Cybercrime Law in Pakistan: An Ultimate Guide

With the advent of 5G and 6G technologies, it is clear that the world is undergoing a digital revolution. Information from one corner of the world can reach anywhere within seconds.

invest with imarat

Islamabad’s emerging city centre

Learn More

However, as digitisation and automation have become continuous, there has been a proportional increase in the number of cybercrimes. Cyber security ventures estimate that, by 2025, cybercrime will cost the world a mammoth 10.5 trillion USD per annum.

Similar is the case in Pakistan; The News reported in 2021 that cybercrime in the country has risen 83 percent in the last three years. DAWN also noted that the Federal Investigation Agency (FIA) received more than 102,000 complaints related to cybercrime.

As a result, Pakistani authorities have begun to take the required precautions to keep people and their data safe online. The more individuals in our country rely on internet services, the more vulnerable they are to digital crimes.

We’ll study several types of cybercriminal actions and cybercrime legislation in Pakistan in this blog. In addition, we’ll learn more about the step-by-step process for reporting cybercrime in Pakistan.


What Constitutes Cybercrime?


Infographic showing different types of cybercrimes that are dealt in cybercrime law in Pakistan


Cybercrimes include the following:

  • Hacking is a category of cybercrime that involves gaining unauthorised access to data stored on a person’s computer.
  • Identity theft is the intentional use of another person’s identity. 
  • Cyberbullying, also referred to as online bullying, is a type of harassment and bullying that takes place via the internet.
  • The use of the internet to monitor or harass someone is known as cyberstalking. False charges, slander, and defamation are all involved.
  • Spoofing is a hacking technique in which hackers fool computer systems in order to gain an unfair advantage and steal information from online communities or websites.
  • Financial fraud occurs when someone uses the internet to steal money or deprive others of their assets.
  • Digital piracy, often known as online piracy, is the act of downloading and sharing digital copyrighted content without permission.
  • Computer malware is malware programmes that duplicate themselves in order to spread across computers.
  • Malware is malicious software created by cybercriminals with the goal of causing harm to a server, client, or network.
  • Theft of copyrighted content or material through the internet is known as intellectual property theft.
  • Money laundering is the practice of using the internet to transfer funds through various online payment methods.
  • A denial of service (DOS) assault is a cyberattack that aims to impede the targeted server’s traffic. It prevents the intended users from accessing a system’s resources.
  • Electronic terrorism, often known as cyberterrorism, is the use of the internet to carry out violent crimes. It entails posing a danger to someone or gaining ideological or political advantage.
  • Vandalism refers to the intentional destruction and damage of an individual’s online content. It could also mean that your website’s online content gets changed without your authorisation.


Cybercrime Laws in Pakistan


Infographic showing different cybercrime law in Pakistan and when they were passed by the Parliament.l


Following cybercrime laws in Pakistan have been passed by the Parliament.

Electronic Transactions Ordinance (ETO) 2002

The Electronic Transactions Ordinance (ETO), which was enacted in 2002, was the first IT-related legislation. It was an important first step in ensuring the legal sanctity and security of the local e-commerce sector.

A major portion of Pakistan’s cybercrime legislation was influenced by foreign cybercrime legislation. It is divided into 43 categories that deal with various forms of cyber offences in Pakistan.

Pakistan’s cybercrime law covers the following eight major aspects of the e-commerce industry:

  • Recognition of electronic documents 
  • Electronic communications
  • The digital signature regime and its evidential consequences 
  • Website and digital signatures certification providers
  • Stamp duty 
  • Attestation and notarization of certified copies
  • Jurisdiction
  • Offences


Prevention of Electronic Crimes or Cybercrimes Ordinance 2007

In 2007, the PECO (Prevention of Electronic Crimes or Cybercrimes Ordinance) was passed. The following electronic offences are covered by Pakistan’s cybercrime law:

  • Terrorism on the internet
  • Damage to data
  • Electronic thievery
  • Forgery of electronic documents
  • Unauthorised entry
  • Cyberstalking
  • Cyber-spamming/spoofing

Cybercriminals in Pakistan may face a variety of sanctions under PECO. Depending on the crime, they can range from six months in prison to even the death penalty.

The regulations apply to everyone in Pakistan who commits cybercrime, regardless of country of citizenship.


Prevention of Electronic Crimes Act 2016

In 2016, the Prevention of Electronic Crimes Act (PECA) was passed. It provides a comprehensive framework for all forms of cybercrime and is based on the Cyber Crime Bill of 2007.

