The Pakistan Telecommunication Authority (PTA) has introduced a new initiative to register Virtual Private Networks (VPNs) following the ineffectiveness of previous compliance efforts. The regulator now offers a specific licensing category, allowing companies to apply for permissions to operate VPN services. This strategy aims to mitigate issues with unregistered VPNs by permitting only proxies from licensed entities and blocking all others.
Under this system, licensed providers will enable authorities to oversee VPN traffic, addressing concerns about these networks’ anonymity. In a recent update, the PTA announced the resumption of Class Licenses for Data services, which VPN service providers must obtain to operate legally.
The introduction of a local VPN framework, proposed by the Pakistan Software Houses Association (P@SHA), seeks to support the country’s 2.5 million freelancers, including many women, enhancing family income through small-scale IT exports. P@SHA Chairman Sajjad Syed highlighted that licensed VPN providers would contribute a fee to PTA and offer their services in a way that is similar to how ISPs and cellular companies operate.
Users dissatisfied with one provider can switch to another, enhancing competition and service quality. Additionally, this system allows government monitoring of local VPN traffic, addressing security concerns. VPN service companies must pay significant license fees and are bound by stringent regulatory terms, including the mandatory provision of “Lawful Interception” equipment for national security purposes at their own expense.
Surveillance measures extend to all PTA licensees, including telecom firms, as revealed in a recent Islamabad High Court case showing extensive consumer data access capabilities. These provisions challenge the fundamental anonymity typically associated with VPNs and have been criticized as an overreach of authority, potentially deterring international entities from using local VPN services.