KARACHI: Local and international rights groups have joined hands to speak out against the Prevention of Electronic Crimes Bill 2015 (PEC) which is currently being assessed by the National Assembly.
Human Rights Watch, Digital Rights Foundation (DRF), Privacy International (PI), Bytes for All and BoloBhi are among the signatories to a document drawing attention to the inadequate protection of internet users in the new cyber-crime bill.
Rights groups believe that the lack of scrutiny of the bill by individual stakeholders and the private sector prior to its being presented in the NA undermines the democratic process.
In addition, rights groups are of the view that several provisions in the bill restrict freedom of expression and impinge upon internet users’ right to privacy.
Misgivings about the PEC bill
- Lack of safeguards regarding right to privacy and freedom of expression breach Pakistan's obligations under international human rights law
- Allows government to order service providers to block access to any kind of internet content without any court approval which could lead to abuse of power
- A procedure to register complaints regarding the above with the right of appeal to an independent tribunal is not a requirement although it is permitted
- The federal government will be able to share intelligence with international spy agencies like the United States' National Security Agency (NSA) without the oversight of an independent body
- Telephonic and email data retention for up to one year expands powers of surveillance and is a regressive move compared to modern laws regarding electronic data retention
- Use of broad terms without clear definitions or specification of procedures regarding handling of data, leaving creation for such procedures at the discretion of the government
In an extensive legal analysis of the PEC draft, Privacy Inernational and the Digital Rights Foundation have proposed that "information-sharing with foreign governments and entities should be regulated by specific laws and subject to independent oversight".
They have said that a clear legal regime which is compliant with international law should govern data copied by the state.
These two rights groups believe mandatory retention of traffic data by service providers threatens users' right to privacy and that service providers should not be required to keep investigation or real-time collection and recording of data secret. The power to obtain decrypted information also needs to be regulated, they said.