Brazil: Bloggers question the 13 new cyber-crimes

In the small hours of last Thursday, July 10, the Brazilian Senate passed the ‘Digital Crimes Bill’, which typifies the cyber-crimes punishable by law and stipulates penalties accordingly. The proposal will now be proceeding to the House of Representatives for a review of the last amendments, and the next step is its approval or veto (in full, or any of its articles).

Thanks to the pressure from many fronts, the initial draft proposed by Senator Eduardo Azeredo, which gathered unanimous rejection by the blogosphere, has been re-written for the better. The demand for user identification before they can take any action on the Internet, such as blogging, e-mailing or chatting, has been dropped, and some advances have even been made with the inclusion of an article to criminalize online racism.

On the other hand, many acts that would be considered trivial conduct when surfing the Internet are still typified as a crime, as explains blogger and lawyer Lu Monte [pt], while the online pedophilia issue, which was supposed to be the main motivation behind the new law, has been touched only superficially in just one of the proposed articles.

The Senate Press Relations Office issued a press-release [pt] to clarify some of the points and some blogs published a shorter version sent by e-mail to journalists:

“São 13 os novos crimes tipificados pela proposta: 1) acesso não autorizado a dispositivo de informação ou sistema informatizado; 2) obtenção, transferência ou fornecimento não-autorizado de dado ou informação; 3) divulgação ou utilização indevida de informações e dados pessoais; 4) destruir, inutilizar ou deteriorar coisa alheia ou dado eletrônico alheiro; 5) inserção ou difusão de vírus; 6) agravamento de pena para inserção ou difusão de vírus seguido de dano; 7) estelionato eletrônico (fishing); 8) atentado contra segurança de serviço ou utilidade pública; 9) interrupção ou perturbação de serviço telegráfico, telefônico, informático, telemático, dispositivo de comunicação, rede de computadores ou sistema informatizado; 10) falsificação de dados eletrônicos públicos e 11) falsificação de dados eletrônicos particulares (clonagem de cartões e celulares, por exemplo); 12) discriminação de raça ou de cor disseminada por meio de rede de computadores (alteração na Lei Afonso Arinos); 13) receptar ou armazenar imagens com conteúdo pedófilo (alteração no Estatuto da Criança e do Adolescente).”

“A lei não se aplica a quem, por lazer ou trabalho, usa corretamente o computador, seja desenhando, seja baixando músicas, seja batendo-papo, seja dando opiniões em blogs, fazendo pesquisas ou quaisquer atividades semelhantes. O BOM USUÁRIO DEVE FICAR TRANQUILO, POIS NADA ACONTECERÁ A ELE, A NÃO SER O AUMENTO DE SUA SEGURANÇA, PELALEI, NO USO DAS TECNOLOGIAS.”

“There are 13 new crimes epitomized in the proposal: 1) non-authorized access to an information device or automated system, 2) obtaining, transferring or providing of non-authorized data or information, 3) disclosure or misuse of personal information and data; 4) destroying, making unusable or degrading other people's objects or electronic data, 5) introducing and distributing viruses, 6) severer sentencing for introducing or distributing of viruses followed by damage; 7) electronic deception (phishing), 8) attack on security service or public utility; 9) interruption or disruption of telephone, telegraph computer, or electronic services, communication device, computer networks or computer system, 10) falsification of electronic public data and 11) falsification of private electronic data (credit card and mobile phone cloning, for example), 12) discriminating against people regarding race or color disseminated through computer networks (amendment to the Afonso Arinos Law), 13) receiving or storing pictures with pedophile content (amendment to the Child and Adolescent Statute).”
“The law does not apply to those who, for leisure or work, use the computer in a correct manner, whether drawing, downloading music, chatting online, writing opinions on blogs, searching content or any similar activities. The good user can rest in peace because nothing will happen to them, apart from the increase in security, according to the law, when it comes to technology usage.

