Cyber Laws in Pakistan

Presenting By:

Taha Mehmood

Agenda


Cyber Crime Cyber Laws Cyber laws in Pakistan Electronic Transaction Ordinance 2002
Overview Sections

  

Agenda


Electronic Crimes Bill 2007

Overview Sections

Opportunity for Business

Flexible Storage IT and Telecom professional salaries Data Storage Seriousness

Criticism

Cyber Crime


Activity in which computers or networks are a tool, a target, or a place of criminal activity. Cyber crime also stated as any use of a computer as an instrument to further illegal ends, such as
Committing fraud Stealing identities Violating privacy

It is also include traditional crimes in which computers or networks are used to enable the illicit activity. As the computer has become central to commerce, entertainment, and government. Cyber crime has grown in importance.

Examples:
E-mail account of a Federal Minister is hacked. Credit cards frauds reach to an alarming level. Visiting CEOs of Multinational Companies gets threatening E-mails. Financial institutions are the favourite targets of Cyber criminals --- worstly effecting the technological progress in the area of e Commerce.

Cyber Laws


The legal issues related to use of communications technology, particularly "cyberspace", i.e. the Internet. It is an intersection of many legal fields, like:
Intellectual property, Privacy

Cyber laws is an attempt to apply laws designed for the physical world to human activity on the Internet

Cyber Laws in the World

 

 

Electronic Commerce Act (Ireland) Electronic Transactions Act (UK, USA, Australia, New Zealand, Singapore) Electronic Transactions Ordinance (Hong Kong) Information Technology Act (India) Information Communication Technology Act Draft (Bangladesh)

Cyber Laws in Pakistan

  

 

There are different law are promulgated in Pakistan. These laws not only deal with crime of Internet These deal with all dimensions related to computer & networks. Two of them are most known. They are:
Electronic Transaction Ordinance 2002 Electronic / Cyber Crime Bill 2007

Electronic Transaction Ordinance 2002



Overview
The Electronic Transactions Ordinance (ETO), 2002, was the first IT-relevant legislation created by national lawmakers. A first step and a solid foundation for legal sanctity and protection for Pakistani e-Commerce locally and globally. Laid the foundation for comprehensive Legal Infrastructure. It is heavily taken from foreign law related to cyber crime.

Pre-ETO 2002
     

No recognition of electronic documentation No recognition of electronic records No recognition of evidential basis of documents/records Failure to authenticate or identify digital or electronic signatures or forms of authentication No online transaction could be legally binding Electronic Data & Forensic Evidence not covered. No Rules

Sections
There are 43 sections in this ordinance It deals with following 8 main areas relating to eCommerce.
       

Recognition of Electronic Documents Electronic Communications Digital Signature regime and its evidential consequences Web Site & Digital Signatures Certification Providers Stamp Duty Attestation, notarization, certified copies Jurisdiction Offences

Important Sections are:

36. Violation of privacy information
     

gains or attempts to gain access to any information system with or without intent to acquire the information Gain Knowledge Imprisonment 7 years Fine Rs. 1 million

37. Damage to information system, etc.



    

alter, modify, delete, remove, generate, transmit or store information to impair the operation of, or prevent or hinder access to,information knowingly not authorised Imprisonment 7 years Fine Rs. 1 million

38. Offences to be non-bailable, compoundable and cognizable



All offences under this Ordinance shall be non-bailable, compoundable and cognizable.

39. Prosecution and trial of offences.



No Court inferior to the Court of Sessions shall try any offence under this Ordinance.

Post ETO 2002



Electronic Documentation & Records recognized Electronic & Digital forms of authentication & identification given legal sanctity Messages through email, fax, mobile phones, Plastic Cards, Online recognized.

Electronic/Cyber Crime Bill 2007

Overview


Prevention of Electronic Crimes Ordinance, 2007 is in force now It was promulgated by the President of Pakistan on the 31st December 2007 The bill deals with the electronic crimes included:
Cyber terrorism Data damage Electronic fraud Electronic forgery Unauthorized access to code Cyber stalking Cyber Spaming

It offers penalties ranging from six months imprisonment to capital punishment for 17 types of cyber crimes It will apply to every person who commits an offence, irrespective of his nationality or citizenship. It gives exclusive powers to the Federal Investigation Agency (FIA) to investigate and charge cases against such crimes.

Punishments


Under this law there are defined punishment for the offence. Every respective offence under this law has its distinctive punishment which can be imprisonment or fine.

Offence
Criminal Access Criminal Data Access Data Damage System Damage Electronic Fraud Electronic Forgery Misuse of Device Unauthorized access to code Malicious code Defamation Cyber stalking Cyber Spamming Spoofing Pornography Cyber terrorism

Imprisonment (years)
3 3 3 3 7 7 3 3 5 5 3 6 months 3 10 Life

Fine
3 Lac 3 Lac 3 Lac 3 Lac 7 Lac 7 Lac 3 Lac 3 Lac 5 Lac 5 Lac 3 Lac 50,000 3 Lac ----10 Million

Sections


Data Damage:
Whoever with intent to illegal gain or cause harm to the public or any person, damages any data, shall come under this section.

