PTA Declares No Responsibility for Security of Electronic Devices

The Pakistan Telecommunication Authority (PTA) has clarified that it is not responsible for the security of electronic devices such as pagers, emphasizing that the identification of explosive materials falls outside its jurisdiction. The PTA stated that its remit is solely related to telecommunications, making this area unrelated to its functions.

The PTA’s primary responsibility is to regulate telecommunication systems and terminal equipment, as outlined in official documents regarding the security of electronic devices, particularly considering recent pager explosions in Lebanon and Syria. The authority observed that explosive materials could potentially be concealed by any electronic device, including ubiquitous domestic items such as televisions and refrigerators, not just telecommunications-related devices.

The PTA is responsible for the regulation of terminal devices to ensure that they comply with established standards, as outlined in Section 29 of the Pakistan Telecommunication (Re-organization) Act. This encompasses the verification of the GSMA validity of mobile device IMEIs and the confirmation that the devices have not been reported as stolen, duplicated, or cloned. The PTA also provides type certifications for telecommunication devices, such as VHF/UHF radios, routers, and gateways.

The PTA has a duty to validate applications through the type approval procedure using international testing reports from accredited laboratories. The authority guarantees that the technical standards established by the Type Approval Regulations 2021 are met by the samples submitted by applicants. Nevertheless, the bulk-imported devices are subjected to physical inspections for illicit materials by other relevant agencies after a type approval certificate is issued.

The PTA reiterated that the identification of explosive materials is not within its jurisdiction, as it is not directly related to telecommunications equipment. Its function is concluded upon the issuance of the type approval certificate, and subsequent security inspections are delegated to other agencies.

The PTA also referenced the federal government’s implementation of the Computer Emergency Response Team (CERT) Rules, 2023, in accordance with the National Cyber Security Policy 2021 and the Prevention of Electronic Crime Act 2016. These regulations encompass the establishment of a Forensics Lab and a Screening/Evaluation Lab to facilitate CERT operations. The Screening and Evaluation Lab will identify malware, flaws, and hardware issues prior to system deployment, while the Forensics Lab will conduct evidence collection and analysis from compromised systems.

Further information on this subject can be obtained from the concerned organizations, the PTA added.