[Home] [Databases] [WorldLII] [Search] [Feedback] EPIC --- Privacy and Human Rights Report

EPIC --- Privacy and Human Rights Report 2006

Republic of Peru

Constitutional Privacy Framework

Different articles of the 1993 Constitution protect the privacy and secrecy of communications and private documents, the inviolability of the home, the freedom of the press, freedom of expression, and access to public information. Article 2 states, "Every person has the right:

To be assured that information services, whether or not they are computerized, public or private, will not release information affecting one's personal and family intimacy.

To his honor and good reputation, personal and family intimacy, and his own voice and image. Every person affected by inaccurate or injurious statements contained in any medium of social communication has the right to free, immediate and proportional[4005] rectification, notwithstanding other legal responsibilities.

To the inviolability and secrecy of private documents and communications. Communications, telecommunications, or documents stemming therefrom, may only be opened, seized, intercepted, or tapped with a bench warrant and pursuant to all the guarantees provided by law. Confidentiality must be maintained regarding all matters not related to the reason of the search. Private documents obtained in violation of this principle are not admissible before a court. Books, receipts, as well as accounting and administrative documents are subject to inspection or auditing by the proper authorities, in accordance with the law. They may not be removed or seized without a court order.

To the inviolability of his home. No one may enter the home or conduct any investigation or search without authorization from the inhabitant or a court warrant, except in the case of flagrante delicto or of a very serious danger. Exceptions for reasons of health or serious risk are governed by law.

To freedom of conscience and religion, individually or as a member of a group. No one may be persecuted for his ideas or beliefs. There is no such thing as a crime of opinion. . . .

To freedom of information, opinion, expression, and the dissemination of thoughts through the spoken or written word or in images, by any means of social communication, and without previous authorization, censorship, or impediment whatsoever, and in accordance with the law. Crimes committed by means of books, the press, or other media of social communication are outlined in the Penal Code and will be tried in a court of law. Any action that suspends or closes any organ of expression or prevents its free circulation also constitutes a crime. The right to inform and express opinions includes the right to find means of communication.

To request information that one needs without disclosing the reason, and to receive that information from any public entity, within the period specified by law, at a reasonable cost. Information that affects personal intimacy and that is expressly excluded by law or for reasons of national security is not subject to disclosure. Banking secrecy and confidentiality concerning taxes may only be lifted at the request of a judge, the National Prosecutor, or a congressional investigative commission in accordance with the law and provided that such information relates to the case."[4006]

All these constitutional rights are included, in one way or another, in Article 1, which provides that "the protection of the person and the respect for his dignity are the supreme goal of society and the State."

The right of informational self-determination is partially protected by the action of habeas data. In Peru, habeas data is used to refer to the constitutional procedure which protects not only the right of a person to access information about himself (right to informational self-determination (Constitution, Article 2.6), but also the right to access whatever information an individual may require from any public body (freedom of information and access to government records (Constitution, Article 2.5).[4007] However, habeas data is a redress mechanism used only after the damage has been done.[4008] In several sentences, the Constitutional Tribunal has mentioned the right of informational self-determination, which is not specifically mentioned in the Peruvian Constitution, as "one that gives an individual the ability to request the rectification of inexact information about himself, contained in databases or registries."[4009]

On May 28, 2004, the Code of Constitutional Procedures was enacted. It regulates the procedures of habeas corpus, amparo, and habeas data, established by Articles 200 and 202.3 of the Constitution.