Punishment:
3 years 3 Lac

Electronic fraud:
People for illegal gain get in the way or use any data, electronic system or device or with intent to deceive any person, which act or omissions is likely to cause damage or harm.

Punishment:
7 years 7 Lac

Electronic Forgery:
Whoever for unlawful gain interferes with data, electronic system or device, with intent to cause harm or to commit fraud by any input, alteration, or suppression of data, resulting in unauthentic data that it be considered or acted upon for legal purposes as if it were authentic, regardless of the fact that the data is directly readable and intelligible or not.

Punishment:
7years 7 Lac

Malicious code:
Whoever willfully writes, offers, makes available, distributes or transmits malicious code through an electronic system or device, with intent to cause harm to any electronic system or resulting in the theft or loss of data commits the offence of malicious code.

Punishment:
5 years 5 Lac

Cyber stalking:
Whoever with intent to harass any person uses computer, computer network, internet, or any other similar means of communication to communicate obscene, vulgar, profane, lewd, lascivious, or indecent language, picture or image. Make any suggestion or proposal of an obscene nature Threaten any illegal or immoral act Take or distribute pictures or photographs of any person without his consent or knowledge Commits the offence of cyber stalking.

Spamming:
Whoever transmits harmful, fraudulent, misleading, illegal or unsolicited electronic messages in bulk to any person without the express permission of the recipient, involves in falsified online user account registration or falsified domain name registration for commercial purpose commits the offence of spamming.

Punishment:
6 month 50,000

Spoofing:
Whoever establishes a website, or sends an electronic message with a counterfeit source intended to be believed by the recipient or visitor or its electronic system to be an authentic source with intent to gain unauthorized access or obtain valuable information Later, Information can be used for any lawful purposes commits the offence of spoofing.

Cyber terrorism:
Any person, group or organization who, with terroristic intent utilizes, accesses or causes to be accessed a computer or computer network or electronic system or device or by any available means, knowingly engages in or attempts to engage in a terroristic act commits the offence of cyber terrorism.

Punishment
Whoever commits the offence of cyber terrorism and causes death of any person shall be punished with death Or imprisonment for life, and with fine Otherwise he shall be punishable with imprisonment of ten years or with fine ten million rupees

Opportunity for Business

Flexible Storage IT and Telecom professional salaries Data Storage Seriousness

Criticism


 

There are seemingly 21 cyber issues covered in this Bill It may seem to cover all aspects of the new digital era. But detailed look shows quite the contrary. Practically in all issues the government has gone the extra mile to reinvent a new definition, significantly deviating from the internationally accepted norms.

 

There seems to be an elaborate play of words within the document allow room for the regulating body (FIA) to confuse and entrap the innocent people The FIA, has been given complete and unrestricted control to arrest and confiscate material as they feel necessary A very dangerous supposition Safeguards and Protection

One example of the hideous nature of the bill:

The Government has literally attempted to insert a new word in the English language. The word TERRORISTIC is without doubt a figment of their imagination vocabulary Hence they attempt to define the word, quite literally compounding the problem at hand They have actually defined what real-life terrorism might be But fail to explain what they mean by the word Cyber in cyber terrorism. the concern is that there happens to be no clear-cut explanation on how a Cyber Terrorism crime is committed.

Special Agency


Federal Intelligence Agency

NR3C (National Response Center for Cyber Crimes)

Sindh Police Cyber Cop

NR3C
Require any person where: reasonable technical and other assistance require any person to such decrypt information Obstruction 1 year imprisonment 1 hundred thousand rupees
 

NO JUDICIAL SAFEGUARD

Top Ten Victims

 

The 2007 Internet Crime Report cites the top ten countries by amount of perpetrators of online crime In descending order United States United Kingdom Nigeria Canada Romania Italy Spain South Africa Russia Ghana

Facts & Figures



Americans reported losses of US$240 million from global cyber-crime in 2007

A $40 million increase from 2006

The I3C received 206,884 complaints of online fraud in 2007

a decrease from the previous years 207,492 complaints and over 231,000 complaints in 2006.

Facts & Figures



The United Kingdom is listed second in a report on global cyber-crime statistics, behind the United States. The UK Cybercrime report:
There were 850,000 instances of sex crimes


where individuals were cyberstalked or received unwanted sexual approaches and paedophiles grooming underage children for sex.

There were 207,000 financial frauds committed last year up more than 30 percent on a similar study in 2005 and eclipsing outstripping the 199,800 offline frauds. There were 92,000 cases of identity theft 144,500 cases of hacking into another PC.

Crimes Reported in Pakistan



A total of 57 cases have been registered under the ETO 2002 in the years 2005 & 2006.
2006 14 37 33 7 105 196 2005 20 30 24 2 148 224 Total 34 67 57 9 253 420

Offences IPR Crimes Spurious Drugs Cyber Crimes Counterfeit Currencies Others Total:

Thanks for Your Attention..