A thematic analysis of Pakistan’s cybersecurity policies, regulations and implications

Unzur Kaifa; Dr. Zahid Yaseen; Dr. Muhammad Muzaffar

Authors

Unzur Kaifa M Phil Scholar, Department of Politics and International Relations, Government College Women University Sialkot, Punjab, Pakistan Author
Dr. Zahid Yaseen Associate Professor, Associate Professor, Department of Politics and International Relations, Government College Women University Sialkot, Punjab, Pakistan Author
Dr. Muhammad Muzaffar Assistant Professor, Department of Politics and International Relations, Government College Women University Sialkot, Punjab, Pakistan Author

Keywords:

Cybersecurity Legislation, Cyber Policies Implementation, Cyber Threats in Pakistan, PECA 2016, Digital Governance

Abstract

Cybersecurity risks are growing, making strong legislative frameworks necessary to ensure adherence and protect digital infrastructures. Because of changing cyber threats, regulatory loopholes, and enforcement constraints, cybersecurity policy compliance in Pakistan continues to be a major concern. This study examines the existing cyber laws, their effectiveness, and capacity building in implementation, specifically in Pakistan. This study draws upon interviews with 15 respondents from different fields: Federal Investigation Agency (FIA) agents from the cyber unit, prosecutors from the criminal unit, and cyber victims. The purpose of the interviews was to delve into the respondents' views on the current cyber laws and their effectiveness. Analyzing the collected data from in-depth interviews applying thematic analysis while identifying key themes, for instance, the gaps in the victim’s support mechanism and effectiveness in the existing legislative framework. The results highlight the dire need for significant modifications to address these challenges, for instance, public awareness campaigns, institutional capacity building, and technical expertise, and to provide significant new details about Pakistan's cybersecurity laws' inadequacies through providing policymakers essential details to strengthen legislative measures and prevent individuals from cyber threats.

Downloads

Download data is not yet available.

References

Abdullahi, M., Baashar, Y., Alhussian, H., Alwadain, A., Aziz, N., Capretz, L. F., & Abdulkadir, S. J. (2022). Detecting cybersecurity attacks in internet of things using artificial intelligence methods: A systematic literature review. Electronics, 11(2), 198. https://doi.org/10.3390/electronics11020198

Adams, W. C. (2015). Conducting semi‐structured interviews. Handbook of practical program evaluation, 492-505. https://doi.org/10.1002/9781119171386.ch19

Awan, J. H., Memon, S., & Burfat, F. M. (2019). Role of Cyber Law and Mitigation Strategies in Perspective of Pakistan to Cope Cyber Threats. International Journal of Cyber Warfare and Terrorism (IJCWT), 9(2), 29-38. doi: 10.4018/IJCWT.2019040103

Barriball, K. L., & While, A. (1994). Collecting data using a semi-structured interview: a discussion paper. Journal of Advanced Nursing-Institutional Subscription, 19(2), 328-335. https://doi.org/10.1111/j.1365-2648.1994.tb01088.x

Bokhari, S. A. A. (2023). A Quantitative Study on the Factors Influencing Implementation of Cybersecurity Laws and Regulations in Pakistan. Social Sciences, 12(11), 629. https://doi.org/10.3390/socsci12110629

Brazhnik, O., & Jones, J. F. (2007). Anatomy of data integration. Journal of biomedical informatics, 40(3), 252-269. https://doi.org/10.1016/j.jbi.2006.09.001

Brinkmann, S., & Kvale, S. (2005). Confronting the ethics of qualitative research. Journal of constructivist psychology, 18(2), 157-181. https://doi.org/10.1080/10720530590914789

Burns, R. G., Whitworth, K. H., & Thompson, C. Y. (2004). Assessing law enforcement preparedness to address Internet fraud. Journal of Criminal Justice, 32(5), 477-493. https://doi.org/10.1016/j.jcrimjus.2004.06.008

Buzdugan, A., & Capatana, G. (2022). Cyber security maturity model for critical infrastructures. Paper presented at the Education, Research and Business Technologies: Proceedings of 20th International Conference on Informatics in Economy (IE 2021).

