Report Finds Loose Laws on Data and Surveillance in Latin America

WHISTLEBLOWING - SURVEILLANCE, 17 Oct 2016

Cora Currier – The Intercept

Leia em português ⟶

data-surveillance-lac-big-brother

10 Oct 2016 – The laws in many Latin American countries haven’t kept pace with the increasing power of surveillance technology, creating the potential for serious abuses, according to a new report from a privacy watchdog.

Despite recent revelations of widespread use of spyware capable of infiltrating phones and computers by many governments in the region — including, in some instances, against political opposition and journalists — not a single Latin American country surveyed in the report has specific laws on the use of such invasive technology. Many countries, including Brazil, Colombia, Chile, and Mexico, require companies to log detailed data on their customers and give law enforcement access to the information on demand. Colombia has a ban on encryption, and El Salvador requires communications providers to decrypt traffic at the government’s demand.

The report, written by researchers for the San Francisco-based Electronic Frontier Foundation, looked at surveillance laws in 12 countries in Central and South America. It opens with a stark reminder of what is at stake: a history of the collaboration among military dictatorships in Argentina, Chile, Paraguay, Bolivia, Uruguay, and Brazil in the 1970s and ’80s known as “Operation Condor.” Files discovered later documented torture, disappearances, imprisonment, and executions, enabled through a regime of informants and surveillance.

Image: Necessaryandproportionate.org

Image: Necessaryandproportionate.org

An interactive map based on the EFF’s reporting depicts the state of communications surveillance in Latin America.

Many intelligence agencies in the region were formed under these military dictatorships, and even after transitioning to democratic rule, most Latin American countries maintained strong executive branch powers “without well-placed controls or public oversight mechanisms.” Given the power vested in many presidents in the region, the report says, “intelligence agencies in Latin America have been powerful tools in presidential politics, specially used to spy on dissident groups, opposition politicians, or independent journalists.”

Colombia’s national security agency under former President Álvaro Uribe was found to have illegally wiretapped calls and hacked the emails of his political opponents. The revelation of the scandal in 2011 led to the dissolution of the agency and various reforms — though the authors of the EFF report still think the country’s broad intelligence law leaves room for abuse.

“We’re especially concerned with laws requiring data retention on the whole population for future use by law enforcement,” said Katitza Rodriguez, one of the authors of the report. “Colombia has a retention period of five years, and there are no clear rules of who can access the data and how it will be deleted after the fact.”

While Mexico’s Supreme Court recently put some safeguards on the country’s data retention law, limiting who could access the information, Paraguay was the only country EFF found that had rejected data retention policies entirely.

In the United States, the FBI has clashed with companies over what sort of information they are required to turn over and what they are legally required to do, most famously trying to force Apple to break into the iPhone of the San Bernardino shooter. Latin American governments have also pushed providers to do their bidding with aggressive interpretations of what the law requires.

Earlier this year, a state judge in Brazil shut down the messaging service WhatsApp for 72 hours after demanding that the company turn over the content of messages for a criminal investigation. WhatsApp stated that it could not turn over what it didn’t have, since the app, with end-to-end encryption, doesn’t have a record of what users send. (The judge’s order was overturned by another court.)

EFF found that Colombia has a law on the books that actually bans the use of encryption.

“If it were actually enforced, many things would be illegal,” Rodriguez said. “They aren’t enforcing it now, but as the use of encryption becomes more widespread, that old law is becoming more relevant.”

The report is also concerned with the increased surveillance firepower readily available to governments. When company records for the Italian spyware manufacturer Hacking Team were hacked and released online last year, it came out that Brazil, Colombia, Chile, Ecuador, Honduras, Mexico, and Panama had bought surveillance software from the company, and many other nearby countries had been in talks with the company.

Mexico was Hacking Team’s top client, and not just federal agencies bought the spyware but also many state governments and the national oil company PEMEX, which do not have the authority to conduct surveillance. Mexican journalists uncovered that the governor of the state of Puebla had used the malware to spy on political opponents.

Cases like Puebla get at the heart of one of the report’s main takeaways: While it found some positive trends in terms of legal protections and transparency reports, the issue is how the law is interpreted and enforced.

“Without public oversight — not just judicial oversight — the laws on the books just won’t work,” said Rodriguez.

__________________________________

Cora Currier✉cora.currier@theintercept.com

Go to Original – theintercept.com

Share this article:


DISCLAIMER: The statements, views and opinions expressed in pieces republished here are solely those of the authors and do not necessarily represent those of TMS. In accordance with title 17 U.S.C. section 107, this material is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. TMS has no affiliation whatsoever with the originator of this article nor is TMS endorsed or sponsored by the originator. “GO TO ORIGINAL” links are provided as a convenience to our readers and allow for verification of authenticity. However, as originating pages are often updated by their originating host sites, the versions posted may not match the versions our readers view when clicking the “GO TO ORIGINAL” links. This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a ‘fair use’ of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond ‘fair use’, you must obtain permission from the copyright owner.

Comments are closed.