Brazil’s biometrics-based federal services platform is a risk to rights, liberties: report

The merging of registers, including biometrics, to create a centralized database for authenticating users of Brazil’s government services platform was done without a data protection impact assessment despite the legal requirement, and poses risks to fundamental rights and civil liberties from the way the systems were created and by excluding individuals from accessing services, finds a report by Data PrivacyBR (Data Privacy Brasil Research Association).

Funded by the Open Society Foundations, the year-long project culminated in the 109-page policy paper: “Between visibility and exclusion: mapping the risks associated with the National Civil Identification system and the usage of its database by the gov.br platform.” The paper is now available in English via support from Privacy International.

Merged databases for ‘platformized’ government via biometric access

Brazil historically has a bumpy track record with implementing new ID schemes. In 2017, the government enacted a federal law to establish the National Civil Identification System (Identificação Civil Nacional, ICN).

This pooled together in a central database – the BDICN – made up of several other government databases, including the biometrics register of the electoral system. By June 2022, 130 million users were biometrically registered to vote, making 80 percent of all eligible voters (those aged 18 or over), or 60 percent of the overall population.

The target is to collect the biometrics of the entire electorate by 2026. The Electoral Court has been moving towards expanding the biometric database, such as by incorporating the National Civil Identification Action for Prisoners, according to the paper.

The government has created gov.br, a web platform for government services, akin to other platforms emerging elsewhere such as Britain’s gov.uk. User access is authenticated by ICN via user biometrics, making the platform the main use of ICN, states the paper.

The government aims to digitize all government services by the end of 2022. (A check of gov.br for this article finds the latest government figures of 4,825 services available, 87 percent of services digitized and 53 percent of user reviews being positive.)

To set up an account and access government services via gov.br, citizens need to already be included in a new database. To be included there, they need to already have an existing identity credential such as a birth certificate. Logging in requires entry of a user’s tax number and password, or via online banking or digital certificate.

McKinsey & Co.’s report on the impact of digital IDs on a selection of economies found that of the seven countries analyzed, Brazil could enjoy the biggest boost. If it implemented digital ID, it could add 13 percent to its GDP by 2030.

Two-fold risks and a missing impact assessment

The research found multiple risks to Brazilians’ fundamental rights and civil liberties. It considers them as two types: the “abusive processing of personal data due to the ICN’s information governance architecture” and the exclusion from services when an ICN-based authentication for gov.br access is required.

“In a Brazilian context marked by profound socioeconomic and regional inequalities, formulating public policies to universalize civil registration and broaden access to public services — in other words, ensuring that all citizens are visible to the State — is essential,” argue authors Bruno Bioni, Marina Garrote, Marina Meira and Nathan Paschoalini.

A centralized system, containing vast amounts of sensitive, personal data is seen as vulnerable to attack and the researchers are concerned with what authorities may do with the pooled data. The new BDICN database is providing data to be used in ways that the policies of the constituent databases did not cover.

Issues of exclusion include the 9 million voters who faced difficulty casting their ballots in 2018 due to biometrics issues, more than 12 percent of those voting. The Electoral Court said the figure “was equivalent to those of voters who had not used biometrics because the identification process could not be concluded, and voters who were only able to be biometrically identified after several failed attempts.” A small number face issues of duplication.

Those under 18 who have not yet undergone full biometric enrollment as voters also cannot go through full authentication for gov.br. Other groups facing exclusion are those without identification documents, such as those without birth certificates. Other include those with issues or errors with their credentials, including trans people and those with disabilities.

“Despite a lack of specification in the local General Data Protection Law (LGPD) of what poses high risks to data subjects’ fundamental rights and civil liberties, the National Data Protection Authority (ANPD) has been issuing some guidelines in that sense,” find the researchers.

“More specifically, CD/ANPD Resolution No. 2 of January 2022, states that large-scale data processing and the use of sensitive personal data (such as biometrics) — both of which characterize the ICN and the gov.br data uses — are triggers for high-risk findings. Moreover, the Brazilian DPA [Data Protection Authority] has a guideline that argues that producing a DPIA would be highly recommended in scenarios in which sensitive data were being processed on a large scale.”

The policy paper was a follow up to the first phase of Data PrivacyBR’s project, the publishing of an investigation into the implementation of Brazil’s digital identity system.

Article Topics

ANPD  |  biometric authentication  |  biometric enrollment  |  biometrics  |  Brazil  |  civil registration  |  data protection  |  digital ID  |  digital identity  |  government services