The document discusses cyber laws in Pakistan. It provides an overview of two key pieces of legislation: the Electronic Transaction Ordinance of 2002, which recognized electronic documentation and established rules around digital signatures; and the Electronic/Cyber Crime Bill of 2007, which defined 17 types of cyber crimes and assigned punishments including imprisonment and fines. It also presents some statistics on cyber crimes reported in Pakistan and globally.

1. Cyber Laws in Pakistan Presenting By: Taha Mehmood

2. Agenda Cyber Crime Cyber Laws Cyber laws in Pakistan Electronic Transaction Ordinance 2002 Overview Sections

3. Agenda Electronic Crimes Bill 2007 Overview Sections Opportunity for Business Flexible Storage IT and Telecom professional salaries Data Storage Seriousness Criticism

4. Cyber Crime Activity in which computers or networks are a tool, a target, or a place of criminal activity. Cyber crime also stated as any use of a computer as an instrument to further illegal ends, such as Committing fraud Stealing identities Violating privacy

5. It is also include traditional crimes in which computers or networks are used to enable the illicit activity. As the computer has become central to commerce, entertainment, and government. Cyber crime has grown in importance.

6. Examples: E-mail account of a Federal Minister is hacked. Credit cards frauds reach to an alarming level. Visiting CEOs of Multinational Companies gets threatening E-mails. Financial institutions are the favourite targets of Cyber criminals --- worstly effecting the technological progress in the area of e –Commerce.

7. Cyber Laws The legal issues related to use of communications technology, particularly "cyberspace", i.e. the Internet. It is an intersection of many legal fields, like: Intellectual property, Privacy Cyber laws is an attempt to apply laws designed for the physical world to human activity on the Internet

8. Cyber Laws in the World Electronic Commerce Act (Ireland) Electronic Transactions Act (UK, USA, Australia, New Zealand, Singapore) Electronic Transactions Ordinance (Hong Kong) Information Technology Act (India) Information Communication Technology Act Draft (Bangladesh)

9. Cyber Laws in Pakistan There are different law are promulgated in Pakistan. These laws not only deal with crime of Internet These deal with all dimensions related to computer & networks. Two of them are most known. They are: Electronic Transaction Ordinance 2002 Electronic / Cyber Crime Bill 2007

10. Electronic Transaction Ordinance 2002 Overview The Electronic Transactions Ordinance (ETO), 2002, was the first IT-relevant legislation created by national lawmakers. A first step and a solid foundation for legal sanctity and protection for Pakistani e-Commerce locally and globally. Laid the foundation for comprehensive Legal Infrastructure. It is heavily taken from foreign law related to cyber crime.

11. Pre-ETO 2002 No recognition of electronic documentation No recognition of electronic records No recognition of evidential basis of documents/records Failure to authenticate or identify digital or electronic signatures or forms of authentication No online transaction could be legally binding Electronic Data & Forensic Evidence not covered. No Rules

12. Sections There are 43 sections in this ordinance It deals with following 8 main areas relating to e-Commerce. Recognition of Electronic Documents Electronic Communications Digital Signature regime and its evidential consequences Web Site & Digital Signatures Certification Providers Stamp Duty Attestation, notarization, certified copies Jurisdiction Offences

13. Important Sections are: 36. Violation of privacy information gains or attempts to gain access to any information system with or without intent to acquire the information Gain Knowledge Imprisonment 7 years Fine Rs. 1 million

14. 37. Damage to information system, etc. alter, modify, delete, remove, generate, transmit or store information to impair the operation of, or prevent or hinder access to,information knowingly not authorised Imprisonment 7 years Fine Rs. 1 million

15. 38. Offences to be non-bailable, compoundable and cognizable All offences under this Ordinance shall be non-bailable, compoundable and cognizable. 39. Prosecution and trial of offences. No Court inferior to the Court of Sessions shall try any offence under this Ordinance.

16. Post ETO 2002 Electronic Documentation & Records recognized Electronic & Digital forms of authentication & identification given legal sanctity Messages through email, fax, mobile phones, Plastic Cards, Online recognized.

17. Electronic/Cyber Crime Bill 2007

18. Overview “ Prevention of Electronic Crimes Ordinance, 2007″ is in force now It was promulgated by the President of Pakistan on the 31st December 2007 The bill deals with the electronic crimes included: Cyber terrorism Data damage Electronic fraud Electronic forgery Unauthorized access to code Cyber stalking Cyber Spaming

19. It offers penalties ranging from six months imprisonment to capital punishment for 17 types of cyber crimes It will apply to every person who commits an offence, irrespective of his nationality or citizenship. It gives exclusive powers to the Federal Investigation Agency (FIA) to investigate and charge cases against such crimes.

20. Punishments Under this law there are defined punishment for the offence. Every respective offence under this law has its distinctive punishment which can be imprisonment or fine.

