Introduction To PECA
The Prevention of Electronic Crimes Act, 2016 (PECA) is Pakistan’s primary legislation for combating cybercrime. Enacted as part of the National Action Plan (NAP) after the APS attack in 2014, it aims to regulate digital spaces, empower law enforcement, and safeguard national security by criminalizing electronic offenses and mandating cooperation from internet service providers (ISPs).
Key Objectives of PECA
PECA seeks to prevent cybercrimes by defining legal frameworks for digital offenses, strengthening law enforcement mechanisms, and protecting national security. The law grants the Federal Investigation Agency (FIA) powers to investigate cybercrimes and requires ISPs to assist in crime detection. It also safeguards critical information infrastructure from cyber threats and unauthorized access.
Major Cyber Offences Under PECA
- Unauthorized Access to Information Systems (Section 3): Up to three years imprisonment or a fine of PKR 1 million for accessing computer systems without authorization.
- Cyber Terrorism (Section 10): Up to 14 years imprisonment and a fine of PKR 50 million for using technology to intimidate or harm national security.
- Identity Theft (Section 14): Up to three years imprisonment and a fine of PKR 5 million for unauthorized use of someone’s identity or personal information.
- Cyberstalking (Section 21): Up to three years imprisonment and a fine of PKR 1 million for online harassment, blackmail, or privacy violations.
- Electronic Fraud (Section 23): Up to seven years imprisonment and a fine of PKR 10 million for committing fraud using electronic means.
- Glorification of an Offence (Section 9 & 34): Up to seven years imprisonment for promoting or supporting criminal activities online.
- Spreading False Information (Section 20 & 24): Up to three years imprisonment and a fine of PKR 1 million for defaming or spreading false news about individuals or organizations.
- Blocking of Unlawful Content (Section 37): PTA has the power to block online content deemed inappropriate or against public interest, though this provision faces criticism for lacking transparency and judicial oversight.
Investigation and Prosecution Under PECA
- Role of FIA Cyber Crime Wing: The primary agency responsible for registering complaints, conducting investigations, and prosecuting cybercrime cases.
- Filing a Complaint: Victims can file complaints through FIA’s online portal, helpline, or visit FIA offices. PTA handles content-related violations.
- Investigation Process: FIA collects digital evidence, accesses electronic devices, and questions suspects before registering an FIR.
- Cybercrime Courts: Special courts oversee trials, where judges determine bail, trial proceedings, and verdicts based on forensic and electronic evidence.
- Cooperation from ISPs and Online Platforms: ISPs and social media platforms must assist law enforcement in tracing and investigating cybercrimes, with penalties for non-compliance.
Concerns, Misuse, and Need for Reform
PECA has been criticized for its vague provisions, particularly Sections 34 and 37, which allow content blocking and criminalization of speech without clear guidelines. This has raised concerns about restrictions on free speech, misuse against journalists and activists, and arbitrary enforcement against political opponents. The law grants broad surveillance powers to law enforcement without judicial oversight, creating risks of privacy violations and unchecked governmental control over digital platforms.
Political exploitation of PECA has been reported, with cyber defamation and content regulation laws being used selectively to silence dissent. Opposition members and media figures have faced charges under loosely defined provisions, further highlighting the need for reform.
To prevent misuse, PECA requires amendments to clarify its vague provisions and introduce judicial oversight before content blocking or digital surveillance. Increased transparency in law enforcement actions, mandatory court approval for certain investigative procedures, and public accountability measures are essential. Training for judges, prosecutors, and law enforcement officials should be enhanced to ensure fair application of the law. Pakistan can also learn from international best practices, such as India’s Supreme Court ruling that struck down unconstitutional cyber laws.
Conclusion
While PECA is crucial for tackling cybercrime, its broad language, lack of safeguards, and potential for misuse pose risks to free speech, privacy, and due process. Reforms are necessary to ensure that the law effectively combats cyber threats while safeguarding fundamental rights.