Upon close analysis, the Prevention of Electronic Crimes Bill that recently came out of the works in Pakistan could be the worst among all the bills that are posing as cybercrime prevention legislation. The Express Tribune published an article covering the School of Tomorrow conference in Karachi where the PECB was denounced by many as impractical, self-serving, and a curse among other colorful negatives. The latest version of the bill that first reared its ugly head in January of 2015 will soon be voted on by the National Assembly.

Famed Cyber Bill Consultant Reviews PECB

Barrister Zahid Jamil, who is famous for consulting with several governments on their proposed cybercrime legislation, was quoted at the event as saying that the PECB was a way for the government to “criminalize actions or words against them.” He says that the bill was written for no other purpose than political gain. We are warned not to be fooled by the country’s move to accept and implement progressive policies in the telecommunications sphere. Opening up to new mobile technologies does not mean that Pakistan is ready to let go of control over content sharing in the country.

Two speakers known as journalists with unwaveringly even takes on issues, Fahad Desmukh and Farieha Aziz, echoed Jamil’s sentiments. They simply could not find anything positive to say about the bill. It is an invasive piece of work that human rights groups and prominent members of the tech industry cannot help but condemn as well. The bill does not provide for any balanced oversight from the experts and is bound to damage the IT industry that just began to boom in Pakistan a few short years ago. Pakistanis have rights under their constitution, and these rights are being severely endangered by the bill, says Human Rights Watch.

The Lie

The Prevention of Electronic Crimes Bill was introduced as a way to fight cyber threats, as was said of many other so-called cybercrime bills like CISA in the US. It is meant to manage threats such as cyber stalking, online fraud schemes, and cyber bullying. But what the bill really does is try to make criminals out of ordinary Internet users who use certain kinds of software and tools, or who just want to exercise the right of free speech. Basically, the government just gets a load of powers that allow them to censor content and spy on people without being answerable to anyone.

Free speech is definitely under fire here. Sections 9 and 10 detail actions that are implied as being part of terrorist or bullying plots but that are really just about sharing an opinion. The bill talks about 5 years in prison plus a ten million rupee fine for offenses. The problem is that these offenses are undefined, so any information shedding a positive light on a person who may have been wrongly accused is punishable. The bill uses terms like hatred and terrorism, but these words can often be interpreted as anything that is not in line with the current government’s stance. Involvement with certain “proscribed organizations” is also punishable, though these groups are not identified. The offense of cyber-terrorism threatens up to 14 years in jail for anyone who basically gets another person excited over something perceived as negative that the government did.

The first clue that the Pakistani government had no intention of creating a bill that effectively handles digital issues is that no experts in the field were consulted. When dealing with matters that have a huge technical side, specialists must be involved so that they can help legislators to clarify language that would otherwise leave the bill open to a lot of dangerous interpretations. In the US, we have seen this abuse happen with the Computer Fraud and Abuse Act, causing innocent Internet users to be taken to court over the slightest mistake.

In Pakistan, a small mistake could soon mean 3 years’ worth of jail time under the new law. Such a mistake, as defined in the bill under sections 3 and 4, is called unauthorized access. But someone could actually happen upon a certain page by accident without even taking any steps to bypass security lockouts. This is just like what happened in the US with the defective license plate readers that were feeding to servers with open access webpages that anyone could read. So someone inadvertently clicks on a search result and that will be enough to get them sent to prison. What is worse is that section 2 of the bill defines information so broadly that an Internet user would find it very difficult to access any kind of data, video, message, software, etc., without being liable under the law.

The government may be trying to make the use of unblocking tools and anti-censorship technologies like VPNs and Tor illegal by using such language that is so vague. They would of course not want to specifically say that these tools are going to be banned because they would not want to get into any discussions as to why they want to ban technologies that secure users or why they are supporting content censorship. There is also a lot of other very vague language in the bill that can technically land a person in jail for, say, having a smartphone that is set to scan for available public WiFi connections. This bill is a true nightmare for anyone who uses the Internet at all.