Throughout 2016, EFF and our civil society partners have been closely following digital rights developments throughout Latin America. You can see some of the results in Unblinking Eyes, our exhaustive survey of surveillance law and practice across the Americas, as well as multiple countries’ localized versions of Who Has Your Back (Mexico, Colombia, and Brazil), our guide to how companies respond to government data requests. Both projects were led by an increasingly strong network of local digital rights groups in Latin America, who, together with some investigative work by the region’s incredibly brave journalists, have been keeping up the fight against mass surveillance.
ARGENTINA: A Database of Mobiles, Backsliding Among Spies
Argentinians’ privacy took a massive hit in October, when the Argentinean Ministry of Communication and the Ministry of Security adopted a resolution that creates a registry of users’ mobile communication services, citing a need to investigate serious and organized crime, including identity requirements for prepaid SIMs. Argentinian digital rights groups like Asociación por los Derechos Civiles fought the new regulation and opposed the nominees to lead the federal intelligence agency (AFI) for their lack of independence from the government. Despite that, the Senate confirmed their appointments in August, which may suggest the intelligence agencies are becoming more politicized and reverting back to old practices.
BRAZIL: WhatsApp Gets Blocked Again
In 2016, for the fourth time, WhatsApp users in Brazil faced an order blocking the popular, Facebook-owned secure chat service in July. Unlike in the past, the decision was made public, but the details of the case, including information available through the legal docket, are still not available. The government had been seeking real time communications between users and was frustrated by WhatsApp’s end-to-end encryption.
CHILE: Surveillance Is Ballooning Out of Control
Surveillance in Chile reached new heights in June 2016, when the country’s highest court gave a green light to surveillance balloons. In its ruling, the Chilean Supreme Court rejected a legal action filed by Fundación de Datos Protegidos, Corporación Fundamental and Derechos Digitales to end surveillance through camera-balloons in two municipalities of the capital.
PARAGUAY: Military Caught Spying on Journalists
In August, a Paraguayan newspaper revealed that the Paraguayan government used its intelligence system to spy on journalists. The military intelligence team carried out an operation to spy on two cell phone numbers of the journalists from the ABC newspaper who were investigating a series of articles about corruption in the military.
PERU: New Toys for the Spooks
In August of 2016, the Associated Press revealed that the Peruvian government acquired a $22 million tool from Israeli company Verint to conduct mass surveillance of communications. The program, named Pisco, lets officials “intercept and monitor” satellite networks that carry voice and data traffic, putting the private communications of millions of Peruvians at risk. Located in a three-story building next to the country’s spy agency, Pisco sits on a Lima military base off-limits to the public. It can track 5,000 individual targets and simultaneously record the communications of 300 people, according to agency documents, with eight listening rooms and parabolic antennae affixed outside to capture satellite downlinks.
MEXICO: A Little More Transparency, a Challenge for Data Retention, And a Spyware Scandal
Mexico managed to hit the headlines in three of EFF’s major areas of interest: transparency, data retention, and endpoint security. Even though a new Mexican law requires the government and private companies to publish transparency reports about electronic surveillance, the law has yet to produce substantial results. Only a single state entity, the Attorney General of the State of Querétaro, has complied with the law’s obligations, and AT&T Mexico is the only telecom company in the country to have published an individual transparency report on government data requests.
On the brighter side, the Federal Telecommunications Institute reported in 2016 that AT&T, AXTEL, Megacable, Telcel, and Movistar complied with their obligation to deliver a biannual report on the number of real-time geolocation and data registration requests they receive. However, the transparency reports were not made public: instead, a copy of the report was obtained by civil society organization Red en Defensa de los Derechos Digitales (R3D) through a FOIA request.
In May, Mexico’s Supreme Court heard a challenge filed by digital rights group R3D against articles 189 and 190 of the Ley Telecom, which require ISPs to retain communications data for two years. The Supreme Court made clear that a court order is required to access the retained data. Unfortunately, they refrained from declaring that mass data retention per se unconstitutional. Bizarrely, the court also gave the go-ahead to conduct real-time location tracking with no court order at all. R3D will be challenging the decision in the Inter-American Human Rights system, the region’s supranational judicial review court.
In a theme that runs throughout the region, reporters uncovered massive Mexican government investment in new spying tools. The Mexican authorities spent $15 million to buy a tool called Pegasus from the Israeli firm NSO Group. Pegasus is a “lawful intercept” spyware suite that can capture images and text messages, listen to phone calls, and steal other information from any smartphone. It appears that spyware was used to try to access the communications of Rafael Cabrera, a journalist investigating corruption in the Mexican government.
The vast amount of digital communications content we create—and the increasing ease with which it can be collected—means that governments around the world are capable of creating profiles of our lives: our medical conditions, political viewpoints, religious affiliations, and much more. Yet laws throughout Latin America and around the world are often vague and ripe for abuse, a problem compounded by secrecy around what the governments are doing. Our work in Latin America is part of our long-term project to reform global communications surveillance until it comports with human rights standards.
This article is part of our Year In Review series. Read other articles about the fight for digital rights in 2016.
Like what you’re reading? Support digital freedom defense today!