Data Protection Rules

Peru does not have comprehensive data protection legislation. However, numerous specific legal regulations protect privacy, and the Ombudsman, in some cases, does the work of a data protection agency.[4010] In August 2004, the Ministry of Justice published a report about a bill on data protection. It contains provisions related to general data protection principles pursuant to the Peruvian Constitution, and is based on the European Union Data Protection Directive and the Spanish Data Protection Acts of 1992 and 1999. It contains provisions on data subjects' rights, data controllers' obligations, the supervisory authority as well as sanctions. If the bill is passed, existing data protection regulations (including bank, disabilities and credit card regulations) would have to be adapted to it.[4011]

In August 2004, the Ministry of Justice published a report about a bill on data protection. The bill contains provisions related to general data protection principles pursuant to the Peruvian Constitution, and is based on the European Union Data Protection Directive 95/46/EC.[4012] It contains provisions on data subjects' rights, data controllers' obligations, and sanctions, among others. If the bill were passed, the current data protection regulations (including bank, disabilities and credit card regulations) would have to be adapted to it.[4013] The bill creates a Data Protection Authority that would be assumed by the Ministry of Justice.[4014] At the end of the presidential period 2001-2006 in July 2006, the data protection bill was approved as an Executive Branch’s legislative initiative but it was not delivered to the Congress. In May 2007, the new Government began evaluating the bill in order to decide whether it will be delivered to the Congress as an Executive Branch initiative.[4015]

In August 2001, Peru enacted a data protection law covering private credit reporting agencies called Centrales Privadas de Información de Riesgos (CEPIRS).[4016] These private companies are in charge of collecting and processing the credit risk information of individuals and companies whose information is recorded in databases. The law regulates the incorporation of credit bureaus, qualifications for shareholders, and the sources of information they can use. Similar to Article 12 of the EU Data Protection Directive, it sets out the information that must be provided to the data subject when the data has not been obtained from him or her. In addition, the law prohibits credit bureaus from collecting sensitive information, data violating the confidentiality of bank or tax records, inaccurate or outdated information, bankruptcy records older than five years, and other debtors' records five years after the debt has been paid. It provides that credit agencies must adopt security measures, and that individuals have the following rights: 1) the right to access their personal data; 2) the right to modify or delete their personal data; 3) the right to rectify personal data that is illegal, inexact, erroneous or expired; and 4) jurisdictional trusteeship or jurisdictional protection (tutela jurisdiccional). The CEPIRS has an obligation to adopt the appropriate technical and administrative measures aimed to ensure the security of the personal data they manage, in order to prevent alteration, loss and unauthorized processing or access. The law also creates a strict liability regime. The Agency for Consumer Protection of the National Institute for the Defense of Competition and the Protection of Intellectual Property (INDECOPI)[4017] is in charge of applying fines for violation of the law, and issuing injunctions to correct errors.

Statutory Rules Related to Privacy

The Civil Code of 1984 considers the intimacy of private life, in all its aspects, as worthy of legal protection, subject only to limitations where there is consent by the person concerned, a social interest, or a reason of public order. Article 14 of the Civil Code states that "personal and family intimacy may not be made public without the consent of the person." This article aims at regulating snooping, and other behavior that interferes with someone's private life, or that constitutes an illegal search of a person's goods or properties.[4018]

Article 69 of the Penal Code[4019] establishes that "anyone who has completed a penalty or security measure[4020] imposed on them by the court must be rehabilitated in society without further proceedings. The rehabilitation produces the following effects: . . . 2. The cancellation of their criminal, judicial and police official records. These certificates do not have to express the penalty nor the rehabilitation." In crimes against the individual’s honor (insult, calumny, defamation), Article 135 states that "the evidence is never admitted by the court in any case if: . . . 2. [t]he imputation pertains to personal and family intimacy, or a crime against sexual freedom."

Article 154 of the Penal Code states that "a person who violates personal or family privacy, whether by watching, listening to, or recording an act, a word, a piece of writing or an image, using technical instruments or processes and other means, shall be punished with imprisonment for no longer than two years." Article 157 criminalizes the disclosure of sensitive data including "political and religious convictions" and other aspects of private life.

