nccia

The Controversy Around the National Cyber Crime Investigation Agency (NCCIA)

By /

Pakistan's new National Cyber Crime Investigation Agency (NCCIA) aims to combat the rising tide of cybercrimes like hacking, online fraud, and cyberbullying through cooperation with different departments. Though it promises a more focused approach to tackling cyber threats, concerns about potential privacy violations and resource duplication have emerged. While the NCCIA is viewed as a necessary structure, the Pakistani public is skeptical of it, particularly since a cyber wing in the FIA already exists.

Askari Bank Banner

Introduction

The establishment of NCCIA (National Cyber Crime Investigation Agency) is relatively new in Pakistan’s law enforcement structure. It was founded in May 2024 in order to represent the government’s readiness to fight against cybercriminal activities and improve cybersecurity. The NCCIA will lead the investigations on cybercrimes such as hacking, cyberbullying, financial fraud, and abuse of social media. It is expected to enhance Pakistan’s cybersecurity framework through cooperation with government departments and private organizations.

Based on the provisions of the NCCIA, it is expected that the NCCIA will be responsible for coordinating international relations on cybercrime matters. This could involve reporting to or sharing information with other countries’ law enforcement and requesting their assistance in investigations. It is also expected that the NCCIA will integrate into the Federal Investigation Agency (FIA), replacing the existing cybercrime wing. This is meant to achieve the formation of a more specialized and focused agency on cybercrime.

However, the formation of a new agency that will focus on combating cybercrime is questionable since it might infringe on citizens’ rights to privacy, especially about monitoring their social media activity. There are concerns regarding the creation of a new agency, thus, it may lead to duplication of effort and increase the expenditure as compared to the cybercrime wing of the Federal Investigation Agency.

The Need for NCCIA in Pakistan

Pakistan is experiencing a wide range of problems associated with the advent of the digital industry, cybercriminal activities, and the demand for proper digital regulation. The introduction of the NCCIA is considered valuable in solving these problems related to cybersecurity. This agency intends to fight digital evils and create a viable path for digital governance in Pakistan.

Even though there are some fears and skepticism regarding the NCCIA, its establishment is being viewed as necessary to combat cybercrime and build a safe environment for digital space. One of the main functions of this agency is to prevent crimes such as identity theft, hacking, and financial fraud. Such crimes are extremely common and serve as a major threat to the population of Pakistan.

A proper investigation agency for cybercrime can help equip the investigators with the adequate skills and knowledge required to tackle cyber threats. Modern techniques can be applied while gathering relevant evidence. It can further help in centralized coordination by focusing solely on cybercrime activities where the government and stakeholders can work together.

Moreover, in this contemporary world, disinformation and fake news are quite common. The NCCIA can help in monitoring and regulating the content provided by the media. It can aid in providing awareness to the general public about the risks associated with the circulation of fake news. Furthermore, the agency can coordinate with plenty of platforms and companies in order to create laws regarding the creation of undesirable content.

How Can NCCIA Be Successful?

In order to become successful, the NCCIA must adhere to becoming a centralized unit of coordination and exchange of intelligence. It must serve as a central hub for improving communication and enabling cooperation between different organizations. The agency must aim at leveraging collective expertise by engaging both the public and private domains in terms of labour and information. It must further focus on investing more in technology and training to attain advanced cyberforensics.

Adequate funds can be allocated for purchasing high-quality technology in order to carry out our extensive cyber investigations. The investigators can be empowered with new techniques that can help them deal with any emerging threats. Furthermore, it must be taken into account that inculcating cybersecurity into education can help reduce vulnerability. It must be taught to students to ensure that every member of a company’s or organization’s workforce is equipped with adequate and essential knowledge regarding cyber security.

Other than this, it is crucial and imperative to update and strengthen laws to support cybercrime investigations. There must be robust legal deterrents that can help revise laws to fight new forms of trends in the realm of cybercrime. Such measures can help in quick and efficient arrests of cybercriminals. Moreover, it must be noted that cybercrime is a rising global issue and thus requires international cooperation.

