All Posts in Privacy
December 04, 2014 - Comments Off on Freedom on the Net 2014 – Pakistan’s Scores Going from Bad to Worse
Freedom on the Net 2014 – Pakistan’s Falling Scores on Internet Freedom Ranking
Lahore, December 4, 2014: The latest Freedom on the Net report of Freedom House that is conducted in 60 countries around the world shows declining scores for Pakistan. Inclusion of online spaces as evidence in the draconian laws of Blasphemy while having no strong legal-cyber framework and implementation of technologies to censor political and social content remain the worrying highlights of this year's Net Freedom report.
FoTN 2014 report was meticulously researched by Digital Rights Foundation, Pakistan along with the research analysts of Freedom House. This report is an attempt to compile and assess the limits on content, violations of user rights in Pakistan, and overall Net Freedom in the country. Here are some of the highlights of Freedom on the Net 2014 report on Pakistan:
- Four women were brutally killed for using mobile technology in rural areas of Pakistan
- Citizen Lab researchers found Netsweeper technology automatically blocking political and social content on Pakistan’s largest ISP
- In April 2014, a judge in Punjab sentenced a Christian couple to death for blasphemy in relation to a text message they deny sending
- Lawyer Rashid Rehman was shot dead on May 7 after receiving threats for representing a professor jailed on charge of committing blasphemy on Facebook
- Pakistan started offering faster mobile internet connectivity (limited to urban centers) in the form of 3G and 4G
- YouTube has been blocked since September 2012 while officials jockey to systematize control over the platform
- Authorities' newly blocked film details referencing Baloch independence and a gay community website
- Pakistan Protection Ordinance 2013 (now an Act) categorized unspecified “internet offenses” as terrorism, with suspects subject to arbitrary detention
“Pervasive and Increased government control on the Internet whether in form of censorship or with new surveillance tactics, is limiting freedom of expression and amplifying self censorship among the internet users in Pakistan. The dangerous trend of introducing draconian and repressive laws to limit the civil liberties in the online space is only an effort to block political dissent and diverse opinions," commented Nighat Dad, Director, Digital Rights Foundation. "Pakistani government should understand that increased Internet censorship and data surveillance can only turn this democratic state into a repressive regime.”
Sanja Kelly, Project Director for Freedom on the Net talking about how legal framework is being constructed at the expense of citizen privacy mentioned, “authoritarian and democratic leaders alike believe the internet is ripe for regulation and passed laws that strengthen official powers to police online content. The scramble to legislate comes at the expense of user rights, as lawmakers deliberately or misguidedly neglect privacy protections and judicial oversight.The situation is especially problematic in less democratic states where citizens have no avenues to challenge or appeal government’s actions”
Pakistan scored 69 points (on a list of 0 to 100, where 100 is worst), two points down from last year's ranking. It is concerning for the civil society and Internet users in the country to see an elected government not respecting citizen's privacy or access to the Internet. Pakistan is in dire need of strong, citizen-centric cyber laws that could protect users from online crimes and false witnesses.
To view full country report of Pakistan, please visit Freedom on the Net, 2014.
– End –
Digital Rights Foundation is a research based advocacy organisation based in Pakistan focusing on ICTs to support human rights, democratic processes and better digital governance. DRF opposes any and all sorts of online censorship and violations of human rights both on ground and online. We firmly believe that freedom of speech and open access to online content is critically important for the development of socio-economy of the country. www.
November 14, 2014 - Comments Off on Press Release: 1st National Conference on Privacy Rights and Digital Surveillance in Pakistan
Islamabad, November 14, 2014: Digital Rights Foundation organized country’s first National Conference on privacy rights and digital surveillance today in Islamabad. The focus of this national conference was to start a debate around the lack of legislation and laws pertaining to cyber space with a focus on privacy. During this conference, Waqas Mir, a lawyer from Lahore having expertise in constitutional laws and free speech, presented a comprehensive whitepaper on surveillance in Pakistan. This whitepaper took the audience and readers through the history and development of legislation around privacy and surveillance in the country with a focus on recently drafted Fair Trial Act 2013.