Article 161 of the Penal Code establishes "that a person who unlawfully opens a letter, document, telegram, radio telegram, telephone message, or other document of a similar nature that is not addressed to him, or unlawfully takes possession of any such document even if it is open, shall be liable to imprisonment of not more than two years and to a fine of between 60 and 90 days." [4021] A sentence of not less than one year, and not more than three years, is to be given to any "person who unlawfully interferes with, or listens to, a telephone or similar conversation." Public servants guilty of the same crime must serve not less than three and not more than five years, and must be dismissed from their post. A person who unlawfully tampers with, deletes, or misdirects, "the address on a letter or telegram," but does not open it, "is liable to 20 to 52 days of community service."[4022]

In the General Health Law, Article 15 established that anyone that uses health services has the right of dignity, privacy and to demand the secretiveness of the medical information and his clinical history with the exceptions provided by Law.[4023]

The Organic Law of the National Identification and Civil Status Registry (1995) created an autonomous agency which may "collaborate with the exercise of the functions of pertinent political and judicial authorities in order to identify persons" but is "vigilant regarding restrictions with respect to the privacy and identity of the person" and "guarantees the privacy of its registered individuals' personal data." The Law also requires all persons to carry a national identity document featuring a corresponding number, photograph, and fingerprint.[4024]

Any person has the right to request, for a fee and without having to disclose the reason for doing so, copy of the documentation that exists in the Public Registries. However, Article 128 of the General Regulation of Public Registries, relating to the publicity of the registries, provides: "[w]hen the information requested affects the right to privacy (intimidad), this information can only be granted to those who demonstrate legitimate interest, according to the regulations established by the National Superintendent of the Public Registries (Superintendencia Nacional de los Registros Públicos)".

Public Registries handle information that may be sensitive. This might include, for example, information from the Personal Registry such as judicial rulings regarding someone's mental status, separation agreements between spouses, or child custody rulings. The office of Lima (and several of the main registry offices in Peru) has an online service for subscribers. Soon, the interconnection between all offices of Public Registries in Peru will be completed, making it possible to access them from any computer connected to the Internet.

In January 2002, a law creating a National Registry of Persons with Disabilities was adopted.[4025] The registry is administered by the National Council of Integration of Persons with Disabilities (CONADIS). The personal data included in the registry is confidential. It can only be used for scientific and technical statistical objectives.

The General Financial and Insurance System and the Organic Banking and Insurance Superintendence Law (Ley General del Sistema Financiero y del Sistema de Seguros y Orgánica de la Superintendencia de Banca y Seguros) prohibits financial institutions, as well as their directors and workers, from providing any information regarding their clients' transactions, except upon written authorization from the clients, or unless the transactions fall within one of the banking secrecy provisions. Infringement of this prohibition is punishable as serious labor misconduct or it may be punishable with a fine.[4026]

On April 12, 2005, a new law (Law No. 28493)[4027] was enacted to regulate the use of unsolicited commercial e-mails ("spam"). The law does not determine whether the user has to grant his express authorization to receive spam (opt-in), or reject it once he has received it (opt-out). It indicates that all spam that originates from Peru must contain specific items of information such as the word "publicity" in the subject of the message, the name of the natural or legal person who sent the spam, and a valid and active e-mail address that can be used to opt-out. Spam is considered illegal when it does not fulfill Article 5, when the e-mail contains false or misleading information, or when the sender of spam does not comply with opt-out requests. The law also provides damages for individuals being spammed.[4028]

Article 4 of the Law of Telecommunications[4029 ]states that "all persons have the right to the inviolability and secrecy of their telecommunications. The Ministry of Transports, Communications, Housing and Construction is in charge of protecting this right." Every concession contract of public services of telecommunications has to indicate the guarantees that service providers must offer to ensure the secrecy of communications. What constitute very serious infractions to the concession contract are: "the interception or unauthorized interference of services of telecommunications that are not available for free use by the general public" and the "spreading of the existence or content, or the publication, or any other use, of all type of data obtained by means of the interception or interference of the services of telecommunications not meant for general public use."[4030]

