The federal government of Brazil may indeed have access to private data that citizens may have provided to any private company. More than that, a state agency may get information that was cleared by another entity in the state with a different purpose.

The findings are from a law professor Bruno Magrani, FGV-RJ. He is the author of the Brazilian chapter in a study that maps the ways in which governments around the world can access the private data that private companies process.

The research was coordinated by the Center for Democracy and Technology, based in Washington, and will be published as a book this month. There will be chapters on Germany, Canada, China, USA, Israel and the UK, among others – the Leaf had exclusive access to the section dealing with the Brazilian case.

We identified two main ways in which the state has systematic access to data from the private sector.

By Anatel, which deals with real-time access to data from mobile operators, is technically able to know who called whom and how long each call lasted.

And by means of agreements between public entities such as the federal police and prosecutors, and companies like Facebook and Google. This type of agreement is intended to accelerate processes.

SIMULTANEOUS OPENING:

While both the prosecutor and the police may ask the Justice department to break confidentiality, as ABIN (Brazilian Intelligence Agency) does not have this power.

This, however, does not mean that the body be without access to this information. The Sisbin (Brazilian System of Information), Abin and several other federal agencies, determines how and which data can be shared with the government agencies.

Thus, the Federal Police, for example, has a claim of breach of confidentiality of e-mail authorized by any instance of Justice, Abin can have access to the same information. “And who knows what other institutions,” says Magrani.

  • The happens, he says, because there is no specific legislation on the subject in Brazil. “It is the Civil Code that discipline,” he explains. “But in very general terms.”
  • Although emphasize that the goal of having access to the raw data from mobile operators is not doing surveillance, Anatel establishes that has jurisdiction to define “breadth, depth, timing and convenience in obtaining the data and information needed.”

It is even possible for agencies to know which lines communicate with each other – according to the agency, it would be possible to know whether a company is, for example, purposely dropping calls.

Expected to start operating in early 2013, the online system proposed by this resolution has not yet been put into practice.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.