Last year, media outlets revealed that the National Police of Colombia would operationalize the Single Platform for Monitoring and Analysis (Plataforma Única de Monitoreo y Análisis, or PUMA), through which it would be able to intercept “what is spoken, written or sent from e-mails, Facebook, Twitter, Line, Viber, Skype, and, in short, any type of communication undertaken via the internet.” More recently, last February, Se- mana magazine revealed that the military was reviewing e-mails and chats of those involved in the peace talks in Havana, Cuba.
In both cases, the government put its spin on the news. In the first case, the government presented PUMA as nothing more than the replacement of an older system, and stressed that it would be subject to legal controls. In the second, the Colombian president quickly announced the formation of a commission to develop the country’s policy on cybersecurity and cyberdefense.
Nonetheless, the underlying issues remain unsolved. What is, in the end, the technical capacity of PUMA? Is it possible to review anyone’s e- mails? Can the military access someone’s chat history? Is intercepting a phone call the same thing as intercepting internet traffic?
Although new scandals regarding state intelligence emerge periodically in Colombia, the state never clarifies how intelligence works in practice or what controls exist for its exercise. Meanwhile, as time moves on, intelligence schemes grow more sophisticated along with our cell phones and computers.
An analog rotary-dial telephone is as obsolete as “crocodile cables” used to intercept calls. Nonetheless, as the market facilitates the process of obsolescence and the incorporation of new massive technologies, it tells us little about the devices that are simultaneously developed to monitor individuals.
Technological changes tend to alter long-established assumptions regarding the reach of specific rights. Privacy is arguably the right that faces the most challenges in the digital environment. Yet regulatory and jurisprudential lacunae persist in terms of how technology affects the exercise of fundamental rights.
The cases of PUMA and the military’s spying on peace negotiators occurred soon after Colombia’s adoption of its new Intelligence Law, which, in theory, corrects previous irregularities and aligns with modern surveillance. But is this truly the case? Do we have a regulation that pre- serves national security without compromising citizens’ privacy and freedom of expression, among other rights?
The goal of this book is to examine the Colombian legal and jurisprudential framework regarding communications surveillance in light of today’s technologies. Phrased in the form of a hypothesis, the purpose is to demonstrate how intelligence-related laws and jurisprudence fail to ensure that potentially affected rights remain intact.
To test this hypothesis, I address several aspects of the country’s Intelligence Law that I selected somewhat arbitrarily: the interception of communications, surveillance of the electromagnetic spectrum, and ac- cess to user data. This last point, which alone merits its own study, is developed as a complement to the first two.
The book is divided as follows: The first chapter explains, from a technical point of view, the technologies that we use to communicate and that are used to monitor us. The second chapter explores the normative framework for communications surveillance. The third offers a compara- tive look at communications interception. Finally, the fourth chapter synthesizes the findings of the first three chapters in an effort to offer several conclusions.