DRF in partnership with Privacy International and Freedom Network organized this event to bring together members from all stakeholders including lawyers, parliamentarians, journalists, civil society, and the public to create a serious and continuous debate around having a consistent approach between surveillance and privacy. Multiple panels and session talks were held discussing global and local perspectives of surveillance in the digital age. Panelists also talked about solutions that could be employed taking examples from other countries world over while going over the case studies where common citizens, journalists, feminists, and dissidents at large have been harassed and attacked.
Senator Afrasiab Khatak, former member of National Assembly Bushra Gohar, and Ben Wagner, international expert on export of surveillance technologies were also part of the panels among other distinguished speakers. The conference concluded by recommending public to use their Right to Information more assertively and frequently and by demanding government to ensure transparency and publish annual report on the number of warrants granted for surveillance, and the number of offences prevented by surveillance or interception of information.
The key points that were raised during this national conference on privacy and surveillance include:
- Growing concerns over tools / mechanisms employed by government especially after FinFisher’s license expiry in 2013
- Concerns shared by the journalism community over how surveillance has negatively impacted the standards of journalism in the country
- Urgent need of legislation around digital security to safeguard citizens
- Understanding of government’s need to employ legal surveillance in the face of serious terrorism threats, however, with strict definitions of ‘national security’ and ‘national threats’ while being proportionate to citizen’s privacy
- The need to rethink the process of creating the laws putting protection before punishment and not the other way around
- Palpable urgency felt to have a strong relationship between activists and political parties on privacy and surveillance concerns
National conference on surveillance this year tried to gear start the debate around privacy and surveillance in the country. However, it will be furthered by the support of stakeholders and will be held annually to create a strong network producing tangible results and putting forward suggestions for the government.
– End –
Digital Rights Foundation (DRF) is a research based advocacy organisation based in Pakistan focusing on ICTs to support human rights, democratic processes and better digital governance. DRF opposes any and all sorts of online censorship and violations of human rights both on ground and online. We firmly believe that freedom of speech and open access to online content is critically important for the development of socio-economy of the country. @digitalrightsPK
August 22, 2014 - Comments Off on Pakistan is a FinFisher customer, leak confirms
In the first week of this month, someone hacked into the servers of FinFisher, the notorious surveillance software maker, which was reported to have two command and control servers inside Pakistan last year. The hackers got hold of whatever they could find on the server and leaked it as a torrent. The 40Gb torrent contains the entire FinFisher support portal including the correspondence between customers and the company staff. It also contains all the software that the company sells as well as the accompanying documentation and release material.
What is FinFisher?
FinFisher is a company that sells a host of surveillance and monitoring software to government departments. The primary software, FinSpy, is used to remotely access and control the computers or mobile phones belonging to the people being spied on. The company offers several methods to install FinSpy, which range from a simple USB that can infect a computer to directly attaching the trojan with legitimate files when they are being downloaded through installing a kit at the ISP. The whole FinFisher toolset is designed to give the people buying these software access to emails, web browsing history, and any other activity performed by the “targets.”
Is Pakistan a FinFisher customer?
Apparently, yes. A University of Toronto based research group called Citizen Lab released a report last year identifying two FinFisher command and control servers on the PTCL network. But this recent leak gives us a more complete and conclusive picture. The leaked support portal tells us that someone from Pakistan in fact licensed three software from FinFisher for a period of three years. The systems Citizen Lab identified were probably the computers hosting the FinSpy server program and were merely using a PTCL DSL connection. PTCL, the company, we think was not involved. If not PTCL, then who? It could be anyone but since FinFisher only sells these software to government agencies, it was most likely one of the many intelligence agencies operating within the Pakistani government.
In one of the “critical” support ticket that we have extracted from the FinFisher support portal, someone identifies their name (retracted in this article) and location (Pakistan) and complains that their problems are not being addressed through Skype (which we presume was the primary way FinFisher provided help to the customers). FinFisher database identifies the said customer with the username 0DF6972B and ID 32.
What was purchased?
After that clue, we looked further into the purchase history of Customer 32 and their correspondence with FinFisher staff and found out that they have licensed not one but three software from the spy software maker. The primary software, FinSpy, is used to target people who “change location, use encrypted and anonymous communication channels and reside in foreign countries.” After FinSpy is installed on a computer or a mobile phone, it can be—according to the product brochure—“remotely controlled and accessed as soon as it is connected to the internet/network.”
