Cybercrime on the Rise as More Pakistanis Go Online

Originally posted in ProPakistani

Over the last few years, internet traffic in Pakistan has surged to over 83 million internet users. With over 97% of Pakistanis accessing the internet through their cellphone, this rapid expansion can be attributed to the dissemination of 3G/4G services by significant telecom players in Pakistan. With widespread access to the internet, numbers on social media platforms and e-commerce platforms have multiplied.

The surge in internet traffic has led to a drastic increase in cybercrimes. They vary from phishing attacks to harassment and digital identity theft and cover a myriad of other criminal activities carried out over the internet through computers or cellphones. We will be narrowing our focus in this article on three particular types of cybercrimes that pertain to social media, the financial ecosystem, and the menace of grey traffic.

Social Media Cybercrime
Over the last few years, social media platforms, including Facebook, Twitter, Instagram, and Youtube, have seen an exponential increase in usage with over 37 million users in Pakistan as of January 2020 – an increase of 7% from the previous year. According to the Digital Rights Foundation (DRF), the most reported complaints with regards to social media are hacking, blackmailing, and impersonation.

Online harassment is another significant issue primarily faced by women. From 2016 through 2019, out of a total number of 5000 complaints, 40% were reported by women. The most-reported platforms were WhatsApp, Facebook, and Twitter. Only 14.2% of women said that they had reached out for help when they faced abuse online.

Financial Cybercrime
According to an e-Commerce Index launched by Daraz – one of the largest online marketplace & logistics company in Pakistan – in 2019, the platform witnessed a 2X increase in active users and a 3X increase in orders. This growth was made possible by a 36% boost in internet penetration in 2019. Digital payments contributed 32% of total consumer spending, and the use of e-wallets increased by 8.2x year-on-year.

As evident from the index mentioned above, e-commerce and the use of digital financial services have been on an upward trend in Pakistan. But this digital wave has been accompanied by an increasing incidence of financial cybercrimes. These include the theft of financial and card payment data, fraudulent calls impersonating financial advisors, spam messages and emails purporting to be from financial institutions to obtain sensitive data, and online banking frauds.

During the COVID-19 lockdown, however, active monitoring and timely actions by the Cyber Crime Wing (CCW) of the FIA saw a 50% decrease in cyber financial crimes. As per official figures from FIA, only 488 complaints of cyber financial crimes were reported during the lockdown period compared with 928 such complaints registered during the corresponding period before lockdown.

Grey Trafficking
Grey Traffic is the use of illegal telephone exchanges to make international calls bypassing the legal routes. It has the twofold effect of not only depleting telecom revenues but also significantly affecting government levies and tax collections, as grey traffickers evade all applicable taxes using illegal routes. The loss faced by the government due to grey traffic has been estimated in billions of dollars annually.

With the help of local law enforcement agencies, PTA has been active in curtailing grey traffic by blocking illegal numbers and identifying and raiding locations with grey traffic exchanges. However, the menace of grey traffic still plagues the country and causes significant financial losses to both the telecom sector and the national exchequer.

Current Cybercrime Laws Pakistan
Over the past few years, the Pakistani government has issued several laws to curtail the spread of cybercrime, including the Electronic Cybercrime bill 2007, Prevention of Electronic Crimes Act 2016. While these regulations are a step in the right direction, they still lack a holistic approach to cybercrime.

A Personal Data Protection Bill 2020 is also being drafted by MoITT that pertains to the transfer, use, and disclosure of personal information. In European nations, the General Data Protection Regulation (GDPR) is a comprehensive regulation that protects customer data. As part of the VEON group, Jazz is one of the few companies in Pakistan that complies with the GDPR. As a subsidiary, Jazz has adopted the same privacy policy framework and cannot collect, process, use, or store any customer’s data without their consent.

Furthermore, Jazz’s Data Privacy Policy follows the GDPR and states that a customer’s explicit consent must be taken before processing their data. Additionally, as licensees of the Pakistan Telecommunications Authority, Jazz, along with other telecoms in the country, do not forward personal information to any entity except law enforcement agencies. Where grey traffic is concerned, Jazz has invested over USD 23 million to assist Law Enforcement Agencies (LEAs) in detecting grey traffic routes.

The importance of Public-Private Partnerships
With data traffic increasing day by day, there is an urgent need for government bodies such as the FIA to partner up with the telecom to develop win-win collaborative models to tackle cybercrime and amass benefits for the Pakistani public.

As far as legal mandates are concerned, the telecom sector ought to be consulted to provide useful and practical implementation mechanisms for any new acts, bills, or MoUs between the institutions. These include more stringent cybersecurity regulations that mandate government, companies, and organizations to protect their computer systems and information from cyberattacks.

Public awareness campaigns to educate the public on what cybercrimes are and how to report them must also be executed. The evolving nature of financial and cybercrimes due to the growing use of DFS, calls for continuous training, improvement, and recalibration of interworking between the telecommunications industry and the FIA.

With the right public and private sector collaboration, cybercrimes can be effectively contained for Pakistan’s benefit as a whole.