As Pakistan joins more than sixty countries in signing the world’s first UN cybercrime convention, it steps into a global alliance as fraught as it is overdue. Marketed as a milestone against digital predators and transnational fraud, the treaty promises cooperation on hacking, scams, and online child exploitation. Yet beneath the rhetoric of “shared e-evidence” lies a framework that could quietly legitimise global surveillance with only token safeguards.
Supporters call it a necessary weapon against crimes that defy borders. UN Secretary-General António Guterres hailed it as an “important milestone” against scams that “destroy families, steal migrants, and drain billions.” Pakistan, too, faces these dangers. In recent years, ransomware and data breaches have targeted utilities, banks, and telecom networks. Cyber fraud complaints have surged past seventy thousand a year, with more than half involving online financial scams. The appetite for stronger cross-border enforcement is understandable. However, Human Rights Watch cautions that it extends far beyond addressing cybercrime and obligates states to establish broad electronic surveillance powers, including sharing data for any foreign “serious crime” defined as four-plus years in jail. In practice, a Pakistani court could be compelled to release personal communications on vague foreign requests, with no binding requirement for judicial review. Optional human-rights clauses–privacy, transparency, remedy–can simply be ignored. In a country where the Prevention of Electronic Crimes Act has already been used to silence journalists and order arbitrary content takedowns, such powers are combustible.
Pakistan’s digital transformation in recent years has been remarkable and makes careful treaty scrutiny all the more urgent. Today, well over 100 million Pakistanis use the internet. Mobile penetration is at roughly 78%, and broadband coverage now exceeds 60% of the population.
This connectivity is a double-edged sword. On one hand, Pakistan needs robust defences. Our government rightly deplores how extremist groups spread propaganda via encrypted apps, how criminal networks launder money through crypto, and how ransomware can halt a public utility. A treaty that promised to target, say, ISIS’s online finance networks or global child-porn rings – and to do so with cross-border evidence-sharing – might serve our security interests. Vietnam’s police, where the treaty was signed, even invoked child exploitation and cyberscams as targets.
On the other hand, our regulatory context is still fragile since law enforcement and intelligence agencies operate with little transparency, while cyber-laws have repeatedly been criticised for vague wording and over-reach. Pakistan’s official position has been cautiously supportive so far. Senior officials see the security angle and are determined not to be out of step with geopolitics. But here we must ask: to what price?
