Brazil moves toward an internet bill of rights

(Photo illustration: Shutterstock)

(Photo illustration: Shutterstock)

After two years of wrangling, the Brazilian chamber of deputies finally approved the General Internet Framework last week. 

The movement that resulted in bill 2126/11 – referred to as Marco Civil da Internet or simply Marco Civil – began in 2007. The Marco Civil was drafted in 2009 by the ministry of justice in partnership with the Center for Technology and Society of the Getulio Vargas Foundation, and with the direct participation of civil society.  After extensive public consultation, with over 2,300 contributions, the bill was sent to congress in 2011 and recommended to the president.  It outlines the duties and prohibitions on the use of the web, as well as structures the ways in which the courts can request records for user communications and network access.

While the bill has passed the bicameral congress’ lower house, it now needs to be approved by the senate, which will vote this month. If passed, the bill will need presidential approval to become law. It is widely expected that the bill will clear both these hurdles. The process is made all the more urgent as Brazil is set to host Net Mundial – a global forum exploring the future of internet governance — at the end of the month.

Marco Civil was drafted with three key issues in mind: Net neutrality, user privacy and freedom of expression. Under the bill, internet service providers are barred from interfering with connection speeds or content. Civil society strongly backed the framework around net neutrality.

Altogether, five amendments were made to the final text. The main change was the removal of a section of Article 12 whereby the presidency could require, by decree, connection providers to “install or use structures for storage, management and dissemination of data (data centers) in national dominion”, taking its billing into account.

This point was included last year at the request of the government after president Dilma Rousseff voiced complaints about spying by the National Security Agency (NSA). The revised Article 12 provides that Brazilian law will take effect on all companies providing services in the country, including foreign ones.

Another important change was made in the first subparagraph of Article 9, which deals with exceptions to net neutrality, such as discrimination or degradation of services or performance. Such cases were to be resolved by presidential decree. The revised amendment states that cases of exception will follow determinations from the constitution and guidelines of the Agência Nacional de Telecomunicações (telecommunications national agency – Anatel) and the Comitê Gestor da Internet (internet managing committee – CGI).

While the current wording of the bill shows social and political maturity, and seeks to put Brazil on another level in terms of freedoms of expression, it has its blind spots. These includes the storage of user data by ISPs for one year for investigation purposes, which is damaging to privacy. The text can still be changed.

Historic session

The historic vote was watched by a huge television audience, as the sessions of the Chamber of Deputies featuring 400 congressional representatives argued over the bill was broadcast live. Social media lit up, with #MarcoCivil trending on Twitter.

The question is whether in addition to being a massive victory for the government the piece will not end up being used for electioneering in the 2014 elections.

On Twitter, Rousseff said that “the Civil Landmark is a tool of free expression, privacy of the individual and respect for human rights”. She also said that “the approval of the Internet Civil Landmark by the Chamber of Deputies is a victory for all of Brazilian society”. She added  that “the project shows the pioneering role of Brazil in a moment that the world debates the security, the privacy and the plurality in the network”.

Representatives said the text was a “parameter to the world”, “a reference in terms of freedom of expression” and “the most democratic process of voting on a bill in Brazil”. British physicist and creator of the web Tim Berners-Lee was quoted in plenary requesting the approval of the Marco Civil. The Brazilian press, which had criticised the original text, only reported the approval of the bill, and published some praise.

Despite the hoopla, Brazilian society remians divided over it. Most people have no idea about what the bill is intended to do. While there are some who support the regulation, others say that Marco Civil is a form of government control of the internet. Others still, just shrug.

A political drama

The approval of the Marco Civil was not an easy vote, as it may have seemed at first glance. The political will for the project to be brought up for a vote was stitched together through political and personal effort by Rousseff. Bill 2126/11, authored by the executive branch, served as political leverage for the PMDB, part of the governing coalition, and threatened to derail the project.

At the height of the crisis, PMDB came close to a break as a government ally, which would have drawn support away from the president. The so-called “block of disgruntled” was dissatisfied with Rousseff’s ministerial reshuffle in early March and required appointments in important ministries. The party also threatened to boycott Marco Civil by voting en masse against the proposal − which would mean fiasco. The tension between the PMDB and Rousseff  also came close to derailing coalition alliances ahead of this year’s elections.