In addition to FinSpy, Customer 32 also purchased another software called FinIntrusionKit to hack into hotel, airport, and other wifi networks to catch “close-by WLAN devices and records traffic and passwords”, extract “user names and passwords (even for TLS/SSL encrypted sessions),” and “captures SSL encrypted data like webmail, video portals, online banking and more.” The third software is a tool to infect USB devices so that whoever plugs them becomes a target of surveillance.
How does Pakistan FinFish?
From the support tickets filed by Customer 32, we also get to know that whoever in Pakistan purchased FinFisher used it, for instance, to infect harmless MS office documents, particularly PowerPoint files and sent them to people they wanted to spy on. The simple act of opening the infected files led their computer being put into constant surveillance including emails, chats, and other activity.
Customer 32 also used FinFisher to covertly steal files from the “target” computers. All the files of those who were targeted were readily available but Customer 32 wanted more, as outlined in another support ticket: “the agent be able to select files to download even when the target is offline and whenever the target comes online, those selected files may be downloaded without the interaction required from user.”
While we know that FinFisher is deployed in Pakistan, some questions remain to be answered. As citizens of a democratic state, it is our right to know who is using these surveillance software in Pakistan, how much budget is being spent on these licenses, and what laws and regulations are being followed for deploying these software.
Update [Sep 15, 2014]: How much did it cost?
WikiLeaks today released a list of countries who bought software from FinFisher and the associated cost that was paid. The cost was calculated using a price list they found inside an excel file. Pakistan, as per the revealed price list, paid €432120 (or 57 million Pakistani rupees) for the three software that were purchased.
From our earlier coverage:
» Global Coalition Of NGOs Call To Investigate & Disable FinFisher's Espionage Equipment in Pakistan
» FinFisher Commercializing Digital Spying – How You can be a Victim?
July 18, 2014 - Comments Off on UN Report Calls Mass Surveillance a Violation of Human Right to Privacy
In an important step towards establishing international consensus on the right to privacy in the technological age that we live in, United Nations High Commissioner for Human Rights on Wednesday issued a report calling bulk collection of private data and mass surveillance against the international law.
The report was prepared in response to the UN General Assembly resolution adopted during its 68th session in December 2013. The resolution, introduced by Brazil and Germany, specifically noted that the practices of bulk collection of private data and mass digital surveillance may be in violation of the Article 12 of Universal Declaration of Human Right and the Article 17 of the International Covenant on Civil and Political Rights:
"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks."
The resolution had called upon all the UN member states "to respect and protect the right to privacy, including in the context of digital communication" and had requested the United Nations High Commissioner for Human Rights to submit a report to be considered by the General Assembly during the next session.
The very existence of a mass surveillance program constitute an interference with privacy, the High Commissioner notes, and asks the governments to make sure such actions are neither arbitrary nor unlawful.
The report employes clear language in condemning collection of private digital data and observes that the "collection and retention of communications data amounts to an interference with privacy" regardless of the excuse that the data might be used later.
It dismisses the idea that the collection of metadata about a communication, in contrast to the communication itself, is not a violation of privacy. The metadata, it says, "may give an insight into an individual’s behaviour, social relationships, private preferences and identity that go beyond even that conveyed by accessing the content of a private communication."
It also cautions that the companies who supply mass surveillance technology to states which are known to use the information in violation to human rights risk "being complicit in or otherwise involved with human rights abuses,"
Considering that Pakistan has been known to have deployed Netsweeper and Narus products, which have reportedly been used by other repressive regimes for censorship and surveillance, on its network, Digital Rights Foundation (DRF) welcomes the report and hopes that the government of Pakistan, as a member UN state, would pay attention to the observations made in the report.
July 08, 2014 - Comments Off on Pakistan responds to the NSA Surveillance of PPP
United States' National Security Agency (NSA) was granted permission to spy on six political parties, over a dozen global organizations, and all but four world governments, according to a secret Foreign Intelligence Surveillance Court (FISC) certification leaked by the NSA whistleblower Edward Snowden. The organizations NSA was authorized to spy on include United Nations and World Bank as well as Pakistan People's Party (PPP) and Bharatiya Janta Party (BJP).
The top-secret FISC certification, posted by Washington Post on their website on June 30th, 2014, and other related documents that the Post has not yet shared, allow the NSA to intercept not just the communication directly originating to or from the targets mentioned above, but also any communication about them. This, we imagine, can be a very broad spectrum.
