Unaccountable Big Brother

Unaccountable Big Brother

TWO revelations this week have highlighted the gaps in privacy rights and data protection in Pakistan.

One is the news that the personal and sensitive data of millions of Pakistanis is being sold publicly for a small amount, including that of the interior minister! Second is an investigative report by Amnesty International detailing the expansive technology-enabled state surveillance in Pakistan. The common thread between the two revelations is that they are both illegal and violate the fundamental rights of dignity and privacy in Pakistan.

The leaks of personal data that can be bought online include national identity card details, passport data, travel history, location etc. This is extremely alarming, as apart from privacy, this is a security failure. This can enable criminal activity, blackmail, fraud and even worse occurrences against anyone. How is sensitive personal data that citizens are forced to trust the state with so easily accessible?

What are the privacy and data protection protocols at Nadra, FIA, telecom companies and other government institutions that store this data? Why is it not stored in encrypted form with limited authorised access? And what consequences will those who sold this data in the black market face — especially the ones who enabled these leaks from the government databases?

Similarly, the Amnesty report details the level of mass surveillance that the state is carrying out. Citizens’ phones and computers can be turned into listening devices; conversations, emails and location data can be accessed without oversight or judicial authorisation, and there is no legal redress for those targeted.

Though the audio leaks case in the Islamabad High Court brought to the fore the Lawful Intercept Management System (LIMS) that snoops on citizens’ phone conversations, the Amnesty report tells us that the technology was developed by a German company, Utimaco, and supplied thr­ough a UAE company called Datafusion.

The Web Monitoring System (WMS) was supplied by a Canadian company Sandvine (now AppLogic Network) in 2018, but has been replaced by “new technology from China-based Geedge Networks, utilising hardware and software components supplied by Niagara Networks from the US and Thales from France … to create a new version of the firewall”.

The state’s surveillance certainly has a chilling effect.

These details show how a sophisticated system — which resulted in slower internet speeds by almost 40 per cent in 2024 and grave economic losses — acquired from multiple countries has created these illegal and unconstitutional surveillance systems in Pakistan.

The report details that LIMS is mandated by the Pakistan Tele­communications Authority (PTA) to be installed across telecommunication networks by private companies, allowing security and intel forces “to tap into it and access consumer data”. The report further details that the WMS also “allows authorities to block VPNs or any website deemed to be ‘unlawful’ content by the authorities”, showing the technical and logical link between surveillance and censorship.

This surveillance certainly has a chilling effect, as it is used to target political opposition, activists, journalists, and anybody the state deems worthy of snooping on, with complete impunity. The frequent incidents of financial scams and frauds that citizens have been reporting further prove the leaks of data that have become routine, and there seems to be little redress for these crimes once financial fraud has occurred against citizens.

The National Cybe­rcrime Investigation Authority must play its role of spreading awareness but also ensure that culprits of financial fraud are punished in order to deter such common practices of fraud. The PTA must ensure that no surveillance system is misused against citizens as LIMS is reported to be doing, and PTA’s licensees must also respect the laws and the Constitution rather than becoming accomplice in mass surveillance.

Whereas the state carries out surveillance under its perceived notions of security, the lack of legal cover for these invasive surveillance systems and the leaks of data that make personal details into a market commodity show how insecure and unsafe these systems really are.

A data protection law is a fundamental necessity to govern the right to privacy of Pakistanis that is afforded under Article 14 of the Constitution, and further expanded by several precedents in the superior judiciary, such as in the Benazir Bhutto case in 1988, the Ghulam Hussain case in 2010 and the Justice Qazi Faez Isa case in 2024. The Fair Trial Act, 2013, permits digital surveillance only after a warrant from a magistrate is granted; not the kind of mass surveillance that we are experiencing now.

The Amnesty report also highlights the violation of United Nations Guiding Principles on Business and Human Rights which require both states and companies to respect human rights, including in their exports. The sale of spyware and surveillance technology shows how states such as the US, France, Canada, the UAE and China violate these principles by allowing export of technology that carries out mass surveillance with no regard for citizens’ fundamental rights.

As the Amnesty report recommends, there is a dire need for a comprehensive legal framework that regulates surveillance to ensure that it is targeted and proportionate, and subject to independent oversight. Parliament must play its role in conducting a transparent inquiry into the illegal surveillance systems in Pakistan, and legislate to regulate this industry under its oversight. Parliament must also move forward on the Personal Data Protection draft that has been debated since 2020 but has not yet reached a stage where it can be enacted.

The leaks will also have a dire impact on the business community, which could, instead, have benefited from a strong data protection regime that, in turn, would have encouraged more foreign investment in the IT sector, as well as enabled the security of the vast amounts of data stored and processed by businesses, organisations, hospitals and educational institutes.

A state that surveils without oversight and leaks without consequence erodes the trust of its citizens. The security of citizens must be paramount for the state. And a post-26th Amendment judiciary must act to safeguard citizens’ rights if it is serious about disproving allegations of being controlled by the executive.

The writer is director of Bolo Bhi, an advocacy forum for digital rights.

X: @UsamaKhilji

Published in Dawn, September 13th, 2025

Read Full News

Related Posts

About Us

Pakistan News most reliable source for comprehensive coverage of all things Pakistan. As a dedicated news platform, we are committed to delivering accurate, unbiased, and timely information to our readers, both within all districts of Pakistan and across the globe. Pakistan News understands the importance of staying informed in today's fast-paced world. Our team of seasoned journalists and researchers work tirelessly to bring you the latest news, in-depth analyses, and thought-provoking insights on a wide range of topics, including politics, economy, culture, technology, sports, and more.

editor@pakistaninewspaperlist.com

© PakistanNewsPaperList.com, 2000 | All rights reserved.

Scroll to Top