Over the last few years, Internet censorship and surveillance have been on the rise in Pakistan. International reports have pointed to the alleged presence of FinFisher (espionage and surveillance equipment) and Netsweeper (filtering and blocking equipment) in the country. In recent months, Internet users have faced service disruptions – slow Internet speed as well the inability to access several websites.
Very recently, as a result of an investigation into customer complaints,popular VPN service Spotflux officially announced that their data centers had been blocked by the government of Pakistan. Since 2012, when access to YouTube was blocked in Pakistan, Spotflux became one of the popular methods of circumventing the blockade.
The decision to block VPNs was first made in 2010 under the Monitoring & Reconciliation of International Telephone Traffic Regulations 2010 (MRITT). An official notification of blocking VPN in Pakistan was issued in July 2011. The notification, issued by the Pakistan Telecommunication Authority (PTA), cites “prohibition to use all mechanisms which conceal communication to the extent that prohibits monitoring”.
The regulation mandates the monitoring and blocking of any traffic (encrypted or not), including voice and data, originating or terminating in Pakistan. This includes all encrypted VoIP services. If followed strictly, the MRITT could legitimize blocking of Skype and other VoIP services like Viber [Read about Sindh Interior Ministry’s attempt to block Skype, Viber & Whatsapp]. Since the regulation requires Internet monitoring on a massive scale, it allows the blocking of VPN services as they are considered an interference with the ability to monitor Internet traffic.
The implementation of this clause raises several concerns. It has the potential to hamper online businesses in Pakistan and violate the privacy rights of Pakistani citizens. Sub clause (6d) of clause 4 of Part II “Establishment, administration and features of the Monitoring System” mentions that licensee that deploy the monitoring system are responsible for providing data to the Authority when it is required.” This data includes a complete list of Pakistani customers and their details is included.
In 2011, the official announcement to ban VPN services was met with severe criticism from the business community, specially the banking sector. Despite warnings by the PTA, a blanket ban on VPNs was never implemented. Instead, the regulation was only applied to commercial connections, where users were told to register their IPs with PTA so that it could be added to the whitelist. If they were using VoIP or VPNs, it had to be with the explicit permission of the Authority.
A press release published in 2007 on PTA’s website, provides details of the agreement signed between Inbox Technologies, developed by NARUS, to acquire a system that enabled the authorities to monitor and block “grey traffic” at the IP level. Last year, PTA acquired new filters to monitor grey traffic in an effort to boost the “anti-terror” fight. This was the result of the International Clearing House (ICH) Policy Directive issued by Ministry of in August, 2012. The system, which is officially called Grey Traffic Mitigation System (GTMS) became operational in October 2013, as reported to the National Assembly.
It now appears that the ISI (Inter-Services Intelligence), and not ISPs or PTA, are managing these filters to monitor and block grey traffic. But what legal mandate does the ISI have to operate the filters?
IP-level blocking and the manner in which it is being implemented is posing several problems for Internet service providers, businesses and Internet users alike. The recent surge in blocking of websites and service disruption has been reported by Internet users. PTA Chairman’s statement to the press suggests that the regulator is currently working on fixing the issues and reportedly working on getting the filtering equipment back under PTA’s control. However, housing the system under one authority vs another is not going to be enough. Acknowledging the importance of encryption, user privacy, and the integrity and security of the banking sector and business and financial transactions, is essential.
Read ISPAK’s (Internet Service Providers Association of Pakistan) letter to the Ministry of Information Technology & Telecom regarding IP blocking below:
02 December 2013
Ms. Anusha Rahman Ahmad Khan
Minister of State for Information Technology
Ministry of IT
Government of Pakistan
Subject: IP Blocking Issues for Broadband Operators, Call Centers and Internet Users
Under the recently established system by the Government of Pakistan to curb grey traffic, IP addresses blocking on Internet backbone has been started. While the intentions for having such a system may be good, the Government has unfortunately done another experiment this time at the risk and cost of Internet users and broadband operators of the country by giving this systems in the hands of Inter Services Intelligence (ISI), an organization that has a different mandate altogether and has no mechanism in place to address various issues faced by the industry.
2. Broadband operators and call centers are prime victim of this mechanism. Legitimate and even whitelisted IP addresses of operators are getting blocked without any reason. In last week, IP addresses of DNS, Authentication Servers and Core Routers of Qubee, a leading a WiMax operator, got blocked twice on the same day, resulting in jamming of country wide network and leaving thousands of customers screaming. IP addresses of the other operators including WiTribe, Linkdotnet, etc., are also getting blocked. Many customers use VPNs (virtual private networks) on Internet to connect to their proprietary and secure networks for various business applications. These VPNs, which are now integral part of any Internet connection, are also getting blocked left, right and center with no solution in place to allow legitimate users and filter grey traffic.
3. Leading call centers and software houses of the country, including TRG, Ovex, Shellby and so many others are running from pillar to post to get their IPs whitelisted. PTA officials seem helpless because the system is not in their control and their requests for IP whitelisting are apparently not handled by the ISI in a timely manner. ISI is also reportedly dependent upon the vendor who have supplied this system. So the red-tape circle of whitelisting on IPs is extended from the customer to the operator, from the operator to PTA, from PTA to ISI and ISI to the vendor, and same return path. It is taking weeks to resolve the issues that should have been addressed in minutes.
4. The whole Internet traffic of the country has been left at the mercy of a system that is being operated in an amateur manner and at snail pace in totally disregard to the agony faced by the operators, call centers and Internet users. Call centers are loosing huge foreign exchange revenue and Pakistan is getting bad publicity in international business community.
5. The media has previously reported that US$27 million were unofficially diverted from controversial ICH Agreement to enable the purchase of IP Blocking system in total disregard to Public Procurement Rules and bypassing competitive bidding. The Internet industry has thus been kept hostage to a system whose origin is illegal and design and operations totally non-professional. The grey traffic is now reportedly being shifted to Ku band satellite dishes and legitimate Internet routes are being blocked.
6. We request you to kindly look into the matter personally and get a proper standard operating mechanism in place where IPs are whitelisted and such lists are implemented within 48 hours with no whitelisted IPs subject to blocking. There should be no limit on the number of IPs got whitelisted by a licensed operator Complaints of operators should be addressed on 24 x 7 basis with resolution time and escalation levels defined. In case of blocking of whitelisted IPs of the operators, financial compensation should be given to the operators by the Ministry of IT as operators are now being asked by their customers for compensation.
With kind regards.
Wahaj us Siraj
c.c. Mr. Akhlaq Ahmad Tarar, Secretary, Ministry of IT, Government of Pakistan, Islamabad.
Chairman PTA, Pakistan Telecommunication Authority, Islamabad
Member Telecom, Ministry of IT, Government of Pakistan, Islamabad
Member IT, Ministry of IT, Government of Pakistan, Islamabad
See timeline of encryption blockade in Pakistan:
With legal research assistance from Nighat Dad, Digital Rights Foundation