In response to DRF Director Nighat Dad's tweet asking if any member of the Pakistan People's Party was willing to speak on the unlawful NSA activity, Sharmila Faruqi, former advisor to the Chief Minister of Sindh, said that the revelation was akin to "intruding our privacy and sovereign rights [and thus] highly condemnable." She added that this "should be agitated at the highest forum."
Speaking on the same matter, former PPP Interior Minister Rehman Malik revealed that during the PPP tenure in 2012, cabinet meetings were being spied on. "The secret recording signals were traced during a random security sweeping before the cabinet meeting and after that the recording signals were broke down before the cabinet meeting," he said. He feared that the cabinet meetings of the present government might also be under surveillance. He was, however, unaware of who might be behind the recording signals. He suggested the Prime Minister Nawaz Sharif take up the matter with the US President Barak Obama through a formal letter.
PPP later issued a statement highly critical of the practice calling it "grave, unwarranted and totally unacceptable interference in the internal affairs of a sovereign country." The statement, issued by the PPP spokesman Senator Farhatullah Babar, demanded an apology from the US for "spying on the political institutions of a sovereign country." It also asked the government to take up this matter at the diplomatic level and demand that such violation of international law doesn't happen again.
Pakistan’s Foreign Office (FO), later on Thursday, formally lodged a protest with the US over the surveillance of PPP, calling the practice a violation of the international law and demanding an end it. "Appropriate measures are being taken to protect our cyber communication from any attack or spying," FO spokesperson Tasneem Aslam said in her statement.
PPP has also lodged a formal protest with the United States through a letter to the Ambessador of United States in Pakistan, Mr. Richard G. Olson. The letter expresses grave disappointment over the matter. "The Party believes that it owes no explanation to any foreign agency," the letter said, "It therefore strongly resents and deplores the overbearing attitude of the NSA in assuming a right to interfere in other countries and their political parties. This attitude of a department of the US government towards a popular Pakistani political party will only increase distrust and suspicion already noticeably present in the people of Pakistan towards the government of the United States."
This post is first part of a series on the unlawful surveillance of Pakistan People's Party (PPP) by the NSA.
April 15, 2014 - Comments Off on An open letter to Senate of Pakistan regarding Pakistan Protection Ordinance 2014 "Pakistan's new law: no free speech… and you're a terrorist unless you can prove otherwise"
The recent uproar over the Pakistan Protection Ordinance 2014 has created quite a stir in the country’s digital media platforms, and rightly so. The Government of Pakistan has recently passed, what appears to be, the most draconian and regressive anti-terror law in the National Assembly. The Pakistan Protection Ordinance 2014 has already been signed by the President and will soon be presented - and most likely approved - by the Senate on April 20, 2014.
The proposed law clearly inhibits fundamental rights to freedom of speech, privacy and peaceful assembly on the Internet. In its current form, the law could be used to suppress peaceful political opposition and criticism of government policy online, on social media for instance. In its schedule of offences, the law also lists “crimes against computers including cyber crimes, internet offenses and other offenses related to information technology etc". Also, instances where a person who commits any crime mentioned in the scheduled offenses becomes a cognizable and non bailable offense.
Any person accused within the sphere of scheduled offences will be liable to face a charge on grounds of reasonable evidence against him/her, and will be assumed to be engaged in waging a war or insurrection against Pakistan, unless he/she establishes his/her non-involvement in the offence, which reverses the burden of proof and undermines the right to due process and fair trial. The scheduled offence shall be punishable with imprisonment, which may extend to 10 years, with fine and confiscation of property.
The provision regarding internet crimes is so vague that it can be abused against journalists, politicians, minorities, students, activists, political dissidents and groups who are using the internet for activities which would not in any way be counted and ascertained as terrorism. From a due process perspective, there doesn’t seem to be a very strong case for introducing cyber crimes in the PPO 2014, when a separate Electronic Cyber Crime bill is already being drafted. So, what is the true intent of introducing an additional or supplementary provisions with regard to “Internet Crimes”?
