The Pakistan Telecommunication Authority (PTA) has issued a public notification regarding the registration of Virtual Private Networks (VPNs) for enterprise and personal use by the new deadline of October 31, 2022. This is not the first time the regulator has looked to place unnecessary controls on the internet; the first time PTA attempted to enforce this rule was two years ago, in June 2020.

The argument behind this rule is that it stands to make the internet safer, but this line of thinking reflects that the top leadership of the national authority does not truly understand how the internet functions, or the most prominent threats in online spaces.

One of the major reasons for the use of VPNs by enterprises (and even individuals in some cases) is to stave off threats from public networks, in the form of hacking, phishing, information espionage and many other risks that come about with not having a secure network in which work is carried out. If the regulator was really on top of its game, it would recommend the use of VPNs for state institutions, instead of adding another unnecessary layer of red tape over conducting business online.

Multinationals and big corporations the world over use VPNs, and there is a reason governments from other states do not go about regulating their use. Innovation can scarcely take place if the tools used to do this in the modern age are overregulated or banned.

Repeated decisions by the telecommunication authority have established that the top leadership of the body does not have a handle on how cyberspace truly works, and what stifles and encourages the growth of the digital economy. There is a need to rethink the way of governing the internet, and the current top hierarchy of PTA must not be a part of the decision-making process if this readjustment is supposed to occur. A change at PTA and a loosening of controls are badly needed.