Rousseff did not relent even and made a joke about the situation. In Chile, where she participated in the inauguration ceremony of president Michelle Bachelet, she said: “PMDB only gives me joy”, when asked about whether her weight loss had to do with her concern about the crisis in the governing coalition. The statement did not sit well with PMDB, but pleased the vice-president Michel Temer, a member of the party: “It really only gives joy to the government, supporting and helping the government.” The message was explicit: As a Brazilian saying goes, “one hand washes the other and both wash the face”.

After several closed-door meetings tempers were soothed paving the way for the support and the approval of the Marco Civil project. The terms negotiated between the parties are not yet known. What is certain is that the deal has the power to soften a partisan war.

Until last week, Marco Civil had frozen the Chamber of Deputies’ agenda since 2013. The text approved on the night of 25 March was substitutive, with several changes from the last version that was submitted in February. These deleted changes caused controversy, especially because they were seen to serve business interests.

The content of the final version, filled with handwritten addendums, was a draft during the vote. The deputies voted blindly, having no access to the final text and relying on word of the rapporteur, Congressman Alessandro Molon (PT, Workers Party). They voted based solely on the version being manipulated live, with last minute modifications. They voted thanks to agreements in the audience and the theatre of the plenary, and more on the political line than on the legal framework that Marco Civil represented. This is why they voted as a majority. One deputy commented: “This is not the House of knowledge, but of convincing.”


In an exclusive report broadcast by the TV show “Fantástico” on TV Globo Network, on the evening of 1 September, it was reported that the Brazilian government and Petrobras had been targeted by the NSA spying. The information was based on documents revealed by whistleblower Edward Snowden to Glenn Greenwald and Globo Network’s journalist Sonia Bridi. According to the report, Rousseff, her advisors and diplomats were also being monitored. All of these revelations visibly irritated the president − who had previously sent the draft of Marco Civil to Congress – and she demanded urgency in putting the bill on the agenda.

In late September, speaking at the opening of the 68th General Assembly of the United Nations in New York, Rousseff advocated the establishment of a multilateral framework for international civil governance and of internet usage. She argued that the actions of United States’ espionage in Brazil had wounded international laws and defied the principles that govern the relationship between the countries.

This article was posted on 2 April, 2014 at

Don’t gerrymander the internet


We can partially blame gerrymandering for the current gridlock in the U.S. Congress. By shaping the electoral map to create politically safe spaces, we have generated a fractious body that often clashes rather than collaborates, limiting our chances of resolving the country’s toughest challenges. Unfortunately, revelations about the global reach of American security surveillance programs under the National Security Agency (NSA) are leading some to propose what amounts to gerrymandering for the internet in order to route around NSA spying. This will shackle the internet, inherently change its technical infrastructure, throttle innovation, and likely lead to far more dangerous privacy violations around the globe.

Nations are rightly upset that the communications of their citizens are swept up in the National Security Agency’s pervasive surveillance dragnet. There is no question the United States has overreached and violated human rights in its collection of communications information on innocent people around the globe; however, the solution to this problem should not, and truly cannot, be data localization mandates that restrict data storage and flow.

The calls for greater localization of data are not new, but the recent efforts of Brazil’s President, Dilma Rouseff, to protect Brazilians from NSA spying reflected the view of many countries suddenly faced with a new threat to the privacy of the communications of their citizens. Rouseff has been an advocate for internet freedom, so undoubtedly her proposal is well intentioned, though the potential unintended repercussions are alarming.

First, it’s important to consider the technical reasons why data location requirements are a really bad idea. The Internet developed in a widely organic manner, creating a network that allowed data to flow from all corners of the world – regardless of political boundaries, residing everywhere and nowhere at the same time. This has helped increase the resilience of the internet and it has promoted significant efficiencies in data flow. As is, the network routes around damage, and data can be wherever it best makes sense and take an optimal route for delivery.

