The ARTICLE 19 and Digital Rights Foundation Pakistan are concerned about the draft Prevention of Electronic Crimes Act of Pakistan 2014 (Draft Law) currently being prepared for presentation before the Pakistani Parliament. Although the Draft Law contains a number of welcome procedural safeguards, several provisions violate international standards on freedom of expression. We therefore call on the Pakistani government to amend the Draft Law in accordance with our recommendations below before submitting it for Parliaments consideration.

The Draft Law

The Draft Law, which has been drafted by the Ministry of Information Technology and Telecommunications, establishes specific computer crimes and procedural rules for the investigation, prosecution and trial of these offences. The Draft Law criminalizes:

• illegal access to and interference with programs, data or information systems

• cyber terrorism

• electronic forgery and fraud

• the making of devices for use in these types of offences

• unauthorised interception of communication.

• Protecting human rights within computer crime legislation

ARTICLE 19 and Digital Rights Foundation Pakistan welcome the efforts of the Pakistani government to provide adequate procedural safeguards in the context of cybercrime investigations. However, all regulation of computer crimes must include the protection of human rights, in particular:

Article 19 of the International Covenant on Civil and Political Rights (ICCPR), to which Pakistan acceded in 2010. This defines the right to freedom of expression and sets out the requirements for limitations to this right. States can limit freedom of expression only in the interest of protecting reputation, national security, public order, health and morals.

Article 17 of the ICCPR, which guarantees the freedom of individuals from arbitrary or unlawful interference with their privacy and correspondence.

In General Comment 34 on Freedom of Expression, the UN Human Rights Committee states that extreme care must be taken in crafting and applying laws that purport to restrict expression in order to protect national security. Whether characterised as cyber-crime laws, treason laws, official secrets laws or sedition laws they must conform to the strict requirements of Article 19(3).

In General Comment 16 on the Right to Privacy, the UN Human Rights Committee states that interference by states can only take place when based on a law which itself specifies in detail the precise circumstances in which such interference may be permitted.

Our concerns

In the light of these standards, ARTICLE 19 and Digital Rights Foundation remain concerned that the Draft Law violates international standards for several reasons:

Lack of clear definitions: A number of definitions in the Draft Law are unclear, notably the definition of content data, which partially reproduces the definition of computer data as stipulated in the Cybercrime Convention.

This is confusing as computer data and content data are separate concepts. In other instances, the Draft Law fails to define important terms such as information systems or program or data. The lack of clear definitions in the Draft Law means it is more open to abuse and is more likely to criminalise innocuous behaviour, such as accessing a website in breach of its terms of service. By the same token, this endangers the right to freedom of expression. We recommend that content data is replaced by computer data in the Draft Law and refer to the Cybercrime Convention for a definition of computer systems.

Lack of public interest defence for hacking types of offences: The Draft Law criminalises unauthorised access to information systems, programs or data. While the Draft Law is presumably aimed at criminalising hacking, it fails to provide a public interest defence for cases where this type of conduct takes place for legitimate purposes, such as investigative journalism or research.

Overly broad cyber-terrorism offence: Section 7 (a) and (b) fails to make an explicit reference to “violence” as part of the offence of cyber-terrorism. Cyber-terrorism should be more clearly linked to the risk of harm or injury in the real world, and in particular harm against the welfare of individuals. It should not be equated with even moderate disruption of public services or damage to property. It is not clear that sections 7 (1) (b) (i) and (ii) would meet that threshold if read independently from Section 7 (1) (b) (vi).

Criminalisation of “defamation against women”: Although the attempts to offer special protection to women (e.g. through prohibitions on threatening sexual acts) are laudable, we find the provisions of Section 13 of the Draft Law problematic. Section 13 criminalises “defamation against women” and other vaguely phrased offences, such as “distorting the face of a woman”.

Lack of procedural safeguards against surveillance activities carried out by intelligence agencies: Although efforts have been made to provide effective procedural safeguards against unchecked surveillance by law enforcement agencies, the same is not true of intelligence services, which remain subject to the provisions of the Pakistan Telecommunications (Re-Organisation) Act 1996.

In our view, if the Draft Law were to be adopted in its current form, it would be in breach of the right to freedom of expression and privacy under international law.

We, therefore, call on Pakistani legislators to protect the rights to freedom of expression and privacy in accordance with Pakistans obligations under international by reviewing the Draft Law in line with the above recommendations.

By Web Team

Technology Times Web team handles all matters relevant to website posting and management.