The General Regulation of the Law of Telecommunications provides that "it is a violation of the secrecy of telecommunications for a person, who is not the one who originates nor is the addressee of a communication, to deliberately remove, intercept, interfere, change or alter its text, turn aside the course, publish, disclose, use, try to know; or facilitate for another person to know about the existence or content of any communication. . . . The concessionaires of public services of telecommunications are forced to safeguard the secrecy of telecommunications and protect personal data. They also have to adopt the reasonable measures and procedures to guarantee the inviolability and secrecy of the communications; as well as to maintain the confidentiality of their users' personal information obtained in the course of business, except if users have provided their prior, written and express consent, or if there is a judicial warrant. The holders of private services of telecommunications will have to adopt their own security measures to provide for the inviolability and secrecy of telecommunications."[4031]

Wiretapping and Other Government Surveillance

According to Article 16 of the Civil Code, "the mail, communications of any sort or voice recordings, when they are confidential or refer to personal and family private life, cannot be wiretapped or disclosed without their author and addressee's assent. The publication of the personal or family memories requires in any case the author's authorization. When the author or recipient has died . . . his heirs get the right to consent for him. If there is no agreement between heirs, the judge decides. The prohibition of the posthumous publication made by the author or the recipient cannot extend beyond 50 years from his death."

In April 2002, Peru passed a new law to govern the interception of communications and private documents.[4032] Under this law, a judicial warrant is needed to seize documents or intercept communications. The law requires telecommunications operators to provide all necessary technical assistance and facilities to carry out interceptions. The powers may be used in the investigation of crimes, including kidnapping, child traffic, drug traffic, customs violations, terrorism, crimes against humanity, and treason.

There have been numerous reports of abuse of surveillance of the National Intelligence Service (Servicio de Inteligencia Nacional, or SIN). The SIN conducted widespread surveillance and illegal phone tapping of government ministers and judges assigned to constitutional cases, beginning in the early 90s. Army agents used sophisticated Israeli phone-tapping equipment to monitor telephone conversations, and copies of the conversations were delivered to Vladimiro Montesinos, the former head of Peru's intelligence service.[4033] The SIN maintained close ties with the U.S. Central Intelligence Agency, including a covert assistance program to combat drug trafficking.[4034] The SIN has allegedly conducted a nationwide surveillance campaign with the sole purpose of intimidating political opposition figures, including the former UN General Secretary Javier Pérez de Cuéllar while he ran for President against Alberto Fujimori.[4035] In 2003, a parliamentary commission investigated the telephone wiretapping carried out during the government of Alberto Fujimori. It discovered that Vladimiro Montesinos had used the Office of Electronic Information (DIE) of the SIN to carry out telephone monitoring. For that purpose, the DIE activated 29 interception points in Lima and Callao, of which only 20 have been deactivated.[4036]

According to the parliamentary commission, some of this surveillance equipment is still in operation. This presumption is based upon reports of telephone wiretapping made after the deactivation of the SIN operation. In September 2003, journalists denounced the pursuit of this operation by the current intelligence service agency. The head of intelligence was dismissed after he admitted spying on journalists. He alleged that the investigation only studied how "confidential information"[4037] (información reservada) was filtered from the government to the press.

On July 29, 2004, the new Code of Criminal Procedures, Legislative Decree 957, was published in the Official Gazette. The controversial Article 205 allows police, without an order from the prosecutor's office or a judge, to require identification and investigate the identity of any person, where considered necessary to prevent a crime, or to obtain useful information relating to a punishable offense. Under Article 206, for felony offenses, when it is necessary to discover and locate the participants to a socially disturbing crime and safeguard evidence of such a crime, the police, by notifying the prosecutor, may place guards on public thoroughfares, places, and establishments. These guards may identify the persons who are traveling to, or are present in, those places, search vehicles, and stop and search individuals' personal effects, in order to check whether these persons are carrying illegal or dangerous substances or instruments. In this case, the police will establish a Register of Public Police Checks.[4038]

On February 12, 2003, President Alejandro Toledo promulgated Legislative Decree 922. Article 12 of the Decree states that "oral hearings for the crime of terrorism will be public. The public and media outlets will have access to the courtroom. However, the use of video cameras, tape recorders, cameras and similar technology is prohibited."[4039]

