Status regarding Budapest ConventionStatus : NA See legal profile
State of cybercrime legislation
The Prevention of Electronic Crimes Act, 2016, is the main source of substantive law provisions, addressing in some form majority of the offences listed in the Budapest Convention.
The Prevention of Electronic Crimes Act addresses procedural powers corresponding to the Budapest Convention; however, several powers are missing procedural conditions and safeguards.
The Prevention of Electronic Crimes Act includes the following crimes: unauthorized access to information system or data (Section 3), unauthorized copying or transmission of data (Section 4), interference with information system or computer data (section 5) , glorification of offences (section 9), cyber terrorism (Section 10), hate speech (Section 11), recruitment, funding and planning of terrorism (Section 12), electronic forgery (Section 13), electronic fraud (Section 14), making, supplying or obtaining devices for use in offence (Section 15), identity crime (Section 16) unauthorized interception (Section 19), defamation (Section 20), special protection of women (Section 21), child pornography (Section 22), writing or distributing malicious code (Section 23), cyberstalking (Section 24), spamming (Section 25) and spoofing (Section 26). The Prevention of Electronic Crimes Act also provides for legal recognition of offences committed in relation to information systems (Section 27).
In addition, the Penal Code also includes pornography (Section 292) http://jamilandjamil.com/?p=1052 while the Copyright Ordinance includes infringement of copyright (Section 66).
Although the main general framework applicable to all cybercrime investigations is the Code of Criminal Procedure (http://www.oecd.org/site/adboecdanti-corruptioninitiative/39849781.pdf), the Prevention of Electronic Crimes Act also includes specific procedural measures, applicable to all the investigations related to cybercrime, to crimes committed by the means of computer systems and to all the criminal investigations where digital evidence is required.
The Prevention of Electronic Crimes Act provides powers for expedited preservation and disclosure of data (Section 31), warrant for search and seizure (Section 32), power to conduct search and seizure (Section 35), conditions and safeguards with respect to search and seizure (Section 36), and real-time collection and recording of data (Section 39)
Related laws and regulations
Besides an extensive legal framework on technical aspects, there are important acts on this field respecting:
- Electronic Transactions Ordinance 2002 (http://jamilandjamil.com/?p=938 );
- Payment Systems and Electronic Fund Transfer Act, 2007 (http://www.sbp.org.pk/psd/2007/EFT_ACT_2007.pdf );
- Pakistan Telecommunications (Re-organization) Act 1996 (http://jamilandjamil.com/?p=936 )
The Federal Investigation Agency has been designated as an investigation agency for the purposes of the Prevention of Electronic Crimes Act and it has the mandate to investigate and prosecute cybercrimes and crimes committed using electronic means. The trial of such cases is to be conducted by the Court of Sessions and higher courts where the presiding judge has successfully completed training with respect to computer sciences, cyber forensics, electronic transactions and data protection (Section 44).
The telecom companies’ activities are regulated by the Pakistan Telecommunication Authority, which also has the mandate to block unlawful online content under the Prevention of Electronic Crimes Act (Section 37).
Competent authorities and channels
Regarding internal law, Pakistan cooperates with other countries based on being a member of Interpol however such cooperation is on an ad hoc basis. Pakistan’s Extradition Act governs the extradition process. Pakistan also has an extradition treaty in place with the United States of America which would be useful for cybercrime cases.
The Prevention of Electronic Crimes Act provides general international cooperation measures, including broad provisions relating to spontaneous information, grounds for refusal, confidentiality and limitation of use and enabling powers to cooperate with respect to specialized investigative measures (Section 34).
Competent authorities and channelsThe legal competence to begin and direct criminal investigations belongs to the National Response Centre for Cyber Crimes (NR3C) of the Federal Investigation Agency. Under the Prevention of Electronic Crimes Act, the Federal Government is the competent authority with respect to sending and receiving international cooperation requests.
Sources and links
- Country profile on cybercrime legislation for Pakistan: Profile 03/2010, in English, Profile 03/2010, in Urdu
- National Response Centre for Cyber Crimes (NR3C) http://www.policiajudiciaria.pt/PortalWeb/page/
- Pakistan Telecommunication Authority http://www.pta.gov.pk/index.php?Itemid=1
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.
Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?
Share this information with us helping to keep this platform up to date.
- Cybercrime website
- Template: Mutual Legal Assistance Request for subscriber information (Art. 31 Budapest Convention). English and bilingual versions available.
- Template: Data Preservation Request (Articles 29 and 30 Budapest Convention). English and bilingual versions available.