From Cyber Security to Cyber War – the development of surveillance policies in Brazil (Da Cibersegurança à Ciberguerra – o desenvolvimento de políticas de vigilância no Brasil) provides an overview of the Brazil’s current programme of cybersecurity, its capacity for Internet surveillance, and the potential repercussions for freedom of expression.
ARTICLE 19 examines recent changes in cyber policy, and how they have been influenced by two main factors: the revelation of the United States’ espionage on Brazilian communications, exposed by Edward Snowden; and the State authorities increasing interest in security during major events, such as the upcoming Olympic Games.
The Brazilian government has explored several options to protect its internal governmental communications, from the construction of a fibre-optic submarine cable connecting Brazil directly with Europe, to the development of a national secure and open-source email service. It has also been working at the international level, notably at discussions within the UN, to promote decentralisation of Internet governance worldwide.
Brazil has also made changes to its military, under the direction of the Ministry of Defence, including investment in the restructuring and modernisation of its Cyber Defence Centre (CDCiber). The report shows that the CDCiber also may have coordinated domestic surveillance, for example through the monitoring social networks for information regarding protests that were planned during the Confederations Cup in 2013 and the World Cup in 2014.
For Laura Tresca, ARTICLE 19’s Digital Rights Officer in Brazil, the militarised approached to cybersecurity puts the rights of the civilian population at risk. “The Brazilian government is giving more powers to the military on a scale that cannot be justified. Moreover, it is strengthening an apparatus that can be used to violate people’s rights, particularly the rights of freedom of expression and privacy, despite the arguments based on sovereignty and security that are used to justify the measures”
“The process has lacked transparency throughout. Based on the Access to Information Law, we made a series of information requests regarding details of the cyber programmes and the practices of State authorities. In general, the responses have been insufficient,” she concluded.
The report, which is available in Portuguese here and will be available in English soon, also points to the emergence of a market for surveillance software market and the need for a personal data protection law in Brazil.