Data localization mandates would turn the internet on its head. Instead of a unified internet, we would have a fractured internet that may or may not work seamlessly. We would instead see districts of communications that cater to specific needs and interests – essentially we would see Internet gerrymandering at its finest. Countries and regions would develop localized regulations and rules for the internet to benefit them in theory, and would certainly aim to disadvantage competitors. The potential for serious winners and losers is huge. Certainly the hope for an internet that promotes global equality would be lost.

Data localization may only be a first step. Countries seeking to keep data out of the United States or that want to exert more control over the internet may also mandate restrictions on how data flows and how it is routed. This is not far-fetched. Countries such as Russia, the United Arab Emirates, and China have already proposed this at last year’s World Conference on International Telecommunications.

As internet traffic begins to demand more bandwidth, especially as we witness more real-time multimedia applications, efficient routing is essential to advance new internet services. High capacity applications like Apple’s FaceTime may slow to the painful crawl reminiscent of the dial-up days of the internet.

This only begins to illustrate the challenges internet innovators would face, but big established players like Facebook, Google and Microsoft, would potentially have the resources to abide by localization mandates – of course, only if the business case supports working in particular locales. Some countries with local storage rules may be bypassed altogether. For small or emerging businesses, data localization requirements would be a greater challenge. It would build barriers to markets and shut off channels for innovation. Few emerging businesses could afford to locate servers in every new market, and if local data server requirements become ubiquitous, it will be businesses in emerging markets that are most disadvantaged. The reality for developing nations is that protectionist measures such as data localization will further isolate local business from the global market, depriving them of the advantages for growth that are provided by the borderless internet.

Most important though, is the potential for fundamental harm to human rights due to data localization mandates. We recognize that this is a difficult argument to accept in the wake of the revelations about NSA surveillance, but data localization requirements are a double-edged sword. It is important to remember that human rights and civil liberties groups have long been opposed to data localization requirements because if used inappropriately, such requirements can become powerful tools of control, intimidation and oppression.

When companies were under intense criticism for turning over the data of Chinese activists to China, internet freedom activists were united in theirs calls to keep user data out of the country. When Yahoo! entered the Vietnamese market, it placed its servers out of the country in order to better protect the rights of its Vietnamese users. And the dust up between the governments of the United Arab Emirates, Saudi Arabia, India, and Indonesia, among others, demanding local servers for storage of BlackBerry messages in order to ensure legal accountability and meet national security concerns, was met with widespread condemnation. Now with democratic governments such as Brazil and some in Europe touting data localization as a response to American surveillance revelations, these oppressive regimes have new, albeit inadvertent, allies. While some countries will in fact store, use and protect data responsibly, the validation of data localization will unquestionably lead to many regimes abusing it to silence critics and spy on citizens. Beyond this, data server localization requirements are unlikely to prevent  the NSA from accessing the data. U.S. companies and those with a U.S. presence will be compelled to meet NSA orders, and there appear to be NSA access points around the world.

Data localization is a proposed solution that is distracting from the important work needed to improve the Internet’s core infrastructural elements to make it more secure, resilient and accessible to all. This work includes expanding the number of routes, such as more undersea cables and fiber runs, and exchange points, so that much more of the world has convenient and fast Internet access. If less data is routed through the U.S., let it be for the right reason: that it makes the Internet stronger and more accessible for people worldwide. We also need to work to develop better Internet standards that provide usable privacy and security by default, and encourage broad adoption.

Protecting privacy rights in an era of transborder surveillance won’t be solved by ring fencing the Internet. It requires countries, including the U.S., to commit to the exceedingly tough work of coming to the negotiating table to work out  agreements that set standards on surveillance practices and provide protections for the rights of privacy and free expression for people. Germany and France have just called for just such an agreement with the U.S. This is the right way forward.

In the U.S., we must reform our surveillance laws, adopt a warrant requirement for stored email and other digital data, and implement a consumer privacy law. The standards for government access to online data in all countries must likewise be  raised. These measures are of course much more difficult in the short run that than data localization requirements, but they are forward-looking, long-term solutions that can advance a free and open internet that benefits us all.

Joseph Lorenzo Hall, Chief Technologist at Center for Democracy and Technology, co-authored this piece with Leslie Harris.

This article was originally posted on 4 Nov 2013 at