Pakistan has been building a snooping network that "would rival some of the world's most powerful surveillance programs," according to a report released this week by the London-based Privacy International.
"The extent of surveillance has not yet been known in Pakistan," Matthew Rice, the author of the report, told VICE News. "We think the public needs to be able to look and make their own decision about if it's appropriate."
The report, Tipping the Scales: Surveillance and Security in Pakistan, is based on internal documents that Privacy International obtained from within Pakistan. The organization would not comment on the source of the documents, but assured VICE News they had independently verified the material.
Since 2005, the report alleges, Pakistan has moved to secretly expand its surveillance capabilities beyond what is legally sanctioned — including tapping phones, deploying spy software, and monitoring internet service providers.
But perhaps the most shocking charge in the report is its assertion that Pakistan's Directorate of Inter-Service Intelligence (ISI) was developing a system to directly access undersea fiber optic cables in order to intercept web traffic.
A 550,000-mile-long underwater cable system spans the entire globe, and one of its key hubs is based in the Pakistani city of Karachi. If the ISI were to tap the cables, it would have access to a tremendous amount of private data.
"This system would make available virtually all of the nation's domestic and international communications data for scrutiny, the most significant expansion of the government's capacity to conduct mass surveillance to date," the report claimed.
Rice noted that his organization was unable to verify if the program was fully enacted. He emphasized that in Pakistan, there has yet to be "a hearing of assessment about the legality of the proposal," adding that at present there is not "any level of review."
Privacy International also obtained documents that show Pakistan bought surveillance technology from foreign companies such as Ericsson (Sweden), Alcatel (France), Huawei (China), SS8 (US), and Utimac (Germany). It also obtained documents showing that Germany had authorized four million euros' ($4.3 million) worth of software licenses for "monitoring technology and spyware software."
Pakistan's security services might have used such technology to target activists, lawyers, and journalists.
"Westerners are, in a sense, implicated here," Rice said.
According to the report, the 2014 Taliban attack on a school in the northern Pakistani city of Peshawar school attack that massacred 145 people prompted authorities to increase surveillance throughout the country. Rice suggested that the country's program might be motivated by a desire to match the surveillance capabilities of other states.
According to documents leaked from the National Security Agency in 2013, the US has also contemplated tapping into underwater fiber optic cables. It devised a program called Upstream to intercept "communications on fiber cables and infrastructure as data flows past," but the extent of the program has not fully been made public.
Pakistan already requires universal SIM card registration by fingerprint, and has built a national biometric ID database. If the government were to pair this data with sophisticated system electronic monitoring, Pakistan's surveillance capabilities could rival those of the US and other European states.
The report comes as the issue of electronic privacy is being heavily debated in Pakistan. Last month, documents leaked from the Edward Snowden cache showed that the British Government Communications Headquarters (GCHQ) had gained access to almost all of Pakistan's internet users. The incident prompted protests in the street, and high-level calls for the government in Islamabad to do more to safeguard privacy.