Corti, L., Day, A., & Backhouse, G. (2000). Confidentiality and informed consent: Issues for consideration in the preservation of and provision of access to qualitative data archives. Paper presented at the Forum Qualitative Sozialforschung/Forum: Qualitative Social Research.

Dupin, C. M., & Borglin, G. (2020). Usability and application of a data integration technique (following the thread) for multi-and mixed methods research: A systematic review. International Journal of Nursing Studies, 108, 103608. https://doi.org/10.1016/j.ijnurstu.2020.103608

Fielding, N. (2001). On the compatibility between qualitative and quantitative research methods.

FlorCruz, J. A., & Seu, L. (2014). From snail mail to 4G, China celebrates 20 years of Internet connectivity. CNN news report. http://edition. cnn. com/2014/04/23/world/asia/china-internet-20th-anniversary.

Gallagher, M., Giles, J., Park, A., & Wang, M. (2015). China’s 2008 Labor Contract Law: Implementation and implications for China’s workers. Human Relations, 68(2), 197-235. https://doi.org/10.1177/0018726713509418

Galletta, A., & Cross, W. E. (2013). Mastering the semi-structured interview and beyond: From research design to analysis and publication (Vol. 18): NYU press. https://doi.org/10.18574/nyu/9780814732939.001.0001

Grant, C., & Osanloo, A. (2014). Understanding, selecting, and integrating a theoretical framework in dissertation research: Creating the blueprint for your “house”. Administrative issues journal, 4(2), 4.

Harrell, M. (2009). Data Collection Methods: Semi-Structured Interviews and Focus Groups. RAND Corporation.

Imran, M., Murtiza, G., & Akbar, M. S. (2022). The Rise of Cyber Crime in Pakistan: A Threat to National Security. Journal of Development and Social Sciences, 3(4), 631-640.

Kosseff, J. (2017). Defining cybersecurity law. Iowa L. Rev., 103, 985.

Kvale, S. (2012). Doing interviews: Sage.

Lim, H. S. M., & Taeihagh, A. (2018). Autonomous vehicles for smart and sustainable cities: An in-depth exploration of privacy and cybersecurity implications. Energies, 11(5), 1062. https://doi.org/10.3390/en11051062

LJ Bikoko, T. G., Tchamba, J. C., & Ndubisi Okonta, F. (2019). A comprehensive review of failure and collapse of buildings/structures. International Journal of Civil Engineering and Technology, 10(3).

Naseer, D. R., & Amin, D. M. (2020). Cyber-threats to strategic networks: Challenges for Pakistan’s security. South Asian Studies, 33(1).

Rasool, S. (2015). Cyber security threat in Pakistan: Causes, Challenges and Way forward. International Scientific Online Journal, 12, 21-34.

Recker, J. (2021). Scientific research in information systems: a beginner's guide: Springer Nature.

Roig, M. (2006). Ethical writing should be taught. BMJ, 333(7568), 596-597. doi: https://doi.org/10.1136/bmj.38946.501215.68

Romano Jr, N. C., Donovan, C., Chen, H., & Nunamaker Jr, J. F. (2003). A methodology for analyzing web-based qualitative data. Journal of Management Information Systems, 19(4), 213-246. https://doi.org/10.1080/07421222.2003.11045741

Saleem, B., Ahmed, M., Zahra, M., Hassan, F., Iqbal, M. A., & Muhammad, Z. (2024). A survey of cybersecurity laws, regulations, and policies in technologically advanced nations: A case study of Pakistan to bridge the gap. International Cybersecurity Law Review, 5(4), 533-561.

Sanjari, M., Bahramnezhad, F., Fomani, F. K., Shoghi, M., & Cheraghi, M. A. (2014). Ethical challenges of researchers in qualitative studies: The necessity to develop a specific guideline. Journal of medical ethics and history of medicine, 7.

Walsham, G. (2006). Doing interpretive research. European journal of information systems, 15(3), 320-330. https://doi.org/10.1057/palgrave.ejis.3000589