Privacy and Human Rights

Republic of Peru

The 1993 Constitution sets out extensive privacy, data protection and freedom of information rights. [1] Article 2 states, “Every person has the right: To solicit information that one needs without disclosing the reason, and to receive that information from any public entity within the period specified by law, at a reasonable cost. Information that affects personal intimacy and that is expressly excluded by law or for reasons of national security is not subject to disclosure. Secret bank information or tax information can be accessed by judicial order, the National Prosecutor, or a Congressional investigative commission, in accordance with law and only insofar as it relates to a case under investigation. V. To be assured that information services, whether computerized or not, public or private, do not provide information that affects personal and family intimacy. VI. To honor and good reputation, to personal and family intimacy, both as to voice and image. Every person affected by untrue or inexact statements or aggrieved by any medium of social communication has the right to free, immediate and proportional rectification, without prejudice to responsibilities imposed by law…IX. To secrecy and the inviolability of communications and private documents. Communications, telecommunications or instruments of communication, may be opened, seized, intercepted or inspected only under judicial authorization and with the protections specified by law. All matters unconnected with the fact that motivates the examination are to be guarded from disclosure. Private documents obtained in violation of this precept have no legal effect. Books, ledgers, and accounting and administrative documents are subject to inspection or investigation by the competent authority in conformity with law. Actions taken in this respect may not include withdrawal or seizure, except by judicial order.”

A Data Protection Bill was introduced in Parliament by the Union del Peru political party in September 1999. [2] The bill is based on the new Spanish Data Protection Act, the Italian Data Privacy Act, the Australian Privacy Act, the United States Restatement of Torts and the European Union Data Protection Directive. The bill proposes the creation of a Data Protection Commissioner. If approved, the bill will make Peru fully compatible with the European Union Directive legal system. In March 2002, the Ministry of Justice published a Resolution in the Official Gazette establishing a special commission to draft a new Data Protection Bill. [3]

In August 2001, Peru enacted a data protection law covering private credit reporting agencies. [4] The law puts in place a set of principles to protect both individuals and companies whose information is recorded in databases. It regulates the incorporation of credit bureaus, qualifications for shareholders of these companies, and the sources of information they can use. Similar to Article 11 of European Union Directive, it sets out the information that must be provided to the data subject where the data has not been obtained from him or her. In addition, the law prohibits credit bureaus from collecting (1) sensitive information, (2) data violating the confidentiality of bank or tax records; (3) inaccurate or outdated information; (4) bankruptcy records older than 5 years; (4) other debtor records 5 years after the debt was paid. It provides that credit agencies must adopt security measures and grants individuals have the following rights: (1) the right to access to information; (2) the right to modify or cancel their personal data; (3) judicial relief for non-consumers or consumer protection law. The law also creates strict liability for damages. The Government Agency for Consumer Protection is in charge of applying fines for violation of the law and issuing injunctions to correct errors.

Article 154 of the Penal Code^[5]states that “a person who violates personal or family privacy, whether by watching, listening to or recording an act, a word, a piece of writing or an image using technical instruments or processes and other means, shall be punished with imprisonment for not more than two years.” [6] Article 157 criminalizes the disclosure of sensitive data including “political and religious convictions” and other aspects of intimate life.

Article 161 of the Penal Code states “that a person who unlawfully opens a letter, document, telegram, radio telegram, telephone message or other document of a similar nature that is not addressed to him, or unlawfully takes possession of any such document even if it is open, shall be liable to imprisonment of not more than 2 years and to 60 to 90 days’ fine.” [7] A sentence of not less than one year nor more than three years is to be given to any “person who unlawfully interferes with or listens to a telephone or similar conversation.” Public servants guilty of the same crime must serve not less than three or more than five years and must be dismissed from their post. A person who unlawfully tampers with, deletes, or misdirects “the address on a letter or telegram,” but does not open it, “is liable to 20 to 52 days’ community service.”

In April 2002, Peru passed a new law to govern the interception of communications and private documents. [8] Under the new law, a judicial warrant is needed to seize documents or intercept communications. The law requires telecommunications operators to provide all necessary technical assistance and facilities to carry out interceptions. The powers may be used in the investigation of crimes including kidnapping, trafficking of minors, drug trafficking, customs violations, terrorism, crimes against the humanity, and treason.

