It is the 21st century, the age of artificial intelligence (AI), but in Pakistan, people are getting more interested in going to their banks instead of using internet banking applications. We once thought those who avoided digital tools had an ‘old school’ mindset, but it appears that such caution worked well for them as their data, privacy and, indeed, money remained safe in a country where breaches have become rather routine.
Recently, the interior ministry sought a report on the leakage of millions of SIM records. A quick search on the Play Store reveals hundreds of apps offering ‘free SIM data details’ — from CNIC numbers to postal addresses. Even more troubling, one finds individuals on social media openly offering copies of CNICs, family registration certificates, travel histories, and SIM ownership records. It is also astonishing that such sensitive information is being traded so casually.
The consequences are visible in daily life. We all receive unsolicited calls from unknown numbers pushing dubious schemes. Many unsuspecting people fall into these traps, losing both money and personal data. Institutions meant to protect citizens — from police to the cybercrime wing of the Federal Investigation Agency (FIA) — remain politicised and ineffective. Ordinary citizens have little faith in them, and many are retreating from digital platforms altogether in the hope of protecting themselves.
This is alarming because today, almost everything is tied to our mobile phones — banking, private communications, and even official records. If neither corporations nor government organisations can safeguard their databases, the threat is far bigger than individual scams. Yet, instead of empowering technical experts to strengthen digital infrastructure, we continue the tradition of appointing retired or serving generals — skilled in matters of war and defence, but with little relevance to the realm of cybersecurity. A report may be compiled for the interior ministry, and a few officials may face suspension, but cosmetic measures will not stop this crisis. Illegal data services will continue to flourish unless institutions are allowed — and compelled — to do their actual work. The real tragedy is that we have become silent spectators. In this climate, no one is safe.
At the very least, the government should consider practical steps, such as mandatory annual verification of SIMs. Many SIMs used in fraudulent activities are obtained through deception: poor men and women are misled into providing biometric data under the guise of surveys for welfare programmes, while their identities are exploited to register SIMs used in scams. Regular re-verification could drastically reduce this practice, making it easier for agencies to track genuine culprits while protecting vulnerable citizens.
Pakistan’s digital future depends on recognising that data protection is not a luxury — it is a necessity. Without urgent reform, we risk undermining public trust in digital platforms, isolating our economy, and leaving citizens exposed to exploitation.
AHMAD KAMAL MAZARI
LAHORE