The state of open access to internet in our country is dismal. In the 2013 Freedom on the Net report, Pakistan’s Internet freedom status in 2012-13 was ‘Not Free.’ The introduction to the report states: Successive military and civilian governments have adopted various measures to control the internet in Pakistan, which they frame as necessary for combating terrorism. In Freedom of Press, Pakistan ranks 159 among 179 countries. In the planned Ordinance, provision related to warrant less raids is in violation of Article 14 of our Constitution.
With the Electronic Cyber Crime bill, Pakistan has the momentous opportunity to set the benchmark in South Asia and the Global South in right to free speech online. This right necessitates freedom from persecution for all citizens who use digital communications platforms to express opinions, dissent, or critique against the state. As Benjamin Franklin said, “Whoever would overthrow the liberty of a nation must begin by subduing the freeness of speech.”
In an era where individuals, non-governmental organizations and international institutions rely on the multiplier effect of social media and digital news outlets to highlight issues of injustice and human rights violations, it doesn’t augur well for the country’s freedom of speech and human rights index to even consider this Ordinance.
Digital Rights foundation demands and calls on the senators to protect the rights to freedom of speech and privacy in accordance with Pakistan's obligations under international conventions, remove the clause of cyber crimes from Pakistan Protection Ordinance 2014 and revise the law with the consultation of relevant stake holders.
- End -
Digital Rights Foundation is a research based advocacy organisation based in Pakistan focusing on ICTs to support human rights, democratic processes and better digital governance. DRF opposes any and all sorts of online censorship and violations of human rights both on ground and online. We firmly believe that freedom of speech and open access to online content is critically important for the development of socio-economy of the country. www.digitalrightsfoundation.pk
December 30, 2013 - Comments Off on Pakistan bottom of the barrel on net freedom: Report
Government creating and installing new equipment to systemise website blocking and filtering, new report finds. PHOTO: EXPRESS/FILE
KARACHI: Pakistan is among the bottom ten countries in the Freedom on the Net 2013 report, which measures the level of internet and digital media freedom in 60 countries. The annual report is carried out by Freedom House, an independent watchdog organization.
In the new report, each country received a numerical score from 0 (the most free) to 100 (the least free), which serves as the basis for internet freedom status. Pakistan received a score of 67 and status ‘not free’, whereas Iceland was at the top with a score of just 6.
The Pakistan section of the report was conducted just after the elections held on May 11, 2013 and covered the developments regarding internet freedom between the time period May 2012 – April 2013. It was researched and compiled by Digital Rights Foundation, Pakistan along with research analysts of Freedom House.
“Pakistan remains one of the worst countries when it comes to online freedom of speech, user rights and citizens’ privacy”, commented Digital Rights Foundation Executive Director, Nighat Dad. “In the past year, state has been rigorously trying to implement the best of surveillance set-ups to create a kind of watchdog upon activists, journalists and a common citizen on the name of war against terrorism. Pakistan’ civil society, despite being faced with threats and vicious consequences, is strongly fighting against the state-employed policies and technologies that can hurt Pakistani citizen”.
Even though the number of internet users in the country is increasing, the Pakistan reportstates that there have been various political and social obstacles by successive governments that came into power, in the name of fighting terrorism and preserving Islam.
This has caused problems for many civil rights activists, students and other such personnel who want to engage in intensive multimedia training, the report concluded.
According to the report:
“Legal measures also threatened digital rights, particularly over sensitive religious issues. At least two of the 23 criminal investigations launched in 2012 under Pakistan’s strict blasphemy laws—which carry the death penalty—involved content sent by mobile phone. A Twitter spat escalated into a defamation suit after a political website accused a religious leader of inciting hatred”.
Obstacles to access
According to the report, “Low literacy, difficult economic conditions, and cultural resistance have limited the proliferation of ICTs in Pakistan. Poor copper wire infrastructure and inadequate monitoring of service quality by the Pakistan Telecommunication Authority (PTA) have historically stymied the expansion of broadband internet.”
Only urban cities such as Karachi, Lahore, Islamabad and Peshawar have access to better quality broadband services, the report found.
Additionally, the report cited “bureaucratic hurdles” as having caused a problem for development of 3G or 4G networks.
Access to the internet has been deliberately obstructed by the Pakistani authorities in Balochistan where there has been persistent conflict between the Baloch nationalists and the security forces, the report stated.
Limits on content
Some of the major developments by the government in 2012 and 2013 included creating and installing new equipment to systemise website blocking and filtering, the report found.
