Pakistan Latest To Put In A Membership Application For The 'Privacy Is So 2012' Club
from the oh,-look,-another-one dept
Recently we've been reporting how some countries seem to be trying to play catch-up with the NSA and GCHQ when it comes to surveillance. Here's the latest aspirant to the club -- Pakistan:
The government of Pakistan is proposing a new law that significantly threatens privacy rights, in a blatant attempt to establish a legal regime containing broad powers when it comes to obtaining, retaining, and sharing data obtained through criminal investigations, including communications data.
The Privacy International post quoted above goes on to spell out the details of the proposed Pakistani law. Naturally, there's data retention to obtain the data. The new law:
would require a service provider, which is defined in broad terms, to "within its technical capability, retain its traffic data minimum for a period of ninety days" (a requirement may already be in place under the Electronic Transaction Ordinance, 2002). The definition of traffic data includes information "indicating the communication's origin, destination, route, time, data, size, duration or type of underlying service".
But alongside this affirmation of older powers, there are plenty of new ones setting out some of the things the Pakistani government can do with data it acquires:
The draft law contains a troubling provision that would allow the Federal Government of Pakistan to forward information obtained from investigations under the Act to foreign agencies or international agencies. A prior request from the foreign entity would not be required to exercise this power.
Presumably this will allow Pakistan to offer to swap data with the security agencies of other nations in order to obtain information on people of interest. And as Privacy International points out, once it's gone, it's gone:
The information at stake is expansive: "text, message, data, voice, sound, database, video, signals, software, computer programs, codes including object code and source code". The information shared could include particular sensitive information about individuals or large quantities of data involving significant numbers of people. Once this information has left the hands of the Federal Government, it would no longer be subject to national law and could be used by foreign entities as they see fit.
The new law would also authorize data-flows in the other direction:
Another section, on "trans-border access", would permit the Federal Government or investigation agency to access data that may be "located in a foreign country or territory, if it obtains the lawful and voluntary consent of the person who has the lawful authority to disclose it". This could include personal data held by foreign corporations. This opens up the possibility of abuse, as "trans-border access" could be used to circumvent the safeguards established in other parts of the draft law.
It's easy to see how global companies like Google and Facebook might be persuaded that it would be in their best interests -- if they wish to continue to operate in Pakistan -- to hand over information about their users, stored outside the country's borders. And of course, once some or all of this proposed law is passed, other countries will feel even more entitled to follow suit.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: pakistan, privacy, spying, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
That'll be interesting to sort out...
[ link to this | view in chronology ]
Operating
> Facebook might be persuaded that it would be in their best
> interests -- if they wish to continue to operate in Pakistan --
> to hand over information about their users, stored outside
> the country's borders.
That's the great thing about the internet-- Google and Facebook don't have to actually be *in* Pakistan in order to operate there.
[ link to this | view in chronology ]
Privacy Policy should be change
You are genius.
[ link to this | view in chronology ]