REGULATING cyberspace is a challenging task for every nation. In Pakistan, the enactment of the Prevention of Electronics Crime Act (Peca), 2016, despite many reservations, was a step in the right direction due to the emerging cyber threats and the need to provide protection to citizens vulnerable to the misuse of technology. It has been more than a year since the law was promulgated, and its use must be evaluated.
Governments here tend to have a reactive approach when it comes to legislation, which leads to implementation issues later on. Despite one year of Peca, the ambiguity of certain provisions still persists. The law-enforcement agencies, eg the FIA, still seem to be oblivious to the nature of offences that Peca covers, and no formal training has been given in this regard despite the government’s guarantees to the Senate to do so when the law was proposed.
Section 51 of Peca empowers the centre to make rules on the qualification and training of officers and staff in general and for forensic experts; however, no rules have been notified. The lack of training has resulted in limited legal and technical capabilities of officials responsible for enforcing the law. Due to scarce resources and poor prioritisation, the FIA currently has only two public prosecutors in Sindh. The overburdened officials must prosecute all FIA cases, including those under Peca, which is an impossible task and causes inordinate delays in the judicial process.
The gravity of FIA’s limitations can be gauged from the fact that forensic reports of cases from 2015 are still due before the district courts in Sindh, highlighting the lack of capacity and resources at forensic labs. The absence of crucial, technical evidence and adequate prosecution is causing significant delays, and leading to the exoneration of criminals and increasing the frustration of complainants.
Similarly, judges designated to preside over cyber-related cases have not received the requisite training and have difficulty in comprehending technology-related offences and material evidence that can prove guilt or innocence. Judges are often unsure about basic issues such as jurisdiction and the procedure to be adopted in this emerging area of the law.
Under Section 53 of Peca, the FIA must submit a six-monthly report to both houses of parliament on cybercrime activities; however, FIA has failed to do this despite repeated requests by the Senate.
Cyberspace presents ever darker demons. Cross-border cybercrimes, cyberterrorism and cyber warfare are a real threat to the world including Pakistan. The effort to combat cyber offences such as terrorist recruitment, terror financing and hate speech cannot be made at a national level alone; these must be collective efforts undertaken by Pakistan and the international community. This is an area where Pakistan lags behind even more than it does in domestic implementation.
Cross-border cybercrime cases cannot be tackled due to the failure of the government to effectively engage in international dialogue and sign bilateral or multilateral treaties for aid in prosecution and investigation of offences related to cybercrime.
Curiously, as per Section 1 (4) of Peca, the law also applies to anyone outside Pakistan if they commit a cyber offence in the country. The provision essentially covers cross-border cybercrime. To prosecute violations on the internet, it is important for the government to have discussions with other stakeholders and governments for support and training. Here is an example of the challenge: if a person in a foreign country harasses or blackmails someone in Pakistan over the internet and the victim reports it, the FIA has no system in place to investigate or prosecute the perpetrator in the foreign country.
UN Resolutions 55/63 (2000) and 56/121 (2001) encourage states to strengthen anti-cybercrime laws, train law-enforcement agencies and promote public awareness so that they can prevent and combat cyber offences. They further urge states to establish joint legal regimes for curbing cybercrime, sharing information and mutual legal help in the investigation, apprehension and prosecution of cyber criminals.
There are regional and multilateral treaties and cooperation between countries to combat cyber offences; however, Pakistan has so far failed to build up international connections despite having the provision of ‘international cooperation’ in the cyber law
The law has failed on numerous fronts more than a year after its enactment. If the government truly wants to protect vulnerable individuals from cyber harassment and critical state infrastructure from cyberterrorism and cyber warfare, serious efforts are required to invest in the training and capacity-building of the currently ill-equipped and under-resourced FIA. Similar efforts are needed to train judges to understand the new legal framework and the complexities of cyberspace, and to engage with allies and the global community to participate in the evolving international law regime.
The writer is a high court advocate with an interest in international law.