The text may have been amended but new questions keep pouring in. Sérgio Amadeu [pt] is looking forward to clarifications of the above points:

1) quem define o que é o “uso correto do computador”? O Senador Azeredo?
2) o que é exatamente “um acesso não autorizado a dispositivo de informação (faltou ele incluir comunicação) ou sistema informatizado”?
3) O que é infomação? Bom, um site possui informações, um game, um CD, um DVD também. Se um jovem pegar um vídeo no youtube ou em um DVD ele estará ou não violando um dispositivo de informação?
4) Se eu destruir o DRM de um aparelho qualquer para copiar uma imagem ou uma cena de vídeo estarei comentendo um crime perante a lei do Azeredo? Se burlar um DRM de um dispositivo de música para copiar a música em outro aparelho serei um criminoso? Se eu rippar um CD e passar as músicas para o meu computador estarei violando a Lei do Azeredo?
5) Quando acesso uma rede de TV a cabo e pego um personagem de um filme ou de uma série da TV para usar no meu blog ou para recriar uma nova história estarei “obtendo um acesso não-autorizado de dado ou informação”?
6) Quando distribuir numa rede P2P ou apenas publicar no meu blog um vídeo que baixei do youtube, uma música que remixei, uma ficção que reescrevi com os personagens do filme “Guerra nas Estrelas”, ESTAREI comentendo um CRIME de “obtenção, transferência ou fornecimento não-autorizado de dado ou informação”?
7) Se o Senador diz que a Lei dele não tem nada a ver com a ampliação exagerada do copyright, então prá que necessitamos dos dois primeiros tipos criminais que a assessoria do Senador destacou entre os 13 novos crimes criados?
8) Se é para evitar “roubo ou furto” de dados e senhas JÁ não seria suficiente o tipo criminal “3 divulgação ou utilização indevida de informações e dados pessoais”?

1) Who defines what “correct use of the computer” is? Senator Azeredo?
2) What exactly is “non-authorized access to an information (communication should be included here) device or automated system”?
3) What is information? Well, a website contains information, a game, a CD, a DVD too. If a youngster gets a video on youtube or on a DVD, will they be violating the information device or not?
4) If I destroy any apparatus’ DRM to copy a picture or a video will I be committing a crime before the Azeredo Law? If I circumvent a music device's DRM, to copy the music to another device will I be a criminal? If I rip a CD and transfer the music to my computer, will I violate the Azeredo Law?
5) When I access a cable TV channel and pick up a character from a movie or a TV series to use it on my blog or to recreate a new story will I be “obtaining non-authorized data or information”?
6) When I distribute a video that I downloaded from youtube, a song that I remixed, a piece of fiction that I re-wrote with the characters from “Star Wars” to a P2P network or just post it on my blog WILL I be committing a CRIME of “obtaining, transferring or provision of non-authorized data or information”?
7) If the Senator says that the law has nothing to do with the excessive extension of copyright, then why do we need the first two types of criminal offenses that the Senator's PR team highlighted among the 13 new crimes created?
8) If it is to prevent “theft or stealing” of data and passwords would number “3) disclosure or misuse of personal information and data” not ALREADY be enough?

Ronaldo Lemos [pt], director of the Center for Technology & Society (CTS) at the Fundação Getulio Vargas (FGV) Law School and Project Lead for the Creative Commons in Brazil, provides his conclusions and some advice:

Em síntese, a imprecisão do texto e suas conseqüências imprevisíveis (algumas das quais listadas acima) demandam que sejam vetados no mínimo os artigos 285-A, 285-B, 163-A, parágrafo primeiro, Art. 6º, inciso VII, Artigo 22, III. Caso os artigos persistam, condutas triviais na rede serão passíveis de punição com penas de até 4 anos de reclusão.

In summary, the text's vagueness and its unpredictable consequences (some of which are listed above [on the post]) require that at least Articles 285-A, 285-B, 163-A, first paragraph, Art 6, item VII, Article 22, item III be vetoed. If these articles persist, [users] shall be liable for trivial conduct on the network and punished with sentences of up to 4 years’ imprisonment.

(Say no to the Senador Azeredo project, iconography by Nick Ellis)

Bloggers and Internet users in general demand more transparency and are mobilizing to fight for it. However, there is still a lot of confusion around the issues and many people are still referring to the earlier pre-amendment text to question the law. This doesn't come as a surprise considering that the public has not been invited into the debate and that only agreeable people were allowed to attend the open sessions discussing the law at the Senate.

It is a general consensus that the matter was not debated enough, and to help with it a blog carnival against censorship [pt] has been called for next Saturday, July 19. The original text of the proposal, available here [pt], is being translated into English by a group of volunteers, in order to raise international awareness. Meanwhile, an online petition [pt] in defense of freedom and progress of knowledge on the Brazilian Internet created by some very respected Brazilian cyberculture academics and ativists [pt] has been signed by over 58,000 citizens in just one week.

17 comments

Cancel this reply

Join the conversation -> jose murilo junior

Authors, please log in »

Guidelines

  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.