Pakistan’s government must cooperate with the cybersecurity and law departments of other nations and participate in joint operations to fight against transnational cybercrime. To make NCCIA more effective, the Cyber Security Policy 2021 must be properly implemented. An analysis of this policy revealed that Pakistan is on the list of those developing nations that are weak in implementing strategies and inter-agency coordination. The NCCIA can certainly help in bridging these gaps through adequate policy execution and addressing modern threats.

Why Is the NCCIA Controversial?

The creation of NCCIA has raised concerns regarding its replacing the cyber wing of the Federal Investigation Agency (FIA). The general public, along with many officials, are skeptical regarding the NCCIA. This is due to several reasons. The FIA’s cyber wing already implies that there is readiness within the nation to combat cyber threats and activities. This existing framework may raise questions regarding the relevance and rationality of establishing a new independent organization.

Another concern that can be raised is that the FIA’s cyber wing may not be efficiently performing its tasks. Moreover, there can be a problem of scope duplication due to the replacement of the cyber wing with the NCCIA, which can create confusion and hinder efficiency. This can happen when the two agencies find themselves delivering the same services, which is only a waste of resources and time.

Furthermore, the existing human resources at the NCCIA are expected to remain in their original positions for another year before there are any new recruitments; hence, the transition period is adding to the problem. To avoid this, specific legislation for taking care of each body must be well developed to avoid the overlapping of the roles of agencies.

Another important thing to notice is that, considering the current financial situation in Pakistan, many suggest that it is inadvisable to set up the NCCIA. It would have been more useful if the time and resources could’ve been spent on the already existing cyber wing of the FIA. This approach could have spared additional costs of the new technology, protocol, human resources, etc. It could have raised the standards of the existing facilities, human capital, and international cooperation.

Furthermore, the trend of enhancing cyber security through the NCCIA may pose a threat to a citizen’s right to privacy. Lack of checks and balances in the process of the formation of a new agency may culminate in over-policing, whereby the agency tasked with the responsibility of enhancing cybersecurity ends up eroding the civil liberties of people.

The government did not provide any justification for the insufficiency of FIA’s efforts to address cybercrime. If there is still no adequate proof to show the ineffectiveness of the FIA, the creation of the NCCIA may not be justified. This can be stated since there is no clear rationalization provided, which only gives rise to doubts regarding the wastage of resources.

There can be a negative impact on the division of resources due to the creation of a new agency. The FIA already has a cyber wing along with international links, which indicates that it might have already been responding to cyber threats in an effective way. It would require a lot of time and energy for the NCCIA to portray itself as a competent agency.

Conclusion

It can be concluded that since the COVID-19 pandemic, a new light of discourse on cyber security has been introduced within Pakistan, where emphasis is placed on fortifying security and cybercrime. Still, no emphasis is given to the rights of citizens to privacy. Regulatory measures must be introduced to deal with threats and they must be implemented in a manner that resonates with the tenets of democracy as well as human rights.

Stakeholders and members of civil society, the IT sector. and the general public must be engaged in order to ensure cybersecurity and protect citizens’ privacy. Some of the details of the NCCIA’s structure and functioning are still being developed. One can state that the role and influence of the NCCIA in Pakistan’s digital environment are yet to be assessed. It will be a success when it is possible to define clear responsibilities, gain public support, and maintain an adequate balance between the fight against cybercrime and the violation of certain fundamental rights. 

If you want to submit your articles and/or research papers, please check the Submissions page.

The views and opinions expressed in this article/paper are the author’s own and do not necessarily reflect the editorial position of Paradigm Shift.

About the Author(s)
+ posts

Minahil Khalid is a student of M.Phil International Relations at Kinnaird College for Women University, Lahore. Her research interests revolve around global political issues and security studies.