Tuesday 25 June 2013

NATIONAL SECURITY AGENCY OF UNITED STATES DID BOUNDLESS CYBER CRIME WITH “BOUNDLESS INFORMANT”

From the last few days, the news highlighting Edward Snowden whereabouts was of main interest but what did he revealed to Guardian and washington post  is much more important as it relates to national security. I didn’t used the name of any country when I talk about national security because this is the worst form of crime ever did in the history of nations where national security of all the countries is at risk. Therefore naming any one country will not do the job. We are talking about boundless crime did by US-NSA data mining tool namely “boundless informant”. It would be not out of place to mention what Julian assange (founder of wikileaks) Lawyer, Michael Ratner said, "You have to have a country that's going to stand up to the United States".
 Edward Snowden, a system administrator born on 21 june, 1983, employee/contractor in the CIA who gave documents to “The Guardian” and “The Washington Post” newspapers disclosing U.S. surveillance programs that collect vast amounts of phone records and online data in the name of foreign intelligence, often sweeping up information of American citizens. Through this tool officials have the ability to collect phone and Internet information broadly but need a warrant to examine specific cases where they believe terrorism is involved. And more surprisingly everything was being done under an unconstitutional statute of united states i.e. Foreign Intelligence Surveillance Act of 1978. American civil liberties union has challenged this act as unconstitutional and has also filed an appeal in the supreme court of United States which decided the matter namely Clapper Vs Amnesty International USA on 26th February 2013.    
As a Pakistani, I am least concerned with the internal matters of US, but what about our law, our information, our privacy, does it allow any one to violate the privacy of information of our nation. You must be shocked to know that Pakistan was the second largest country whose information’s privacy was compromised and 13.5 billion intelligence was violated by the US NSA. When I saw the heat image generated by the data mining tool i.e. boundless informant, there were only two countries in red colour and Pakistan was one of them. It means that we were on top of the list. What sort of information has been compromised is really important and can this happen again is more important. 
There are a number of questions which sparked in my mind as I saw the image. How is it possible, are we not protected as a nation. Where is the defence budget going if the information is not protected in Pakistan. Todays wars are not of weapons but of information. And we as a nation has failed to protect our information. In my point of view we need to take extra precautionary steps to fight against such acts of international cyber crime. It is very very alarming that how all the information was compromised without the intervention of our government. I am here to discuss and criticize on each and every level of our government. Whether it is the army who is concern with the national security, or it is the Pakistan telecommunication authority who is responsible to “promote and protect the interest of users of telecommunication services in Pakistan” u/s 4 (1)(c) of Pakistan telecommunication re-organization act 1996.  where is the writ of government, for god sake we are in the cyber era and we are still fighting Talibans for nothing. We don’t have any foreign policy w.r.t cyber crime, we do not have laws for cyber crime.  We are not even properly equipped with the level of expertise which are needed to counter cyber crime in todays world of technology. Our government must take concrete steps.

Saturday 22 June 2013

Cyber Laws in Pakistan


Cyber Laws in Pakistan don’t have any exceptional history, as seen in the international trend, the cyber law making in Pakistan started mainly after 2001 i.e. Electronic Transaction Ordinance 2002. Furthermore a very pointing law, promulgated in 2007, i.e. Prevention of Electronic Crime Ordinance 2007 (PECO). I happened to study the PECO in reference to some cases. It looks good, complete and comprehensive and covering crime from every angle committed in a cyber environment. In start, I feel good about it but later on one thing keeps bothering me i.e. it did not provide a complete remedy for Intellectual Property rights infringement.
Later on, somehow I came to get a copy of Indian Information Technology Act 2000 . Things were very disappointing. I feel a very big and huge unfilled gap in the legislation of PECO, 2007. In fact I personally didn’t notice it unless or until I happened to get the Indian act for comparison. This unfilled gap was the awareness.  Awareness methods through which one can keep himself safe and secure. Here I am giving a comparison in a table form for the chapters of IT BILL 2000(India), ETO 2002(Pakistan) and PECO 2007(Pakistan).


In the above mentioned table, I tried to bring things in a very simple comparison. Nature and the basic architect of the different laws can be easily classified to make some conclusion. If we have a look on the IT bill 2000, which is implemented in India, we will notice that the designer has designed the Law with its basic emphasis on the awareness and introducing safety procedures. Whereas if we have a look to our laws structure, we do find punishments but no procedure to avoid those punishments or to avoid becoming a target or part of any such criminal activity which comes in the domain of cyber environment. Do we find any such thing in our laws?
I appreciate the steps our government has so far taken in establishing grounds for Laws related cyber environment in Pakistan. My request to the government is to change the nature and style of our legislation. May be we can adopt any more better and advanced model of cyber environment then other countries but not more disappointing.  

What Measures Should Government take? 
An incomplete and criminal nature of legislation supports the law enforcement agencies to misuse the loop holes left in the legislation. Our law should be focused on the procedures one can take to avoid any mishap. It is very unfortunate that in PECO, we don’t even find a single chapter related safety precautions. We don’t find anything dealing with the procedures for avoiding any cyber crime.
According to my point of view, in today’s world, computers are the weapons and therefore if we equip someone with this weapon, it’s the duty of government to also give them awareness of this weapon for its positive use. The government should initiate awareness campaign. The main interesting thing in this awareness campaign is that domain of this campaign is well defined i.e. computer literate or technology literate. What I suggest is that the government should introduce a compulsory subject in universities, from where most of our technology related public belongs. Contents of such subject should be covering the cyber environment, how to avoid being a target of cyber crimes or becoming part of such crimes.  Such Subject should be   from the Government to guide and to educate the computer literates about these cyber crimes. This will result in a network of information and automatically we will see the results of such awareness and control over cyber environment.

Thursday 13 June 2013

whats there for the FIA-NR3C in budget 2013-Pakistan

the new Pakistan government has allocated PKR 147.7 million for the FIA- NR3C (national response centre for cyber crime) Rawalpindi. Hope they will also take initiative for the passing of new law related the cyber crime which is badly needed right now.
and one suggestion for the NR3C to use a part of this budget to promote the laws and they can even manage it by taking sponsors from telecom sectors. I think they will have no objection or problem in supporting the FIA- NR3C as they are one of the major affectees of cyber crime.