Privacy International, a UK-based Watchdog group, recently published a report which states that Pakistan is building its own massive surveillance system that could rival America’s National Security Agency (NSA) Prism program.
The report outlines the program’s intentions to collect private user data such as phone records, cellular data transmissions, and internet traffic thus invading the privacy of Pakistani internet users on a local level.
This program could be more invasive considering the fact that citizens can only acquire mobile SIMs and CNIC upon biometric (fingerprint) registration.The details in the report have been gathered from the contractor requests that Pakistan started making back in 2013.
The attached images from the report show the prominent companies like Ericsson, Huawei, Nokia who are providing security solutions to Pakistan.
From page 15 of the report:
“In June 2013, the Inter-Services Intelligence (ISI), Pakistan’s best known intelligence agency, sought to develop a mass surveillance system by directly tapping the main fibre optic cables entering Pakistan that carried most of the nation’s network communication data. The confidential request for proposals outlines a “Targeted IP Monitoring System and COE [Common Operations Environments]” that aimed to capture and store approximately 660 gigabits of internet protocol (IP) traffic per second under ISI control (See annex 3: ‘Inter-Services Intelligence Proposal, 2013’). This system would make available virtually all of the nation’s domestic and international communications data for scrutiny, the most significant expansion of the government’s capacity to conduct mass surveillance to date.”
“What the ISI wanted to build, was a complete surveillance system that would capture mobile communications data, including Wi-Fi, all broadband internet traffic, and any data transmitted over 3G.”
While it is still unclear of the progress that the intelligence agency has made in this field, it is apparent that the agency looks to watch over their citizens as keenly as their western neighbors are doing.
There is also evidence in the report to suggest Pakistan using western software to monitor traffic, the software is called ‘Narus’ and is based in the US. Further evidence leads to the fact that Pakistan had ties with FinFisher and HackingTeam, two of the most famous intrusion software vendors. The following is taken from Page 19 of the report.
What is surprising is how the software was export-controlled, yet neither country faced any problem to meet the customs requirements with the following being one of the instances in the report:
“Germany granted German companies export licenses valued at € 3.9 million to export ‘monitoring technology and spyware software’ to Pakistan.”, stated in the report.
It is interesting material to note that how far Pakistan has come since 2013 and whether the government has any plans on informing the general public about this monitoring activity.