Facebook Brasil VPN app data-collection probe now formal investigation
09 Apr 2019 12:00 am
The Facebook Brasil preliminary probe by federal prosecutors looking into allegations of improper collection of data in Brazil has been upgraded to a formal inquiry, according to documents seen by MLex.
The tech giant has been under investigation in the state of Bahia since August. Federal prosecutors are looking into the use of a virtual private network, or VPN, owned by Facebook subsidiary Onavo that sends communications from an app via smartphones. A VPN is a private or internal network that allows the creation of a special channel for users in different locations to have secure access to an intranet.
Under Brazil’s Internet law, providers of connection services can’t keep records of the use of Internet apps. Prosecutors say that because the VPN service offered by Facebook allows it to gather data, it could lead to privacy violations. However, during its regular activities as an app provider, Facebook is entitled to collect data with user consent.
The investigation could pave the way for a civil lawsuit against the company or lead to a deal with Facebook to settle the case — which seems to be the preferred route for now.
In a document signed April 5 confirming the upgrade of the probe, federal prosecutors also gave Facebook 30 days to explain whether it’s possible to remove its VPN app from the Brazilian market.
The stated* purpose of the inquiry is to “adopt initiatives with Facebook related to the VPN developed by its Israeli subsidiary Onavo, aimed at preserving the rights to privacy, to intimacy, to the confidentiality of communications, to consumers’ information and the free competition in the Brazilian society.”
The probe was initiated as the result of a complaint filed with prosecutors in April 2018 by attorney Thiago Oliveira Castro Vieira and Pedro Antônio Dourado de Rezende, a computer sciences professor at the University of Brasília.
*MLex translation of Portuguese documents.
03 Aug 2020 9:29 pm by Ana Paula CandilCompanies are pressuring Brazilian lawmakers to delay implementation of the nation's data-protection law from Aug. 16 until next May.
Biggest cyberattack ever caused $15 billion loss to customers of companies directly hit, though banks softened impact, study says31 Jul 2020 12:00 pm by Neil RolandThe most damaging cyberattack ever in 2017, caused a $15 billion loss to customers of companies directly hit, a federal study said.
International companies more prepared than local companies for Brazilian data protection law, Alves says30 Jul 2020 11:00 am by Ana Paula CandilInternational companies are much more prepared for Brazil's new data protection law than Brazilian firms because they already comply with similar legislation.