In a bid to track coronavirus patients, Pakistan’s intelligence services have activated a secret surveillance system, which is otherwise used to track high-value militant targets. On May 28, it was reported that Prime Minister Imran Khan turned to the country’s top spy agency, the Inter-Services Intelligence (ISI), for assistance in tackling the pandemic as cases continue to rise at a staggering pace.
There is little transparency regarding this project, though. What has been made available so far is that geo-fencing and telco-tracking mechanisms are being deployed to track coronavirus patients. However, use of this technology may have likely preceded the announcement, as Pakistani local media in April reported that over half a million text messages had been sent to suspected COVID patients since March 19. South Korea, China and Israel, among others, had adopted the same model to counter their surging COVID-19 tallies.
In Pakistan, especially, with the prime minister’s reluctance to extend lockdown as he believes that segments of the population could not afford it, authorities lack a conclusive strategy to contain the spread of the virus. While it remains unclear on how effective the government’s “national security” approach to the virus will be, the move raises eyebrows with regard to privacy and data protection for citizens. Through this technology, authorities are not only monitoring confirmed patients but also potential virus carriers. This indicates that the government is tracking movements and also listening in to private phone conversations to monitor possible symptoms.
Therefore, the first eminent concern becomes the lack of consent by the user. Are patients aware that their data is under a constant microscope? Are they aware that authorities have eyes and ears on their personal lives? And that people who have come in contact with them could be potential targets of such flagrant privacy violations?
With the open use of surveillance technology, it appears that people’s lives may be up for scrutiny and that changes implemented during this time may have long lasting effects if their scope is not defined. So far, no specifics on the limit of surveillance usage have been relayed.
At this point, the question is: Will mass surveillance outlive the pandemic?
Where Does Pakistan Stand on Data Protection Laws?
The bones of mass surveillance in Pakistan are deep-rooted. Even at this given point, the country misses a set of data protection laws. In 2018, a bill — yet to be passed — was tabled, granting protection of data held by private entities while implying immunity for government-owned ones. The state of digital rights in the country could therefore be deemed questionable at best. Netizens have undergone data breaches many a time at the hands of private companies including prominent ride-hailing service Careem.
Given the extensive history of press crackdowns by the Pakistani state, speculation remains rife. Such invasive measures underscore whether the government’s response is commensurate with the public health chaos at hand. Neither is this the first-of-its-kind measure. In the past, the Pakistani state has implemented laws that have continued to shrink user autonomy in the digital arena thereby granting authorities excessive powers to curb dissent. In 1996, the government passed the Pakistan Telecommunication (Re-Organization) Act, which authorized the federal government to intercept and trace calls and messages on matters of national security. Following that, in 2000, Pakistan passed an ordinance which was meant to safeguard the confidentiality of the citizen database system. However, the citizen data registry, called the National Database & Registration Authority (Nadra), has been reportedly compromised several times. In addition, a fair trial act was passed in 2013 which enabled issuing secret warrants of surveillance and interception on the basis of mere suspicion. In what was described as a tool to counter injustices committed in cyberspace, the 2016 Prevention of Electronic Crimes Act (PECA) heavily regulated the internet. Critics viewed it as a weapon to administer mass surveillance, stifle civil liberties and promote self-censorship. Various sections of the act empowered authorities to gain unrestricted access to citizen information, retain real-time data and infringe on privacy. In February, the government introduced amendments to the existing cybercrime law whereby social media platforms including Facebook, WhatsApp, Google and Twitter were urged to establish offices in Pakistan in order to respond to complaints launched by the government.
In the aftermath of the May 28 development, a think tank focusing on media-related research, Media Matters for Democracy (MMfD), along with rights activists, co-signed a statement urging Pakistani authorities to maintain the right to privacy as they implement surveillance tech to fight the coronavirus pandemic.
As of 2018, Pakistan has 151 million mobile phone subscribers and over 44 million internet users. The ramifications entailed by the expansion of state invasions of privacy could be immense, yet are uncertain. First, it is yet to be determined whether intrusion at such a massive scale is actually helping contain the spread of the virus. Second, if mass surveillance is crucial to locating COVID-19 patients, governments must take health workers on board to assess how effective such measures are. Last, the scope of the project must be defined along with a sound strategy to disarm such tracking systems once the pandemic is over.
With over 51,000 active cases, the success of this model remains debatable. With health being a priority, many residents may overlook the implications of surveillance. That said, critics suspect that measures instituted during the pandemic might stay, especially in a country where passing of a data protection bill has remained stagnant for months on end.