Brazil Must Rebalance Its Approach to Cybersecurity



by Robert Muggah

Council on Foreign Relations
September 2, 2016

When Brazil attends the Group of 20 Summit in Hangzhou next week, cybersecurity will be on the top of everyone’s mind. This includes President Obama who received a letter from U.S. senators this week urging him raise the issue with his Chinese hosts. A spate of high profile cyberattacks against U.S. government agenciesUK phone retailers and South Korean credit card companies are a dark reminder of the real dangers of security breaches and data theft. Cyber criminals are far ahead of international and domestic law enforcement. And the costs of cybercrime to the global economy are enormous, estimated to reach $2.1 trillion a year by 2019.

Brazil also has reason to be nervous. The country is at the epicenter of a global cybercrime wave. It ranks second in the world for online banking fraud and financial malware. And the problem appears to be worsening. The number and intensity of cyberattacks has risen significantly over the past few years. A 2012 study estimated the annual costs of cybercrime at R$16 billion (US$4.9 billion). An electronic banking payment scheme netted hackers over R$8 billion (US$2 billion) alone over a two-year period. There is a ready supply of cybercrime tools and skills on the dark web.

One of the reasons Brazilians are so vulnerable is because the country was an early adopter of online banking. The latest data indicate that more than 54 percent of all banking transactions are made using internet-connected devices. Brazil’s online migration also spawned a generation of cyber criminals with a demonstrated ability to wreak digital havoc. In 2015, more than half of the cyberattacks reported to Brazilian authorities were of Brazilian origin, though it is an issue seldomly discussed in local media.

Brazil has taken a number of steps to fight the problem. The Ministry of Justice and the Federal Police have ramped-up the investigation and prosecution of online crimes such as child pornography. Brazil’s experience with mega-events has steadily expanded the role of the armed forces, with the Ministry of Defense’s cyber defense center (CDCiber) gaining more responsibilities. Some civil liberties advocates fear that the pendulum may have swung too far in favor of a securitization of cyberspace.

An open question is whether Brazil’s approach to addressing cybercrime is the right one. The massive outlay of digital security and surveillance infrastructure for the 2014 World Cup and 2016 Olympic Games is a case in point. If these platforms are left running indefinitely without adequate oversight by civilian authorities, there is real potential for abuse. Justice Minister Alexandre de Moraes has said explicitly that Brazil intends to maintain the surveillance infrastructure now in place, though he has offered few details about checks and balances to guarantee that civil liberties are protected.

There are also signs that Brazil’s Congress is ratcheting up its surveillance of cyberspace. As a result of a congressional commission on cybercrime (CPICIBER), there are a number of bills that purport to increase penalties for cyber criminality, but may in fact curb basic digital freedoms. For example, one bill proposes that social media content that impugns someone’s honor must be removed within 48 hours. CPICIBER’s legislative proposals were widely condemned and several digital rights groups issued their own set of recommendations and guidance in addition to sending an open letter to Brazil’s Congress—efforts which resulted in some modest modifications to the commission’s proposals.

Brazil should consider taking a closer look at other G20 countries for effective ways to address cybercrime. Germany, for example, recently enacted legislation requiring financial institutions to report when they are a victim of a data breach or other cyber-attack, imposing penalties for non-compliance. The European Parliament recently issued a similar directive, which EU countries must now implement into domestic legislation. The Brazilian government should consider adopting similar reporting mechanisms.

Brazil could also consider joining the other 49 countries that have signed and ratified the Budapest Convention, a framework that facilitates international cooperation on fighting cybercrime while protecting human rights and due process. While Brazil has complained about not being involved in its original drafting, it is the only internationally-binding instrument to address cybercrime. At a minimum, the government needs to require greater transparency of service providers and financial institutions to ensure a more data-driven approach to cybersecurity.

Brazil has good reason to work with G20 partners to prevent cybercrime. After all, the majority of its citizens have been victimized by digital criminals operating abroad and, for the most part, at home. But the answer is not more intrusive surveillance. Rather, the focus must be on strengthening federal policing capabilities, developing sound legislation and improving Brazilians’ digital hygiene. If Brazil continues on its present course, there is a real danger that the proposed cure will be worse than the disease.

Image: Ueslei Marcelino/Reuters

Be the first to comment

Please check your e-mail for a link to activate your account.

An Update on the NAFTA Renegotiations

May 21, 2018

On today's Global Exchange Podcast, we touch base with CGAI's North American trade experts in light of a busy week on the NAFTA file in Washington. After months of hard-pressed negotiations, and 6 weeks of 'perpetual' discussions in Washington, the deal has reached its next turning point, with Congressional leadership signalling that they'd need a new deal by May 17th in order to have it passed before U.S. mid-term elections in the Fall. With no deal in sight, and the Congressional deadline now in the rear-view mirror, we sit down with Sarah Goldfeder, Laura Dawson, and Eric Miller to ask where we go from here.


Between Trump, Iran and North Korea, Canada’s G7 has a high potential for chaos

by Chris Hall (feat. James Trottier & Colin Robertson), CBC News, May 18, 2018

The struggle Trudeau could face if Kinder Morgan walks away from Trans Mountain

by Robert Tuttle & Michael Bellusci (feat. Dennis McConaghy), Bloomberg News, May 18, 2018

Canada 'a laughing stock': Experts react to Trans Mountain indemnity

by April Fong (feat. Dennis McConaghy), BNN Bloomberg, May 18, 2018


with Danielle Smith (feat. Sarah Goldfeder), Global News Radio, May 18, 2018

VIDEO: NAFTA Deadline Day (@ 3:00)

with Don Martin (feat. John Weekes), CTV Power Play, May 17, 2018

VIDEO: Deal or no deal on NAFTA: Canada and U.S. send mixed messages

with Rosemary Barton (feat. Colin Robertson), CBC The National, May 17, 2018

Trump’s 'submission' strategy is not working so expect NAFTA talks to drag on

by Kevin Carmichael (Feat. Eric Miller), Financial Post, May 17, 2018

Backstop deal may be last hope for TransMountain pipeline, says former oil executive

by CBC News (feat. Dennis McConaghy), CBC News, May 17, 2018

Stuck with limited oil export options, Liberals may regret B.C. tanker ban

by John Ivison (feat. Dennis McConaghy), National Post, May 17, 2018

Feds OK early start to construction of navy’s new supply ships

by Lee Berthiaume (feat. Dave Perry), The Canadian Press, May 17, 2018


Canadian Global Affairs Institute
Suite 1800, 421-7th Avenue SW
Calgary, Alberta, Canada T2P 4K9


Canadian Global Affairs Institute
8 York Street, 2nd Floor
Ottawa, Ontario, Canada K1N 5S6


Phone: (613) 288-2529


Making sense of our complex world.
Déchiffrer la complexité de notre monde.


© 2002-2018 Canadian Global Affairs Institute
Charitable Registration No. 87982 7913 RR0001


Sign in with Facebook | Sign in with Twitter | Sign in with Email