Video surveillance is regulated in Article 207. It gives the prosecutor's office the authority to photograph, do detective work, and/or use special technical measures to observe the residence of a suspect at the prosecutor's or police's request in the case of investigations for serious or violent crimes, or for involvement in criminal organizations.[4040] In the Miraflores district of Lima, 25 video surveillance cameras have been installed in the main streets and parks. The cameras have visualization fields of 360 degrees, massive zooming power, and are connected to two surveillance control rooms, including the National Police emergencies station.[4041]

In July 2000, a Computer Crimes Law was adopted and codified in Article 207(A)(B)(C) of the Penal Code.[4042] The Law prohibits unlawful access, use, interference, or damage to a system, database, or network of computers. Sanctions include up to five years' imprisonment.

In November 2003, the Parliament passed a law that compels administrators of Internet cafés to install a browsing filter or mechanism that makes it impossible to display pornographic content.[4043] In addition, local authorities of several districts of Lima passed similar regulations that also include penalties such as fines and the permanent closure of the business.

NGOs´Advocacy Work

CPSR-Perú and Privaterra organized trainings in privacy and secure communications for human rights and journalism NGOs in Peru and Colombia.[4044] In October 2005, CPSR-Perú, Grupo de Estudios en Internet, Comercio Electrónico, Telecomunicaciones e Informática de la Facultad de Derecho de la Universidad de los Andes (GECTI) and the Electronic Privacy Information Center jointly organized the symposium “The Public Voice: Privacy and Data Protection in Ibero-America: Analysis and Perspectives” where civil society representatives, academic experts and governmental authorities analyzed and debated current public policy issues and recent developments in privacy in Ibero-America.[4045]

In November 2006, the Privacy and Freedom of Information Project (Proyecto Monitor de Privacidad y Acceso a la Informácion en LAC) lead by UNESCO and Alfa-Redi organized the Conference Workshop on Privacy and Freeedom of Information in Latin America (Foro-Taller de Privacidad y Acceso a la Informacion en LAC).[4046]

Open Government

A Law of Transparency and Access to Public Information was adopted in August 2002 and amended in January 2003.[4047 ]Under the law, every person has the right to request information, without having to explain why, in any form from any government body or private entity that offers public services or executes administrative functions. Documentation funded by the public budget is considered public information. Public bodies must respond within seven working days. There are three exceptions: for national security information, the disclosure of which would cause a threat to the territorial integrity and/or survival of the democratic systems and intelligence or counterintelligence activities; reserved information about crimes and external relations; and confidential information relating to pre-decisional advice, commercial secrets, ongoing investigations, and personal privacy. Information relating to human rights violations and the Geneva Convention of 1949 cannot be classified. The courts, Congress, the General Comtroller, and the Ombudsman can in some cases obtain exempted information. Once administrative procedures are completed and access to documents is rejected, the requestor can claim access to courts under Law 27584[4048] or under Law 26301 for the constitutional habeas data.[4049] In practice, habeas data is faster and more effective.

The law also requires government departments to create Web sites and publish data on their organization, activities, regulations, budget, salaries, costs of acquisition of goods and services, and official activities of high-ranking officials. Detailed data on public finances has to be published every four months on the Ministry of Economy and Finance's website.[4050] The Constitutional Tribunal has clearly set down that the right of access to public information imposes upon public administration entities the duty to inform, and ruled that the information that is provided must not be false, incomplete, fragmentary, or confusing.[4051]

International Obligations

Peru is a signatory of the 1948 Universal Declaration of Human Rights, the 1966 International Covenant on Civil and Political Rights, and the American Convention on Human Rights. The American Convention provides that every person has "the right to have his honor respected and his dignity recognized." Additionally, "no one may be the object of arbitrary or abusive interference with his private life, his family, his home, or his correspondence, or of unlawful attacks on his honor or reputation. And everyone has the right to the protection of the law against such interference or attacks."

Peru accepted the jurisdiction of the Inter-American Court of Human Rights on January 21, 1981. It withdrew from the jurisdiction of that court in July 1999, but returned on January 12, 2001. According to Article 205 of the Constitution, "after exhausting internal remedies, those who consider themselves denied the rights recognized in the Constitution may resort to international tribunals or organs constituted by treaty or agreement to which Peru is a party."