21. 10 Million Life Cyber terrorism ----- 10 Pornography 3 Lac 3 Spoofing 50,000 6 months Cyber Spamming 3 Lac 3 Cyber stalking 5 Lac 5 Defamation 5 Lac 5 Malicious code 3 Lac 3 Unauthorized access to code 3 Lac 3 Misuse of Device 7 Lac 7 Electronic Forgery 7 Lac 7 Electronic Fraud 3 Lac 3 System Damage 3 Lac 3 Data Damage 3 Lac 3 Criminal Data Access 3 Lac 3 Criminal Access Fine Imprisonment (years) Offence

22. Sections Data Damage: Whoever with intent to illegal gain or cause harm to the public or any person, damages any data, shall come under this section. Punishment: 3 years 3 Lac

23. Electronic fraud: People for illegal gain get in the way or use any data, electronic system or device or with intent to deceive any person, which act or omissions is likely to cause damage or harm. Punishment: 7 years 7 Lac

24. Electronic Forgery: Whoever for unlawful gain interferes with data, electronic system or device, with intent to cause harm or to commit fraud by any input, alteration, or suppression of data, resulting in unauthentic data that it be considered or acted upon for legal purposes as if it were authentic, regardless of the fact that the data is directly readable and intelligible or not. Punishment: 7years 7 Lac

25. Malicious code: Whoever willfully writes, offers, makes available, distributes or transmits malicious code through an electronic system or device, with intent to cause harm to any electronic system or resulting in the theft or loss of data commits the offence of malicious code. Punishment: 5 years 5 Lac

26. Cyber stalking: Whoever with intent to harass any person uses computer, computer network, internet, or any other similar means of communication to communicate obscene, vulgar, profane, lewd, lascivious, or indecent language, picture or image. Make any suggestion or proposal of an obscene nature Threaten any illegal or immoral act Take or distribute pictures or photographs of any person without his consent or knowledge Commits the offence of cyber stalking.

27. Spamming: Whoever transmits harmful, fraudulent, misleading, illegal or unsolicited electronic messages in bulk to any person without the express permission of the recipient, involves in falsified online user account registration or falsified domain name registration for commercial purpose commits the offence of spamming. Punishment: 6 month 50,000

28. Spoofing: Whoever establishes a website, or sends an electronic message with a counterfeit source intended to be believed by the recipient or visitor or its electronic system to be an authentic source with intent to gain unauthorized access or obtain valuable information Later, Information can be used for any lawful purposes commits the offence of spoofing.

29. Cyber terrorism: Any person, group or organization who, with terroristic intent utilizes, accesses or causes to be accessed a computer or computer network or electronic system or device or by any available means, knowingly engages in or attempts to engage in a terroristic act commits the offence of cyber terrorism. Punishment Whoever commits the offence of cyber terrorism and causes death of any person shall be punished with death Or imprisonment for life, and with fine Otherwise he shall be punishable with imprisonment of ten years or with fine ten million rupees

30. Opportunity for Business Flexible Storage IT and Telecom professional salaries Data Storage Seriousness

31. Criticism There are seemingly 21 ‘cyber’ issues covered in this Bill It may seem to cover all aspects of the new digital era. But detailed look shows quite the contrary. Practically in all issues the government has gone the extra mile to reinvent a new definition, significantly deviating from the internationally accepted norms.

32. There seems to be an elaborate play of words within the document allow room for the regulating body (FIA) to confuse and entrap the innocent people The FIA, has been given complete and unrestricted control to arrest and confiscate material as they feel necessary A very dangerous supposition Safeguards and Protection

33. One example of the hideous nature of the bill: The Government has literally attempted to insert a new word in the English language. The word TERRORISTIC is without doubt a figment of their imagination vocabulary Hence they attempt to define the word, quite literally compounding the problem at hand They have actually defined what real-life terrorism might be But fail to explain what they mean by the word Cyber in cyber terrorism. the concern is that there happens to be no clear-cut explanation on how a Cyber Terrorism crime is committed.

34. Special Agency Federal Intelligence Agency NR3C (National Response Center for Cyber Crimes) Sindh Police –Cyber Cop

35. NR3C Require any person where: – reasonable technical and other assistance – require any person to such decrypt information • Obstruction – 1 year imprisonment – 1 hundred thousand rupees NO JUDICIAL SAFEGUARD

36. Top Ten Victims The 2007 Internet Crime Report cites the top ten countries by amount of perpetrators of online crime In descending order United States United Kingdom Nigeria Canada Romania Italy Spain South Africa Russia Ghana

37. Facts & Figures Americans reported losses of US$240 million from global cyber-crime in 2007 A $40 million increase from 2006 The I3C received 206,884 complaints of online fraud in 2007 a decrease from the previous year’s 207,492 complaints and over 231,000 complaints in 2006.

38. Facts & Figures The United Kingdom is listed second in a report on global cyber-crime statistics, behind the United States. The UK Cybercrime report: There were 850,000 instances of sex crimes where individuals were ‘cyberstalked’ or received unwanted sexual approaches and paedophiles grooming underage children for sex. There were 207,000 financial frauds committed last year - up more than 30 percent on a similar study in 2005 and eclipsing outstripping the 199,800 offline frauds. There were 92,000 cases of identity theft 144,500 cases of hacking into another PC.

39. Crimes Reported in Pakistan A total of 57 cases have been registered under the ETO 2002 in the years 2005 & 2006. 420 224 196 Total: 253 148 105 Others 9 2 7 Counterfeit Currencies 57 24 33 Cyber Crimes 67 30 37 Spurious Drugs 34 20 14 IPR Crimes Total 2005 2006 Offences

40. Thanks for Your Attention..