- Cybercrime is achieving illegal ends through the use of computers and the internet.
- Although French Telegraph System incident was the first-ever cybercrime perpetrated in 1834, the creation of a worm on the internet by Robert Morris in 1988 was the first-ever “computer-facilitated” cybercrime.
- In Pakistan, the Prevention of Electronic Crimes Act (PECA) 2016 is the recently enacted law for countering almost all forms of cybercrimes.
- Sections 10, 11, 14, 16, 20, 21, 24 of the Prevention of Electronic Crimes Act (PECA) 2016 are the key elements to deal with the rifest types of cybercrimes in Pakistan.
“If you think you know-it-all about cybersecurity, this discipline was probably ill-explained to you” -Stephane Nappo
In the very first episode of The Thin Blue Line, a famous British sitcom, one of the main characters Grim, who is depicted as CID Inspector, says, in the shadowy electronic alleyways of the internet a new type of villain lurks. He says this to make Inspector Fowler understand that the entire concept of thieving has changed after the arrival of computer and the internet. This episode made me craft this write-up and research some of the cybercrime laws in Pakistan.
What is Meant by Cybercrime?
According to Encyclopedia Britannica, the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy.
In his book Criminology Theories, Patterns, and Practice, Larry J. Siegel maintains, the technological revolution has provided new tools to misappropriate funds, damage property, and sell illicit material. It has created cybercrime, a new breed of offenses that can be singular or ongoing but typically involve the theft and/or destruction of information, resources, funds utilizing computers, computer networks, and the internet.
History of Cyber Crime
Before illuminating my audience regarding the history of cybercrime, it would be pertinent to let them know that I would be mentioning only those crimes which were perpetrated through computers and the internet. The reason is that when we talk of cybercrimes today, we think of it in terms of wireless networking. That is to say, the perpetrator is not in any kind of physical contact with the victim’s computer. He/she might be miles or countries away. If we include other means of cybercrime too, then the history of cybercrime goes back to 1834 when French Telegraph System was hacked by a pair of thieves. They stole information about the financial market. Thus, this incident marked the dawn of cybercrime. Nevertheless, the first internet-facilitated cybercrime took place in 1988.
In 1988, Robert Morris created the very first worm on the internet. In information and technology, a worm is a computer programme that replicates on its own, spreads throughout the computer, and causes it to malfunction. This was released from the Massachusetts Institute of Technology and caused massive disruption in the network.
The most recent incident of cybercrime incident transpired in 2021 in Accenture, a global consulting firm, that was hit by the LockBit ransomware gang.
Cybercrime Laws in Pakistan
In Pakistan, the Prevention of Electronic Crimes Act (PECA) 2016 is the recently enacted law for countering almost all forms of cybercrimes.
Common Cyber Crimes and their Penalties
Following are the most common types of cybercrimes and their penalties in Pakistan:
Electronic Financial Fraud
Electronic financial fraud incorporates all fraudulent activities committed through online means for gaining illegal financial benefits. This crime is punishable under Section 14 of PECA with imprisonment up to three years or a fine, or both.
Cyber stalking is marked by the use of internet-based facilities with the intent to coerce, intimidate or harass someone. This crime is punishable under Section 24 of PECA with imprisonment up to three years and a fine up to one million or with both.
Defamation through Digital Means
Defamation, whether verbal or written, is an offense under Section 499 of Pakistan Penal Code 1860. In terms of cybercrime, publication of false information through online means (including websites, blogs, Facebook, email, or WhatsApp) with intent to harm the reputation of a living person is made an offense under Section 20 of PECA. The punishment includes imprisonment up to three to five years or a fine of one million rupees, or both.
Cyber Blackmailing or Publication of Private Information
Cyber blackmailing refers to intentional exhibition or display of sexually explicit pictures/videos of a natural person via any cyber-related means or threatening someone to exhibit or display the same is declared offense under Section 21 of PECA. Such activities will be dealt with imprisonment up to five years and a fine of rupee five million or with both.
Hate speech refers to a public speech demonstrated through an information system (social media platforms like Facebook, WhatsApp, Twitter, Instagram, etc.) that expresses hate or encourages violence towards a person or group of persons based on something such as religion or racial hatred is a declared offense under Section 11 of PECA. This crime can be punished with imprisonment up to seven years or a fine of ten million rupees, or with both.
Cyber terrorism subsumes the following activities when conducted to coerce, intimidate or create a sense of fear or panic in the government or public at large:
- Unauthorized access to critical infrastructure or data.
- Unauthorized copying or transmission of critical infrastructure system or data.
- Interference with critical infrastructure system or data.
- Glorification of any offense.
Cyber terrorism is punishable under Section 10 of PECA with 14 years imprisonment or fine up to 50 million rupees, or both.
Identity theft refers to a crime in which someone obtains a person’s identity through unfair means and uses it to carry out some deceptive or fraudulent activity. This is a criminal offense under Section 16 of PECA and must be dealt with three-year-long punishment or fine of up to five million rupees, or with both.
“Rather than fearing or ignoring cyber attacks, do ensure your cyber resilience to them” -Stephane Nappo