The draft needs both brevity in its purpose and boldness that is required for Pakistan’s challenges. It appears to assign a sizeable portion of work and leadership to academia and government without defining a responsibility-accountability matrix. It aims to create resources like a workforce of ten thousand trainers, who will subsequently train a million IT graduates in AI by 2026. This itself is a gigantic task, without much reflection on how it will assist in the development of commercial and technological AI infrastructure that is necessary for job creation and investments.
The absence of legal safety nets around commercial and personal information will continue to be the biggest hurdle and challenge for attracting any real investments.
The policy draft aims to create more red tape at the national and provincial levels through Centers of Excellence on AI (COE-AI) and a new AI regulatory directorate. These all will be funded through a new ‘AI Fund,’ a risk prone approach in the current economic situation amidst a poor business outlook. On the other hand, it fails to prioritize national sectors and does not identify achievable and measurable targets for them. For example, finding fifty IT enabled municipalities in Pakistan may be trickier than enabling AI for them by 2030. Similarly, creating a smart citizen portal for municipal services is already within the domain of provincial IT boards. Why reinvent the wheel through COEs on AI?
In terms of statutory infrastructures, it refers to the creation of a data protection statute and a National Commission on Personal Data Protection (NCPDP) by 2024 for addressing the complex issue of data protection. Originally, our proposed data protection bill was drafted in 2018 and its current draft from 2023 is presently with the Law division, as per recent media reports. The passing of the data protection bill in the current domestic political environment is extremely unlikely. The subsequent absence of legal safety nets around commercial and personal information will continue to be the biggest hurdle and challenge for attracting any real investments.
Local data centers or local cloud infrastructure in Pakistan are operating in a regulatory void.
In terms of technology and regulatory infrastructure, the document fails to recognize the role that different regulators can play in fostering innovation in industry, and creating the necessary regulatory environment. Today, most local or foreign applications capturing local subscribers’ data in Pakistan are operating without any domestic legal oversight. Similarly, local data centers or local cloud infrastructure in Pakistan are operating in a regulatory void. These are fundamental weaknesses that will impede any new initiatives.
In this context, a single fleeting reference to PTA, our telecom regulator and licensor, indicates an isolated drafting of this policy. It is a similar case for SBP, whose role has been scoped to financing of higher education scholarships. It may be prudent to revisit or even recreate this draft by inviting invite HEC, PTA and SBP, PEMRA, NADRA for drawing draw realistic priorities and objectives.
Standardization of data in the public sector is a rightly identified objective in the draft policy. It is however, another political ‘no-go area’ for now. Today, Pakistan has eight driver licensing authorities compared to UK’s one. A similar situation exists in excise and taxation, education, health etc. It is not only data standardization that is required. A Federal Health Minister coming onto the television, and discussing medical records of an in-custody accused is the diametric opposite of what we need for creating necessary trust in our public sector.
In another part of the draft, it is rather amusing to to note that the government aims to file two thousand patents, and register one hundred commercial models with IPOs annually, by 2026. We need to compare these with Pakistan’s track record on patents filing to date. Its better to leave this comment here, and say no more.
Notwithstanding these challenges, there is an opportunity in successful and vibrant incubators like the National Incubation Center, NUST Science & Technology Park and other facilities at GIKI, IBA and LUMS. Let these incubators have additional computational power that is envisaged in the policy draft. Let these act as centers of excellence, competing for funding from government, multilateral or bilateral sources, on the basis of their achievements rather than grants. They should be the soul of the envisaged triple helix partnerships. These can also be sandboxes for building partnerships with international players like Google, Microsoft etc. PTA can act as the secretariat and coordinator for all these activities on behalf of the Federal Government, and should be transformed beyond its current scope into a technology regulator.
For all of the above to happen, some things will have to change. Our traditional view of technology appointments has been mostly political appeasement for allies and favored political clients. IT infrastructure is critical national infrastructure for today’s age. It thus must be regulated as credibly and firmly as the financial sector. Data driving all major technology vectors is the proverbial gold of today’s information age. There is an immediate need for both capacity and capability building in the regulatory space, and creating regulatory ownership and leadership. Government must step back and let regulators and industry define the path for our future.
For the numerous planning fallacies and verbosity in the current policy draft, I will refer to Sun Tzu’s words from the Art of War, ‘If there is no skill in planning, it is difficult to achieve it, and if there is no skill in planning, it will fail.’