Peru’s New Cybercrime Law Undermines Transparency Legislation

Critics say Peru's new law on cybercrime is vaguely worded and threatens access to information. Credit: Public domain
  • by Milagros Salazar (lima)
  • Inter Press Service

The advances made in the law on transparency and access to public information have been undermined by the hastily passed law on computer crimes, which restricts and penalises the use of online databases, according to experts consulted by IPS.

The new law was put into effect to crack down on cybercrimes, including sexual harassment of minors. But civil society organisations complain that elements attacking the right to information were incorporated without debate or public input.

The Defensoría del Pueblo or ombudsman's office says the transparency law, which entered into force in 2002, has a few shortcomings, but is important because of the creation and use of government databases - which would be hindered, however, by the law on cybercrime.

The transparency law was passed with the aim of making government more transparent, to comply with the 1993 constitution, which guaranteed the right of people to request and obtain public information, and established the right of habeas data, under which any government official or civil servant who denies that right can be sued.

Since then, the Defensoría del Pueblo has received 6,714 complaints about requests for public information that did not receive a satisfactory response from the authorities, according to a report to be published in the first week of December, to which IPS had access.

Based on those complaints, the assistant ombudsman on constitutional affairs, Fernando Castañeda, told IPS that his office identified and interviewed 122 public employees responsible for turning over the information, to find out why the requests had not been met.

The main conclusion reached by his office was that an independent authority was needed to monitor and oversee responses to information requests, because civil servants are limited by the orders of their superiors, and in some cases have been punished when they provide information to members of the public.

And things do not get any better when citizens take legal action to complain about the lack of response to their requests for information, especially in rural areas.

Between January 2007 and March 2013, 841 habeas data actions were handled in the justice system, where cases can take up to a year in the first instance court, another year in the second instance court and two more in the Constitutional Court, Castañeda pointed out.

In other words, a four-year journey to try to obtain public information that has been denied.

The official said that the most significant aspect of the law was the creation of tools to facilitate citizens' access to information, with websites and open access to databases, under the concept of open data.

However, that access will be directly restricted by the new law on computer crimes, which was given fast-track treatment in Congress and signed into law a few weeks later, on Oct. 22, by President Ollanta Humala.

Protests by experts and civil society groups forced Justice Minister Daniel Figallo to state on Nov. 13 that he would study proposed reforms to the law. "We will revise some articles of the law," he said.

But Figallo defended the legislation, saying the aim was to fight data interference or interception rather than the dissemination of information. His ministry argues that Peru is thus accepting the guidelines of the Council of Europe's Convention on Cybercrime, the first international treaty of its kind, which since 2001 has provided global guidelines for the adoption of laws against computer crimes.

The president of the congressional justice commission, Juan Carlos Eguren, also said he was open to suggestions.

The law creates a three- to six-year sentence for people found guilty of capturing computer information from a public institution, to find out, for example, what is spent on social programmes and to complement that with the introduction of new data or alteration to analyse the information, lawyer Roberto Pereira of the Press and Society Institute (IPYS) told IPS.

That is based on article three of the law, which penalises those who use computer technologies to "introduce, delete, deteriorate, alter or suppress data, or render data inaccessible."

The law also establishes a three- to five-year sentence for creating a database on an identified or identifiable subject to provide information on any aspect of his or her personal, family, financial or labour life, whether or not it causes harm.

A common practice by journalists is to create databases on companies that are subcontractors for the state, in order to monitor public spending. But under the new law, doing that would automatically make them "cyber criminals," Pereira explained.

The IPYS stated in a communiqué that the law poses "a serious threat to the freedom of journalistic information, and to research and investigation in general." The majority of the local media, regardless of their ideological bent, agree with that criticism.

The law on cybercrime could "end up criminalising legal behaviour in cyberspace," said Pereira.

It also creates "an unacceptable framework of discretionality in its application," because of the broad, ambiguous criteria it contains, and ends up undermining other basic rights, he said.

There has been a great deal of speculation in Peru on what lay behind the passage of the controversial law.

Pereira cited three explanations: the legislators' ignorance about cyberspace; the interest on the part of some public figures in criminalising digital freedom and thus blocking investigations of corruption; "and the genuine interest of sectors of the government in improving penal legislation on cybercrime."

The non-governmental organisation Hiperderecho, which defends digital rights, noted in a communiqué that Congress passed the law "in less than five hours, with their backs turned to the public."

The organisation criticised the fact that on Sept. 12, Congress suddenly began to debate a bill that had just been introduced by the government, without incorporating in the discussion a long-debated justice commission ruling on another cybercrime bill.

The executive branch presented its bill after a telephone conversation by Defence Minister Pedro Cateriano was made public, and after progress was made towards a common regional code against cybercrime during a technical level meeting of experts of the Ibero-American Conference of Justice Ministers (COMJIB), held in Lima in June.

Miguel Morachimo, a representative of Hiperderecho, admitted to IPS that it was reasonable for the government to fight cybercrime. But he said that when the bill was debated in Congress, "it was completely overhauled."

In his view, the government was pressured by COMJIB and the banking association - which is worried about card cloning - and ended up acting in haste as a result.

The Defensoría del Pueblo's office on constitutional affairs has not yet taken a stance on the details of the new law, said Castañeda. But it did acknowledge that it runs counter to some objectives of the transparency law.

Hiperderecho has sent suggestions to Congress for improving the law on cybercrime. Meanwhile, what one law defends, the other blocks.

© Inter Press Service (2013) — All Rights ReservedOriginal source: Inter Press Service