Data protection

Published June 8, 2019

AN alarming yet little discussed practice has become routine in the lives of mobile users across the country; citizens find themselves being subjected to a flurry of unsolicited mass messages which can be categorised as spam, the objective being to sell a product or service. From home tutors and visa services to restaurants, refrigeration products and even matrimonial companies, a large range of brands and sellers target citizens through these SMS adverts with the hope of luring them into buying a product or service. Most citizens haven’t a clue about how these companies obtained their personal information, such as their mobile phone number or email — a fact that has been underscored in a detailed investigation published in this newspaper recently. The report lays bare how people are selling subscriber details of numbers from various mobile networks in Pakistan, as well as their call history and location. Data being sold in Pakistan has to do with Nadra number details, CNIC pictures, call detail record (CDR), IMEI scanning, bank account details and secure active Sims. Shockingly, when one such seller was asked if a family tree of an individual could be provided if CNIC details were given, the reply was in the affirmative and the price tags for family trees, with and without photos, were quoted.

The phrase ‘data has become the new oil’ prompts the reckoning that it is data that oils the engines of modern e-commerce. Companies both big and small are after the personal data of consumers in order to target their marketing campaigns to attract prospective customers. It is no secret that the personal information of citizens has been compromised. As rightly highlighted in this report, threats to Pakistanis’ personal information are growing as the country’s digital footprint expands, allowing businesses — and even criminals — to misuse private data they should not have access to. Other than instances where this data is obtained directly and with consent, it is largely disseminated after being leaked from databases which should be secure. In the report, the general secretary of the Pakistan Software Houses Association has argued that many leaks of mobile numbers from telecom companies are reported to have been carried out by individuals who either worked for these companies or had worked for them in the past. Nadra employees have faced the same allegations — but law-enforcement agencies did not act against the individuals due to the absence of complaints.

The government must immediately turn its attention to data-protection laws. It is clear that there is a systemic issue of leaks within institutions that have databases like telcos or Nadra which have private information. The breach appears to be more of a human problem than a technical one, and laws must be formulated so that action can be taken against individuals who leak data to various entities and make citizens vulnerable to exploitation.

Published in Dawn, June 8th, 2019

Editorial

Breaking the deadlock
09 Dec, 2022

Breaking the deadlock

PRESIDENT Arif Alvi and Finance Minister Ishaq Dar’s recent tête-à-tête to figure out a way to break the...
A targeted killing
09 Dec, 2022

A targeted killing

IF there were any doubts about a sinister, transnational plot to kill journalist Arshad Sharif, the 592-page report...
Dog-bite epidemic
09 Dec, 2022

Dog-bite epidemic

AN exploding population of stray canines has fuelled a dog-bite epidemic in Sindh, with the provincial health...
Worsening hunger
Updated 08 Dec, 2022

Worsening hunger

THAT the dollar liquidity crunch has started hurting the import of essential items such as vegetables and raw...
Bannu beheading
Updated 08 Dec, 2022

Bannu beheading

The state must take up the cudgels and neutralise barbarism before it spreads.
Smog misery
08 Dec, 2022

Smog misery

IF 2022 has taught us anything, it is that generations of reckless disregard for Mother Nature has accrued very ...