In its most recent report on Human Rights Practices, the United States Department of State noted that “unlike in previous years, there were few complaints that the Government violated “ rights to privacy of communications. In the past there were numerous reports of abuse of surveillance authority by Peru’s National Intelligence Service (Servicio Nacional de Inteligencia or SIN). The SIN conducted widespread surveillance and illegal phone tapping of government ministers and judges assigned to constitutional cases, beginning in the early 1990s. Army agents used sophisticated Israeli phone-tapping equipment to monitor telephone conversations, and copies of the conversations were delivered to Montesinos. [9] The SIN maintains close ties with the United States Central Intelligence Agency, including a covert assistance program to combat drug trafficking. [10] The SIN has allegedly conducted a nationwide surveillance campaign with the sole purpose of intimidating political opposition figures. In 1990, an opposition congressman’s house was blown up after he delivered a congressional report on domestic surveillance of opposition politicians, journalists, human rights workers and companies suspected of tax evasion. [11] In August, 1997 former UN Secretary General Javier Perez de Cuellar filed charges against the SIN with the Peruvian Attorney General and the Inter-American Human Rights Commission for taping 1,000 conversations he made from his home telephone between October 1994 and August 1995 while he ran for President against Alberto Fujimori. [12] President Fujimori absolved the SIN of the accusations against it, asserting that private individuals with commercial scanners had carried out the wiretapping. [13] The allegations prompted the resignation of the Defense Minister and a special prosecutor was appointed to investigate the incident. [14] The Defense Commission’s three-month inquiry confirmed accusations of the widespread wiretapping but concluded that there was no evidence the intelligence services carried out the spying. [15] A member of Congress and several journalists filed a suit on grounds that their constitutional rights had been violated (an acción de amparo), and to put an end to the tapping of their telephone calls. [16]

In July 2000 a Computer Crimes Act was adopted and is codified in Article 207(A)(B)(C) of the Penal Code. [17] The Act prohibits unlawful access, use, interference or damage to a system, database, or network of computers. Sanctions include up to five years imprisonment.

The Organic Law of the National Identification Registry and Civil Society (1995) created an autonomous agency which may “collaborate with the exercise of the functions of pertinent political and judicial authorities in order to identify persons” but is “vigilant regarding restrictions with respect to the privacy and identity of the person” and “guarantees the privacy of data relative to the persons who are registered.” The Law also requires all persons to carry a National Identity Document featuring a corresponding number, photograph and fingerprint. [18] The court must provide all personal data kept on file at the Public Registry upon request within 15 days. [19] In January 2002, a new law creating a National Registry of Persons with Disabilities was adopted. [20] The registry will be administered by the National Council of Integration of Persons with Disabalities (CONADIS).

Freedom of information is constitutionally protected under the right of habeas data. The first case to test the habeas data clause, which reviewed clause 7 of Article 2, was brought in the criminal court system in January 1994. The Supreme Court ruled in March 1994 that the case should not have been brought in the criminal courts, nullified all previous decisions on the case, and ordered it resubmitted to the civil court system. [21] Several cases have allowed the courts to establish their jurisdiction over, and support for, habeas data. In 1996 the Supreme Court, citing clause 5 of Article 2 of the Constitution, ordered the Ministry of Energy and Mines to release environmental surveys of a private mining operation to the Peruvian Society of Environmental Rights. [22] Also in 1996, the Supreme Court sided with the Civil Labor Association against the General Director of Mining and ordered the release of an environmental impact study submitted by the Southern Perú Cooper Corporation. [23]

In May 1994, Law N° 26301 was passed in order to set temporary legal standards for the legal application of habeas data. [24] The Law requires that all habeas data actions be notarized, although reasons for the requested action need not be given, and filed with the legal authority from which information or an action is desired. The Law sets out the time periods and procedures for taking actions under clauses 5, 6 and/or 7 of Article 2 of the Constitution. The Law was updated in June 1995 to give a right of action, provide greater access to records, and to limit its use as a means of censorship. [25]

In June 2002, the Parliament approved a long awaited Transparency and Access to Information of the Public Administration Law.^[26] The law establishes a general principle that State information belongs to the public. The Peruvian Press Council, which led the call for access to information has called the law “a step in the right direction” but says that it needs to be made stronger “to bring an end to the culture of secrecy and enable the State to work toward greater transparency.” [27]

Peru signed the American Convention on Human Rights on July 28, 1978, but withdrew from the jurisdiction of the American Court of Human Rights in July 1999.

