In Paraguay, Your Health Data and Credit Records Can Be Used Against You

One of the illustrations from the series Pyrawebs by El Surtidor. Used under Creative Commons license.

The following is an adaptation of the infographic series The Return of the Pyrawebs made by El Surtidor, which analyzes digital security issues in Paraguay.  

Refusal to re-enroll a student in a private Catholic school in Paraguay's capital, Asunción, clearly highlights what happens when companies exchange and do business with personal data. According to press reports, the family had been paying their school fees on time, but were denied re-enrollment because they were on a creditor's black list as guarantors on a defaulted loan.

The data was stored by Informconf, a private company whose database is filled with the commercial activities of half of Paraguay's population, with black lists that don't require a debt minimum to appear on it.

The parents of the child reported the situation as discriminatory, and although the education ministry agreed, no further actions were taken against the school. Apparently, Catholic institutions are regulated by the archbishop and, as a result, don't answer to the State, even if these schools are allegedly responsible for discrimination against a minor.

This financial information is not only accessed by private schools or credit agencies, but also potential employers. As a result, and in spite of the existence of a law approved to avoid precisely this kind of discrimination, people in debt have a harder time finding work and a harder time paying back their loans.

In the image: Discriminated against for being on [Informconf's database]. Informconf manages data from half of Paraguay's commercial activities. There's no minimum amount to be on the default list. With this data, companies make decisions on whether or not to give loans and evaluate potential employees. In the tweet: This is just one of the ways in which private companies use data daily to discriminate against people. Find out more [in the link].

Even your health data might not be safe

In 2016, a young man reported being expelled from the Military Academy for being HIV positive. After being the victim of mistreatment and humiliation from his superiors, he was forced to resign from the academy.

Despite its prohibition in 2009, between 2012 and 2016, 27 companies have been accused of demanding HIV tests from their workers. Some of them even ran these tests without knowledge or consent from their employees during routine analyses.

With this in mind, a study was done in 2016 by TEDIC, an NGO devoted to digital rights in Paraguay, together with the Electronic Frontier Foundation. The study produced troubling results:

Entre varios problemas, uno de los principales que cita el informe es la carencia total de legislación que proteja los datos personales de la ciudadanía, lo que se considera una omisión grave en el cumplimiento de los estándares internacionales de derechos humanos. Además, los estándares locales para la intervención de las comunicaciones privadas no cumplen con los principios de necesidad y proporcionalidad ni con las garantías judiciales exigidas por la normativa internacional. Esta situación de vulnerabilidad se agrava ante una amplia concesión de ambiguas potestades a organismos como el Servicio Nacional de Inteligencia (SINAI), bajo el argumento de la “seguridad nacional”.

Among many other issues, one of the most important problems cited by the report, is the total lack of legislation made to protect citizen's personal data, which is considered to be a grave omission in the compliance of international standards for human rights. Moreover, local standards surrounding the monitoring of  private communications comply neither with the principles of necessity and proportionality nor with judicial guarantees demanded by international norms. This situation of vulnerability gets worse with the wide concessions that are given to organisms like the National Service of Intelligence which use the argument of “national security”.

Start the conversation

Authors, please log in »

Guidelines

  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.