Despite such blocking, the report concluded that Pakistanis have relatively open access to international news organizations and other independent media, as well as a range of websites representing Pakistani political parties, local civil society groups, and international human rights organizations.
“Nevertheless, most online commentators exercise a degree of self-censorship when writing on topics such as religion, blasphemy, separatist movements, and women’s and LGBT rights,” it added.
Ordinary internet users as well as activists, bloggers, and media representatives in Balochistan are concerned about government surveillance as they feel restricted to openly talk about their religious beliefs, particularly atheists.
In February 2013, the upper house of parliament passed the Fair Trial Act 2012 allows security agencies to seek a judicial warrant to monitor private communications “to neutralize and prevent threat or any attempt to carry out scheduled offenses;” and covers information sent from or received in Pakistan or between Pakistani citizens whether they are resident in the country or not. Under the law, service providers face a one-year jail term or a fine of up to PKR 10 million for failing to cooperate with the warrant.
According to the report, “Pakistan is also reported to be a long-time customer of Narus, a US-based firm known for designing technology that allows for monitoring of traffic flows and deep-packet inspection of internet communications, and some media reports say Pakistani authorities have also acquired surveillance technology from China.”
Originally published on Tribune.
December 09, 2013 - Comments Off on DRF Research Report: Net Privacy in South Asia
In May 2013, 29 year old Edward Snowden, former CIA employee and technical contractor to the NSA, disclosed thousands of top-secret documents to the Guardian and Washington Post newspapers. These documents carried sensitive information about United States’ Internet surveillance programs such as PRISM, XKeyscore, Tempora, along with details of the interception of U.S. and European telephone metadata. In the U.S. political history, it is perhaps the most significant political leak since Daniel Ellsberg’s “Pentagon Papers” in 1971.
Pakistan – digital dictatorship in the guise of a democracy:
Not surprisingly during the same month, here in Pakistan, the government was found to be using FinFisher – one of the most sophisticated surveillance software suite available in the commercial market. The data shown in Citizen Lab’s analysis “For the eyes only” reported that Pakistan Telecommunication Company Ltd (PTCL) owns the network where FinFisher server was found in the country. Gamma International UK’s FinFisher suite is an IT intrusion and remote monitoring system whose principal market is state-operated surveillance. Read more
November 13, 2013 - Comments Off on Summary of Cyber Security Awareness Seminar, Lahore University of Management Sciences (LUMS)
The second Cyber Security Awareness Seminar was held at LUMS in collaboration with the Cyber Security Task Force and the Pakistan Information Security Association (PISA) on November 5th, 2013. The primary goal of this seminar was to highlight the increasing threats of Cyber Crimes and Cyber Terrorism.
The seminar saw the participation of LUMS students and faculty members; civil judges and research fellows at the Lahore High Court; the Additional Advocate General; various members of the business community and civil society representatives including Digital Rights Foundation, Pakistan.
The session was inaugurated with an introduction by Mr Ammar Jaffri, the Chairman Cyber Security Task Force. He went on to describe the audience about the threat perception in cyber space and mentioned about the counter measures taken up by the Cyber Security Task Force.
Following Mr. Jaffri was Barrister Zahid Jameel, Head of the Legal Committee for Drafting the Cyber Security Bill 2013. He discussed legal issues and challenges faced with regards to cyber security and the impediments faced by him and his committee while introducing the Cyber Security Bill 2013.
Dr Ashraf Masood, Dean NUST MCS, briefly explained about the cyber security policy adopted in Pakistan. He was then followed up by Mr. Shahid Hassan, Deputy Director of the FIA, who narrated his experience of the special cyber security training he had received in India.
The session was continued by Mr. Tariq Sheikh, Manager Customer Support and Training at LUMS, who brought forth the challenges and issues faced at LUMS in terms of cyber security. Seminar was concluded by a session from Mr. Tahir Chaudhry, Head Cyber Security Awareness Campaign who brought forth cyber issues faced by students and the general public. He provided some valuable tips on how to secure personal information online.
Finally, a summation followed all these presentations with closing remarks given by Professor Abid Hussain Imam, Assistant Professor at Shaikh Ahmad Hassan School of Law, who then opened the Q & A session.
Session summary by Muhammad Farooq - volunteer, Digital Rights Foundation