[1] Constitution of Peru, available at <http://www.asesor.com.pe/teleley/5000%2Din.htm>.

[2] Proyecto No. 5233, Ley Sobre La Privacidad de los Datos Informaticos y la Creacion del Comisionado paragraph la Proteccion de la Privacidad, presentado por miembros del grupo parlamentario del Partido Popular Cristiano, 1999.

[3] Minsterial Resolution No. 094-2002-JUS.

[4] Law No. 27489. Ley que Regula las Centrales Privadas de Información de Riesgos y de Protección al Titular de la información, available at <http://www.leyes.congreso.gob.pe/DetalleLey.asp?wC_NORMA=6&wN_LEY=27489>.

[5] Código Penal, available at <http://www.congreso.gob.pe/out_of_domain.asp?URL=http%3A//www.leyes.congreso.gob.pe/>.

[6] The United Nations High Commissioner For Human Rights, Third periodic report of Peru: CCPR/C/83/Add.1, March 21, 1995.

[7] The United Nations High Commissioner For Human Rights. Third periodic report of Peru: 21/03/95. CCPR/C/83/Add.1.

[8] Law 27697. Ley que otorga facultad al fiscal paragraph la intervención y control de comunicaciones y documentos privados en caso excepcional . Publicada en el Diario Oficial El Peruano el 12 de Abril del 2002. http://www.leyes.congreso.gob.pe/LeyNume.asp

[9] “Former Agent Accuses Peru Spy Chief,” AP, March 17, 1998.

[10] Human Rights Watch, World Report 1998, available at <http://www.hrw.org/hrw/worldreport/Americas.htm>.

[11] “As Lima Talks Hit Snag, Some Ex-Hostages Are Complaining,” The New York Times, January 13, 1997.

[12] “Former U.N. chief charges Peru tapped his phone,” Reuters, August 4, 1997.

[13] “President Fujimori denies intelligence services behind phone-tapping,” America Television, Lima, BBC Summary of World Broadcasts, July 19, 1997.

[14] “Peru defense head resigns in crisis,” Reuters, July 17, 1997.

[15] “Peru Congress probe fails to catch phonetappers,” Reuters World Report, May 29, 1998.

[16] International Freedom of Expression eXchange (IFEX) Clearing House (Toronto), July 21, 1997 <http://www.ifex.org/alert/00002190.html>.

[17] Ley Nª 27309 publicada en el Diario Oficial el Peruano el 17 julio 2000 incorpora el artículo 207 A, B y C del Código Penal.

[18] Ley Organica Del Registro Nacional De Identificacion Y Estado Civil, Ley No. 26497, July 11, 1995. <http://www.congreso.gob.pe/ccd/leyes/cronos/1995/ley26497.htm>.

[19] Ley de aplicación de la acción constitucional del habeas data, Ley No. 26301, Nov. 13, 1995, available at <http://www.asesor.com.pe/teleley/bull505.htm>.

[20] Ley General de la Persona con Discapacidad Nª 27050, available at <http://www.leyes.congreso.gob.pe/Imagenes/Leyes/27050.pdf>.

[21] “AUTOS & VISTOS, “Comentarios jurisprudenciales,” Colegio de Abogados de Lima y Gaceta Juridica, January, 1996, 41-53.

[22] VerExp. N° 1658-95, published in the Diario Oficial El Peruano, “Jurisprudencia” September 4, 1996, 2297.

[23] VerExp. N° 263-96. published in the Diario Oficial El Peruano, December 28, 1996, 2698.

[24] Ley N° 26301, Aprueban Ley Referida a la Aplicacio de la Accion Constitucional de Habeas Data, May 2, 1994, available at <http://www.asesor.com.pe/teleley/bull505.htm>.

[25] IFEX, “Habeas Data law modified and approved,” 1995/04/25; IFEX, “President's Office promulgates reforms to Habeas Data laws,” 1995/06/12.

[26] Ley de Transparencia y Acceso a la Información. Proyecto aprobado el 27 de Junio del 2002 pero aun no publicado en el diario Oficial El Peruano.

[27] Elizabeth Cavero, Interview with Jorge Santiestevan de Noriega Legal Counsel, Peruvian Press Council, La Republica, June 29, 2002. Translation by Freedominfo.org, available at <http://www.freedominfo.org/news/peru1/>.