DATA PRIVACY IN PAKISTAN: A COMPARISON OF LEGAL LANDSCAPE WITH THE EUROPEAN UNION

Abstract

Personal data is now highly in demand with the introduction of digital technology and that is why there is need of data privacy. The sudden rise of digital systems in Pakistan, both in the public sector and in the business has not been coupled with tough data protection legislations. Due to this there are gigantic breaches in processing of personal data and this is what leaves citizens vulnerable to abuse of data and governmental surveillance. The paper will compare the current legislations and the proposed legislations protecting data in Pakistan. It takes into consideration the Prevention of Electronic Crimes Act (PECA) 2016 and the Personal Data Protection Bill (PDPB) 2023. These legislations are compared to European Union (EU) legislations and specifically, the General Data Protection Regulation (GDPR), Digital Markets Act (DMA), Artificial Intelligence Act (AI Act) and European Convention on Human Rights (ECHR). The research shows that the legislation in Pakistan in terms of data protection is flawed. Instead of focusing on the protection of the rights of people, it is centred more on the interests of the state. Enforcement is loosely controlled, there is too much centralization of the power within the state and unclear laws on the consent of people being acquired. In turn, the legal system does not comply with the international standards. The paper argues that the data legislations in Pakistan steal the vocabulary of the global laws, but lack in their content and values.