You are here

RioCard: concentration of money and data in Rio transportation system

4 November 2016

This guest piece was written by Joana Varon, Natasha Felizi and Danilo Doneda of Coding Rights. It does not necessarily reflect the views or position of Privacy International.

Vast amounts of information is compiled in the different varieties of RioCard, Rio de Janeiro's transportation cards. Citizens use the card to gain access to discounts or integrated fares in the transportation system. RioCard may be used without registering an official account, but in order to create one, it is required that everyone register their name, ID number, and date of birth.

While not mandatory, having an account is an advantage for lower income people, as it allows one to reclaim their credit if they lose the card. Creating an account becomes mandatory if you have transportation discounts for being a student, elderly, or an unemployed person, or if your employer pays for your transportation. In these cases, according to the benefit you are entitled, data from your school (including your degree of education), or your work records (such as occupation, company name, date of admission) would also be collected. And if a student is part of public support programs, his or her family data, such as income, is also required when creating a RioCard account. Biometric data is also collected from elderly passengers. Information regarding transportation routes and travel habits are collected from every user's card, which is  linked to people’s identity, if they have a registered account. With such data, it is straightforward to surmise a person’s patterns, habits, and even home and work locations.  With this data, it may even become possible to predict a person’s actions.

This trend toward integration of more and more services into one central card, is replicated outside of transportation. For example, in preparation for the 2016 Olympics, RioCard announced a partnership with Visa and together launched the RioCardDuo, which allows for users to use their cards for shopping, allowing for a record to be created about people’s spending habits.

But information gathered on transportation system in Rio goes beyond the information stored in RioCard. In 2013, while students were protesting the price of the public transportations, Rio's mayor approved the "Pact for Transparency in Transports". Deploying GPS and cameras was part of the process, and once they were implemented, these cameras got another layer of pervasiveness, as biometric identification through facial recognition was approved for the buses in 2015.

With all this data being compiled on citizens, it would be reasonable to expect that public authorities are careful and transparent to assure that this information will be stored securely. But this is not the case. An investigation from Coding Rights for a project focused on narratives to unveil surveillance in Latin America,  showed that:

a) a majority of data is concentrated in the hands of very few entrepreneurs and a network of agents (labelled by some as "transportations mafia") that have already been the target of investigations due to the lack of transparency in the billing processes;

b) there is no transparency, or proper privacy regulation, to guarantee that the data is being handled with appropriate care.

The discounted transportation fares are a result of "Bilhete Único" public policy, established in 2009. To implement this policy, the State of Rio de Janeiro have granted exclusively to the Federation of Companies for Passenger Transportation of Rio de Janeiro (Fetranspor) for ticketing services of all bus tickets, ferry, subway, and train in Rio de Janeiro. The Federation is also owner of RioCard IT, which is responsible for managing the data collected by ticket cards.

Fetranspor brings together 10 trade unions and gathers around 200 bus companies throughout the state. While it may seem a diverse range of companies, their ownership is concentrated in a very few people and companies, which sometimes are registered as owners, others as partners or directors. As a result, for instance, the businessman Jacob Barata, dubbed in Rio de Janeiro as the "King of Bus", is direct or indirectly owner of approximately 25% of the bus fleet of the city of Rio.

Thus, in addition to the profits generating from Rio’s vast transportation system, this small group also controls swaths of personal information about people who use their services. The investigation from Coding Rights made several FOIA requests to Fetransport and RioCard. Neither company provided substantive answers regarding who has access to the data that is collected, if it is shared for any other purpose than billing, how it are stored, for how long it is retained, and many other details. It is known that the Fetranspor sends reports to the Secretariats for Transportation of the Municipalities and the State of Rio billing data, but there is no further regulation regarding what they can or shall do with all the data that is collected. The scenario gets worse considering that the country has not enacted a Data Protection law, which would properly establish principles and provisions for data management of public data by the private sector.

That remains a dream while the task of trying to find protections spread out across the multiple statutes becomes an increasingly difficult one.