A recent executive decree from Peru’s government compels all telecommunications companies and Internet service providers to store traffic data for three years. Assuming that the decree holds, telcos will be forced to provide police with individual user data from these logs upon their request. Issued one day before Peru’s independence day, the decree explicitly states that the police should have access to geolocation data without a warrant or court order and that this data is not protected under the Peruvian Constitution. Peruvian lawyer Miguel Morachimo told the Electronic Frontier Foundation: “Any policy like that is controversial in itself, but the fact that it was directly approved by the Executive Branch without prior debate and in the middle of national holiday season is especially undemocratic.”
The decree has significant potential for abuse of its new powers. It ignores the fact that most cellphones today constantly transmit detailed location data about every individual to their carriers and that all this location data is housed in one place—with the telecommunications service provider. This will leave Peruvian police with access to more precise, more comprehensive, and more pervasive data than would ever have been possible under previous policies.
Pakistan too is planning to expand its surveillance capabilities, which could include monitoring broadband Internet traffic, phone records, and cellular data transmissions, according to a report by Privacy International. The Verge notes that because Pakistan already has stringent registration requirements, such as a national biometric ID program and SIM card registration by fingerprint, these bulk surveillance plans may be particularly invasive. ∞∞∞∞∞ SEE MORE ∞∞∞∞∞