Fact: All those using the above-mentioned services are under surveillance
Privacy International (PI), a London-based organization that specializes in investigating government surveillance behaviour, published a report titled Tipping the Scales: Security & Surveillance in Pakistan. Privacy International’s detailed report on surveillance in Pakistan reveals that not only has the country’s government and security agencies been conducting mass surveillance, but they have also been cooperating with international agencies such as the National Security Agency (NSA) of the United States and Government Communications Headquarters (GCHQ) of UK, providing them with data of Pakistani citizens. The report also provides insight on the companies that have been participating and enabling such practices through the sale of communications surveillance equipment, as well as providing assistance in the implementation of such systems.
According to the report, Pakistan is the largest recipient of NSA funds and enjoys a long-term partnership status. As stated in the report, a “June 2012 NSA document recently published, shows that the NSA, through its SKYNET programme, harvests call data from Pakistani telecommunications providers (though does not specify how) and that 55 million phone records were fed into an NSA analysis system for an analysis exercise.” The NSA is not the only foreign agency surveilling Pakistani citizens. In June 2015, The Intercept revealed Cisco routers had technical vulnerabilities that the GCHQ took advantage of, and used reverse-engineering software to access Pakistan’s Internet Exchange. Not only did the GCHQ then have the ability to surveil any Internet user in Pakistan, but could also reroute Internet traffic to its personal collection systems.
Local companies complicit in surveillance are named in the report. These include: Pakistan Telecommunications Company Limited (PTCL), Warid Telecom, Mobilink, Ufone, Telenor, Wateen, Siemens Pakistan, China Mobile Pakistan. Nokia Siemens Networks (NSN) provided surveillance equipment to Ufone, Telenor, Mobilink, PTCL, and has been providing interception solutions to Pakistan since the late 1990s. Other companies providing surveillance equipment to Pakistan include: Alcatel (France), Atis (Germany), Ericsson (Sweden), Huawei (China), SS8, and Utimaco.
As referenced in the PI report, PTA has made it mandatory for service providers to make their networks “lawful interception-compliant.” VPNs and encryption are officially disallowed under the Monitoring & Reconciliation of International Telephone Traffic Regulations 2010 (MRITT). This directive, specifically through Section 4 subsections (2), (5) and (6) requires service providers to deploy systems capable of monitoring voice and data – at their own cost. The report explains that in order to be compliant, providers have to either install the required component on their networks, or allow external “probes” on transmission cables, which would allow signals to be sent to monitoring agencies. Authorities also have the ability and option to install high powered probes without the aid of the providers, gaining access to all user data.
The invasion and interference with private data without the knowledge or consent of citizens is a clear violation of civil liberties. Not only is the use of such methods and equipment a breach of privacy, but it also makes a user vulnerable to other external threats online. These softwares open the door to identity theft, weaken secure online banking, and leave information systems susceptible to viruses and hackers. Moreover, this information can also be misused by officials and authorities managing these systems – as they have been in the past.
Over the past few years, it has become evident that governments around the world have taken liberties which were not theirs to take in the first place, completely disregarding the principles of human rights. Under the guise of “anti-terrorism” initiatives, Pakistan too has passed laws and policies that are excessive and violate civil liberties.
Pakistan has ratified the International Convention of Civil and Political Rights (ICCPR). Article 17 of the Convention bars states from interfering with the privacy, home life or correspondence of its citizens. Pakistan is also a signatory to the Cairo Declaration on Human Rights in Islam, Article 18 of which states that spying on a citizen is not permitted. The Constitution of Pakistan guarantees through Article 14 (1) that a citizen has a right to privacy. Yet, we have legislation like the Anti-Terrorism Act (1997, amended 2014), Investigation for Fair Trial Act (2013), Pakistan Protection Act (2014) in place, allowing authorities unfettered access to private communication, on mere suspicion. The Prevention of Electronic Crimes Bill (2015), in its current form, will take data collection and exchange, interception, censorship and monitoring of citizens to a whole new draconian, legal level.
The Internet and communications technology, used by citizens for expression, protest, critique – all of which are rights – stand affected. The deployment and use of invasive surveillance systems are fast turning such technologies into arrest warrants and spaces into prisons. Already, the very foundation of guaranteed rights are being eroded at by such practices. If this continues – especially through law – any semblance of rights or liberty will be lost. It is imperative the Pakistan government and governments around the world be held accountable by their citizens for such grave violations, and that we move towards transparent and protective policies and practices. Governments must uphold and protect civil liberties. It is their utmost duty to respect human rights and put in place protections.
Read more here: Resources on Filtering and Surveillance in Pakistan