It deals with the following internet crimes:

  • Unauthorised data access (hacking)
  • Denial of Service (DoS) assault (DOS Attack)
  • Electronic forgery and electronic fraud
  • Cyberterrorism


PECA Penalties on Cybercrimes

PECA imposes the following punishments on cyber criminals:

  • For unauthorised access to key information systems, you might face up to three years in prison, a fine of one million Pakistani rupees, or both.
  • Disruption of important information systems with misleading or deceptive motives can result in up to seven years in prison, a PKR ten million fine, or both.
  • For involvement in a terrorism-related offence, you might face up to seven years in prison, a PKR ten million fine, or both.
  • Importing, exporting, or distributing electronic equipment for offensive use can result in up to six months in prison, a PKR fifty thousand fine, or both.
  • For being involved in a data breach, you might face up to three years in prison, a PKR five million fine, or both. It could include the unintentional internet release of someone’s personal information.


Cybercrime Punishment


A judge hitting the gavel to announce punishment for a crime


Details of cybercrimes and their punishments are given below:


Type of CrimeImprisonmentFine (PKR)
Damage to Data3 years3 lac
Electronic Thievery7 years7 lac
Forgery of e-documents7 years7 lac
Malicious Code/ Virus5 years5 lac
Cyberstalking3 years3 lac
Spamming3 years3 lac
Spoofing6 months50,000
Cyberterrorism10 years10 million


Staying Safe from Cybercrime

You can follow these tips to protect yourself from cybercriminals:


Secure Your Mobile Device

  • To keep your smartphone safe, you need to use a strong password.
  • Set on your device’s automatic lock.
  • Install an antivirus or other protection software on your computer.
  • Applications should only be downloaded from trusted sources.
  • Examine all application permissions.
  • Don’t forget to upgrade your operating system’s security.
  • Any spam links you get via email or text message should be avoided.
  • Turn off your WiFi connection’s automatic mode.
  • Always look for “https” in the URL when browsing or purchasing online on your smartphone or PC.


Secure Your Banking

  • Use separate pin codes for different bank accounts.
  • For any form of internet banking, avoid using computers in cyber cafes.
  • When accessing your bank account, never leave the computer alone.
  • Always sign up for transaction alerts via mobile SMS and email.
  • Never respond to emails or messages requesting your pin code or password.
  • After you’ve finished using e-banking services, log out and exit your browser.
  • When using an ATM, always cover the keypad before entering the pin code.
  • Examine the area around an ATM to ensure that no additional devices have been installed.


Secure Your Social Media

  • To gain access to your account, use additional security mechanisms (security code, login alert etc.).
  • Set on the login notification alert.
  • Allow only trusted people to view what you post (videos, photos, tagged locations, and friends, etc.).
  • Control and monitor who has access to your contact information.

Have a Secure Internet Connection

  • First and foremost, replace your router’s default administrative usernames and passwords.
  • Have a strong password and change it at frequent intervals.
  • Turn off your network/WiFi routers when not in use.
  • Check the privacy options in your browser.
  • Don’t give up personal information in exchange for something free on the internet.
  • Avoid clicking on links provided in emails.


Reporting a Cybercrime in Pakistan

The Federal Investigation Agency (FIA) is in charge of the National Response Centre for Cyber Crime (NR3C). In Pakistan, it serves as a cyber law enforcement agency.

The NR3C has expertise in digital forensics, information system security audits, technical investigation, penetration testing, and related training.


Filing a Complaint Through NR3C


Objectives of the National Response Centre for Cybercrime


If you go to the official website of the NR3C, you’ll notice that there’s a section dedicated to reporting computer crime. You’ll be redirected to the FIA web page, as indicated in the screenshot. Fill in all the essential information and attach any necessary documents here.

This is how you can use NR3C to file a cyber crime complaint in Pakistan.

As per cybercrime law in Pakistan, you can contact the NR3C using the following contact information to get updates on the status of your complaint.

  • Contact number: 051-9106384 or 03366006060.
  • E-mail address:
  • Address: NR3C-FIA, National Police Foundation Building, 2nd Floor, G-10/4, Mauve Area, Islamabad (where you can send your written applications)


 To read more on cybercrime and digital fraud, visit our blog.

invest with imarat Islamabad’s emerging city
Learn More
Scroll to Top
Scroll to Top