W7y8w3

PERURights versus crime: Twenty years of wiretapping and digitalsurveillance in PeruRed Científica Peruana and Universidad Peruanade Ciencias AplicadasFabiola Gutiérrez and Jorge Bossiowww.rcp.pe, www.upc.edu.peIntroductionThe systematic monitoring of citizens by the state inPeru was revealed in 2000, after the collapse of thesecond administration of ex-president Alberto Fujimori(1995-2000). Fujimori resigned in his last yearin office, after a network of government espionageand corruption was revealed. This included videorecordings of secret meetings and alleged communicationssurveillance conducted and managed bypresidential advisor Vladimiro Montesinos, workingwith the National Intelligence Service (SIN). Thissystematic surveillance by the state resulted in thedissemination of private information, recordingsand videos of public officials, journalists and manyother influential people.These events sparked the beginning of the debatearound the purpose of surveillance in Peru,and the violation of the right to private communicationsby state agencies and private entities – andwhat legislation could be developed to regulatethis. This discussion is ongoing, with more cases ofcommunications interception being revealed.From state surveillance to industrialespionage and hackingThe Constitution of Peru establishes the privacy ofcommunications as an individual right and does notdifferentiate between digital or non-digital communications.Nevertheless, respect for freedom ofexpression and association and non-discrimination,which are basic rights, have been violated manytimes due to the government’s interest in trackingopposing opinions, the actions of politicalopponents, industrial competition or even religioustendencies and sexual preferences.It is generally recognised that the state hasthe tools for monitoring, and can do so within alegal framework, with judicial approval, includingin cases of suspected terrorism and crime. But, forinstance, Peruvian legislation on cyber crime hasalso included a modification on what is permissiblewhen it comes to tapping telephones, a change thathas been met with criticism.Over the past 15 years there have, as a result,been several cases of communications violations,both by the state and individuals. Among the mostnotorious cases: the surveillance by the Fujimorigovernment; industrial espionage that revealedthe corruption of officials in influence peddling andlobbying; the dissemination of private telephoneconversations of electoral candidates; and the publicationof the email communications of governmentministers by journalists.The Fujimori government, the intelligence services,and the use of the military for surveillance (2000)The history of the regime of Alberto Fujimori, presidentof Peru during two consecutive terms (between1990 and 2000), is stained by the corruption that ledto his resignation. His presidential adviser VladimiroMontesinos had a starring role in this story full ofespionage and extortion, and even kidnapping andmurder.Montesinos effectively became the chief of intelligenceservices, where he allegedly created agiant spy network using army personnel and monitoringequipment, intercepting communicationsand recording videos of public officials, journalists,media entrepreneurs and other influential people.Industrial espionage: The case of Business Track(2008)Authorities found some 60,000 intercepted emailsby journalists and politicians opposed to the governmentin the computer systems of the generalmanager of the private security firm Business Track,Manuel Ponce Feijoo, a retired Navy officer. Evidenceof the wiretapping of officials and businessexecutives was also discovered. The most relevantcase was called Petroaudios (the so-called “oil recordings”),in which telephone conversations aboutillegal negotiations involving state oil concessionsthat would benefit a foreign company (Norway’sDiscover Petroleum Company) were recorded anddisseminated. Following this discovery, the illegalpractices of a private company engaged in systematicespionage came to light. 1Communications violation: Monitoringa candidate for the mayoralty of Lima (2010)On September 2010, during the election campaignfor the mayoralty of Lima, a television programmebroadcast an audio clip of a private telephoneconversation between Christian People’s Partycandidate Lourdes Flores Nano and a former congressmanfrom her party, Xavier Barron. In theconversation, Flores said that she no longer caredabout the election, after the results of a preliminaryvoter poll in which her opponent, Susana Villarán,took the lead for the first time. “I am not interestedin this election crap,” she said in the extracts thatwere released, prompting her precipitous decline invoter preferences. This audio recording was a determiningfactor in her loss of the election.National Security: Violation of a minister’s officialemails by LulzSec/Anonymous Peru (2013)The hacker group LulzSec Peru, collaborators ofAnonymous, obtained and shared emails from theMinistry of Interior, including the minister, WalterAlban. Digital communications about issues such asthe tracking of regional opposition leaders, the securityof officials and prosecutors’ investigations wereintercepted. The hackers said their intention was toprove the vulnerability of state information systems.The weak line: Private versus publicAfter the dismantling of the National Intelligence Service(SIN) following numerous cases of secret videorecordings being made and communications monitoredduring the Fujimori regime, a new intelligenceagency called the National Intelligence Directorate(DINI) was created. A couple of years ago, it came tolight that the budget for the DINI was increased in orderto monitor public network repositories like socialnetworks, forums or general topic lists, arguing thatthe use of these online platforms meant that this wasnot a violation of private communications.However, this surveillance is on the borders ofwhat is considered private and public, and raises theproblem of the legality of monitoring the public in generalwithout any suspicion of a crime being committed.The surveillance by the DINI sparked a debateabout access to and protection of information, asit cannot be argued that it has been done with alegitimate interest in mind – if this were the case,1 Romero, C., & Véliz, A. (2010, April 26). Tenía 53 mil emailshackeados. La República. www.larepublica.pe/26-04-2010/tenia-53-mil-emails-hackeados-0the law would have been followed and a court orderwould have been obtained. Although the increasein the budget allocated to the DINI is to monitorpublic networks, if they already do so illegally, thesuspicion that they perform other types of communicationssurveillance looms with great force. 2The legal frameworkLegislation relating to cyber crime in Peru is a relativelynew category under the Penal Code. In 2000,provisions relating to espionage or computer hacking(Article 207‐A) and computer sabotage (Art207‐B), that were within the scope of crimes againstprivate property, were included. However, it becameapparent over time that these did not respond tothe needs of protection required when it came to informationand communications technologies (ICTs).In 2011, when the bill for the Cybercrime Lawwas presented to Congress, its original versionmeant that the police could access digital communications,and legislators felt that it did not respondproperly to the right to privacy of communications.They argued that this right extends to all types ofcommunication, and the bill had to be corrected.The state filed a new version of the draft law,which was finally approved. However, the approvedlaw was also questioned, because it prohibits, on theone hand, the creation of databases using any publicinformation (which contradicts the law on access toinformation), and, on the other hand, leaves legislativegaps regarding telephone interceptions.Cybercrime LawOn 22 October 2013 the new Cybercrime Law 3 wasapproved. This law was inspired by the BudapestConvention on Cybercrime 4 – although Peru is not asignatory to this international convention.The new law punishes those who, using ICTs,“introduce, delete, copy, spoil, alter or suppressdata, or render data inaccessible” for criminalpurposes; those who engage in digital espionage,including telephone interceptions; engage in sexualharassment; and distribute child pornography.Regarding telephone interceptions, the penaltyfor this offence has been increased to a maximumof eight years when it comes to classified or “secretand confidential” information. It also includesaggravating circumstances when the offence compromisesnational security, or when it is performedby public officials or those linked to these officials.2 Interview with Erick Iriarte A., lawyer and founding partner ofIriarte & Asociados (www.iriartelaw.com), 24 May 2014.3 Law No. 30096 of 2013.4 conventions.coe.int/Treaty/EN/Treaties/Html/185.htm190 / Global Information Society Watch peru / 191