Pyrawebs: Scanned Terror Files

by Digital Rights LAC on March 1, 2015

lac  04 2014

With the excuse of cracking down on crime, Paraguay wants internet providers to store the data of all users for a year. The danger of mass surveillance has returned to the country.

By Maricarmen Sequera and David Bogado, TEDIC.

It was around 1992, in a police station in Lambaré, that Martin Almada and other activists discovered what are commonly known as the “Terror Files”, an overwhelming amount of evidence that proves the existence of “Operation Condor”. This was an agreement between Alfredo Stroessner and other dictators in the region to exchange documents, political prisoners, methods of torture, abduction and the forced disappearance of thousands of people, based on national security and the eradication of communism.

The Archive of Terror of the Paraguayan dictatorship became a Latin American reference for the meticulous and perverse work of police forces and their methods for getting as much information as possible from all its citizens.

23 years on from the discovery, and hopeful that in Paraguay we have learned a lesson about the severity of mass surveillance, a recent bill has appeared which could well bring back those files but in a digital format along with more vigilance, but with less effort.

The very same police force, that managed to return to a level of democratic coexistence, now welcome the possibility of restoring a communications tracking system which will be more sophisticated than ever.

The bill “Which establishes the obligation to retain data traffic”, was presented by Senators Facetti Fernando Silva, Roberto Acevedo, Arnaldo Giuzzio and Arnoldo Wiens in June 2014, and is currently pending in Congress. It awaits the approval of two committees and could well mark the return of intrusive surveillance activities on all citizens.

In addition to shifting the responsibility of the state from prosecuting crimes to the internet providers (ISPs), of documenting the data exchanged between users, these companies will have no other choice but to maintain or even raise the already high costs of their services, to afford the super computers that are required for retaining such information. According to unofficial data, it could cost up to 4 million dollars for the companies with more customers.

If a group of criminals (pedophiles, swindlers, kidnappers, etc.) uses the internet service for these and other purposes, is it fair for the rest of the users to risk having their communications intercepted? Apparently, the Public Ministry, the National Police and the congressmen who presented this project believe that retaining a high percentage of the information shared by internet users is the only way of tracking down criminals.

What will hundreds of police and informants (pyragués in Guarani), who for years worked on the development of what is now known as the Terror Files, think when they realize that there is a new and very similar project being set up in 2015?

There is no doubt that there are abuses when these types of laws are implemented. In countries where this law has existed, several assaults on the privacy of individuals have been unveiled. The Der Spiegel newspaper revealed how the German government used the retention of traffic data for spying on journalists and activists. There was also a similar case in Poland, while in Ireland a public official was caught using intelligence apparatus to control his ex-partner. It is needless to say, that this bill will endanger the communications of journalists, their sources, politicians, activists and advocates of a democratic state.

Currently, there are judicial rulings against this type of law around the world. The Grand Chamber of the European Court of Justice, in its ruling for the Digital Rights Ireland Ltd 2014 case, declared the Data Retention Directive of the European Union as being invalid. “In other words, it should never have been approved”: the legal policy considers that the mass collection of data from Internet traffic in Europe is a “far reaching form of interference and particularly serious with regard to the fundamental rights of privacy and the protection of personal data”.

In Argentina in 2005, the law of traffic data retention was declared unconstitutional. Another legal precedent is a case involving Brazil (Escher and Others vs. Brasil), the Inter-American Court of Human Rights ruled that metadata is just as important as the content, so they must be protected equally. This last legal document reaffirms that the traffic data retention bill in Paraguay violates the Constitution, in Article 36, which extends to all forms of communications carried out by any means.

The Constitution also recognizes, in Article 137, the International treaties ratified by the Paraguayan State thus consolidate the legality of such human rights. Additionally, it includes the right to privacy guaranteed by Article 33.

The current situation of Paraguay, in terms of insecurity, is extremely worrying. The prosecution of offenses and crimes ought to be specific, necessary and proportionate, however in this case, mass surveillance is disproportionate, unnecessary and invasive towards the lives of all citizens.

Paraguay has signed the MLAB agreement with the US, which is a memorandum of cooperation, for businesses of content applications on the Internet, such as Microsoft, Apple, Twitter and Facebook, among others. Its purpose is to monitor their users/customers in case they have suspicious content, plus handing over documentation or evidence of crimes to the local prosecutor, or vice versa. At this point the process is cumbersome and slow, there is a worldwide coalition to amend this MOU, to speed it up and solve crimes almost in real time. Thus, the prosecution asks the ISP to only keep the traffic data of any suspicious IP numbers but not of all the other devices.

A democratic state should not exist with this type of law, which would be more appropriate in a police state, like our country was 26 years ago. Must we return to that past? Are we willing to allow this to happen? If the answers are “No”, then we invite you take action by voting for the Petition against the Pyrawebs law, here.

More information: http://www.pyrawebs.tedic.org