Two officials from the Brazilian Intelligence Agency (Abin) have been taken into custody for allegedly employing phone hacking tools without the requisite judicial authority. The arrests were enacted under the auspices of “Operation Last Mile,” an initiative aimed at scrutinizing the misuse of mobile device geolocation systems. The Federal Police of Brazil announced these arrests last Friday.
In conjunction with the arrests, the federal police discharged 25 search and seizure warrants and two preventive arrest warrants, under the authority granted by the Federal Supreme Court. These actions encompassed numerous states in Brazil, including the country’s capital, Brasilia. Through the investigation, the police discovered the geolocation system employed by Abin appeared to be intrusive software used extensively amidst major Brazilian telephonic infrastructure. Such software can repeatedly invade telephone networks, especially if services utilizing public resources are exploited.
Article 7 of Lei Geral de Proteção de Dados, Brazil’s personal data protection law, establishes that personal data can be processed under certain circumstances, such as with the express consent of the data subject or under the legal or regulatory obligation of the controller. However, invoking the principles of correspondence and communication’s secrecy to ensure privacy, freedom, and in accordance with Article 5, Subsection XII of Brazil’s constitution, the documenting of personal information in a manner explicitly contravening these guidelines can be deemed unlawful.
The Federal Police of Brazil has made clear in its statements that any breach of personal data like the one alleged against Abin, including unauthorized interception of telephone, IT, or telematics communications, will result in legal consequences.