tell me cyber crime and please discuss it as ,
    it should be taken as serious crime,please
    waiting for your kind reply.

  13. FATIMA Avatar

    please discuss cyber crin\me and also define it properly,please it’s a request from a student.
    I shall be very thankful to you.

  14. ~ smaic ~ Avatar

    This Bill has been drafted by the Ministry of IT & Telecom, passed through the Cabinet, cleared by the Ministry of Law and has been adopted by the Cabinet. All that remains for it to be enacted into law is for it to be passed by the National Assembly.

    Some of us have been agitating against it for the past few years asking for amendments to be made but it continues to be in its original form with only a few of our concerns being addressed.

    This affects all of us – business, individuals, civil society, bloggers – in fact anyone that uses a computer or a mobile phone. It gives too much authority – search and siezure – with no protection. For those of you who remember the Faisal Chohan case, this opens the doors to much more misuse of power.

  15. Arshad Advocate Avatar
    Arshad Advocate

    excellent work Bro..

  16. G.Q Thebo Avatar
    G.Q Thebo

    I think this is a begnining of legislation in respect of cyber crime prevention and detection. Inspite of so called Draconian law a lot of people are misusing electronics in illegal and immoral acts.There is need to nip in the bud cyber crime other wise it will be uncontolable in Pakistan

  17. Mehmood Lodhi Avatar
    Mehmood Lodhi

    Dear Fellow Technoloy Lovers,

    Its good effort, to create the awareness, we need to understand that in this time where technology is leading, and NR3C is getting a lot of complaints every day, we need something related. Now if this ordinance is in place, we can work to make its implementation better. We need to educate all the stockholders, we need to start and association to save technology savvy people in cyber space and on ground so that no one can take extra benefit or negative from this ordinance. I have few points regarding this, as we need to make it right we need to do a lot of effort and start of that effort can be.

    a) Everyone and Anyone who was part of working on this document including legal and Technology people, need to educate all IT organizations specially those who are working on Information security, so that we can create a large number of people who actually understand what this is about
    b) create an awareness campaign for;
    a. Police
    b. FIA
    c. Lawyers
    c) Get support from all organizations and associations working for Information Security, to get their human resource for point # b

    Looking forward for feedback from all responsible people.

  18. Nadir Alvi Avatar
    Nadir Alvi

    Another one, good job done a law with full of intentions against Pakistani IT industry. and they think the can stop all Rubbish even law is vague didn’t cite a specific conditions and passed GREAT…………..and Rubbish