Earlier this week, Senator Mushahid Hussain presented a bill titled ‘Cyber Security Council Bill 2014’ in the Pakistan Senate. The bill, if passed by the parliament, will result in the creation of a dedicated council assigned to draft policy, guidelines and strategy on cyber security issues, as well as monitor relevant legislation, in accordance with ‘international best practices.’
On the surface, the bill presents itself as largely progressive and useful when it comes to strengthening the Pakistani information groundwork from alleged cyber-attacks (especially between India and Pakistan), external surveillance (especially NSA), and other threats. This is all good, as the security and upkeep of information infrastructure is one of the prime responsibilities of the Pakistani government.
However, the issue of ridding cyberspace of all alleged evils at large through government prescribed action, especially from the perspective of human rights, has never been as simple as it is usually made to appear.
For starters, it is important to observe that the council will have representation from a diverse range of backgrounds, such as the government, academia, and representatives of corporate interest, but there is no provision for this council to be joined by advocates and experts from the human rights and civil society fora.
However, there is specific provision for globally acclaimed ‘Enemies of the Internet’, such as the Pakistan Telecommunications Authority (PTA), to actively participate as a part of the proposed council’s ‘Operational Advisory Group ’.
Once passed, the bill, with its existing excessively vague policy language, will allow the proposed council’s members a broad range of powers, with little or no space for being challenged by those who are critical of the government’s violations.
Given the state's track record, it is widely accepted that the country’s continuing information controls and legal regime have largely strengthened legislation in favour of authorities making civilians, especially human rights defenders and journalists, the target of a wide range of violations.
The bill, in its responsibilities, does not even once mention the development of safeguards for protecting individuals and their fundamental rights to privacy, freedom of expression, and access to information, which are actively being trampled upon by the authorities under the exploitative pretext of ‘national security’.
Also read: Homeland: E-Security
It is not possible to deny that a country’s sovereignty is only as important as the wellbeing of the residents within the country’s boundaries.
Furthermore, it may not be a far stretch to question how the role of the proposed council will play in unison with the implementation of the highly criticised anti human rights legislation such as the Fair Trial Act, Pakistan Protection Ordinance, and the Prevention of Electronic Crimes Act, each of which carry the potential to rip apart fundamental rights, especially in the context of the digital realm.
Whereas Senator Hussain’s presentation of the bill directly refers to the breach of Pakistani sovereignty by NSA surveillance as an important reason for Cyber Security Council, the most important question remains unanswered:
Is Pakistan’s sovereignty only about protecting certain ideals of security, or are the people of the country who are being cannibalistically subjected by the government to illegal mass surveillance and censorship also a part of the equation?
After the Snowden leaks, there is ample evidence to prove that mass surveillance by predators such as the NSA is not just limited to the use of sophisticated technology breaking though unsuspecting users’ weak firewalls across the globe. A large number of violations have taken place through the use of backdoors and secret surveillance deals with makers of proprietary software.
In fact, the Pakistani government itself, has one such censorship deal with Facebook. Therefore, it is important to assess if the responsibilities of the proposed council would also extend to pushing for an end to use of imported predatory surveillance and censorship technology such as Finfisher and Netsweeper, which may very well be sharing every bit of data that they come across with patronising countries such as the five eyes.
Also read: Cyberstalking: New challenges
Therefore, with only NSA playing the role of global villain post Snowden leaks, the bill fails to address the Pakistani government’s violations of privacy of its people in case of any dubious information sharing or surveillance arrangement(s) with countries deemed as political allies.
While some parts of the bill may actually help improve Pakistan’s cyber security situation, if used in the context of political cyber warfare, for example, it is essential to revisit the proposed legislation holistically.
Such legislation needs to be rewritten in light of human rights implications, and the existing draconian information control regime that the government - under influence from the country’s security establishment - is so ardently creating.