A law cannot be effective unless it is enforced.
Obligations to supply IT services to the public arise from a number of
From the need to ensure the integrity of the service the provider provides,
to requirements to meet obligations to the state when providing the service,
to the need to ensure the provider does not exploit other people’s data.
Since the dawn of technology, IT departments have been required to be
proactive in protecting their consumers from hacking, phishing, and
Part of this security effort includes robust training and awareness of legal
requirements that govern the use of technology.
Unfortunately, this hasn’t always been the case, with many companies
turning a blind eye to legal liability.
We know of several cases where companies were fined tens of thousands of
dollars—and in one instance, $11.5 million—for failing to report a security
In the past few years, Pakistan has witnessed some very serious security
related incidents over the internet that have affected its national security.
These incidents have also been widely reported in the media, and the topic
has received substantial attention.
In order to address the issue smartly, it is necessary to have an information
technology law in Pakistan.