[4005] Proportionate to the degree of fault.

[4006] Constitución del Peru [Const.], articles 2.6, 2.7, 2.10, 2.9, 2.3, 2.4, and 2.5, available at <http://www2.congreso.gob.pe/sicr/RelatAgenda/constitucion.nsf/constitucion> (in Spanish).

[4007] Const. Perú, article 200, subsection 3. Habeas data provision is a constitutional guarantee that protects against any act or omission by whatever authority, whether a state employee or a private person, that would reduce or jeopardize the rights of the individual as contained in Article 2, Subsections 5-6 of the Peruvian Constitution.

[4008] Tribunal Constitucional [TC], April 2, 1998, “Tavara v. Carrascal”, Habeas Data, Proceeding 0666-96-HD/TC, <http://www.tc.gob.pe/jurisprudencia/1998/0666-1996-HD.html>.
[4009] Tribunal Constitucional <http://www.tc.gob.pe/jurisprudencia/2003/0700-2003-HC Resolucion.html>.

[4010] Constitution of Peru, Article 162: "It is the duty of the Ombudsman to defend constitutional rights and fundamental personal rights and those of the community; and to supervise the fulfillment of the duties of state administration and public services to the citizenry. . . . He has the right to initiate law proposals, and may propose measures to facilitate the fulfillment of the functions of the office."
[4011] Bill on data protection, available at <http://www.minjus.gob.pe/minjus/PROYECTODELEY.PDF>.

[4012] Directive 1995/46/EC of the European Parliament and of the Council, October 24, 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, OJ L 281/31, available at <http://europa.eu.int/spain/novedades/documentos/31995L46.htm> (in Spanish).
[4013] Bill on data protection, available at <http://www.minjus.gob.pe/minjus/PROYECTODELEY.PDF>.
[4014] Id. article 34.
[4015] Letter from María Lourdes Zamudio, ex-Directora Nacional de Asuntos Jurídicos del Ministerio de Justicia to Katitza Rodríguez Pereda, International Policy Fellow EPIC, (May 2007) (on file with EPIC).

[4016] Ley que regula las Centrales Privadas de Información de Riesgos y de Protección al Titular de la Información, Law 27489, <http://www.leyes.congreso.gob.pe/Imagenes/Leyes/27489.pdf> (in Spanish).
[4017] Comisión de Protección al Consumidor del Instituto Nacional de Defensa de la Competencia y de la Protección de la Propiedad Intelectual.

[4018] See Carlos Fernández Sessarego, Derecho de las Personas, 59 (Studium 1987).

[4019] Código Penal [Penal Code], available at <http://www.leyes.congreso.gob.pe/CodigoP.htm> (in Spanish).
[4020] Id. Security measures are those that aim at preventing a dangerous person from committing new crimes. Examples of such security measures provided for in the Peruvian Penal Code are internment and ambulatory treatment.

[4021] Id. at article 161.
[4022] Id. at article 163.

[4023] Ley General de Salud, Law 26842, July 20, 1997, available at <http://www.congreso.gob.pe/ntley/Imagenes/Leyes/26842.pdf> (in Spanish).

[4024] Ley Orgánica del Registro Nacional de Identificación y Estado Civil, Law 26497, July 11, 1995, available at <http://www.leyes.congreso.gob.pe/Imagenes/Leyes/26497.pdf> (in Spanish).

[4025] Ley General de la Persona con Discapacidad, Law 27050, available at <http://www.leyes.congreso.gob.pe/Imagenes/Leyes/27050.pdf> (in Spanish).

[4026] Ley del Sistema Financiero (incluye Microfinanzas) y de Seguros, Law 26702, articles 140, 141, 142, 143, available at <http://www.sbs.gob.pe/PortalSBS/images/ico_acrobat.gif> (Updated to January 2007) (in Spanish).

[4027] Ley que regula el Uso del Correo Electrónico Comercial No Solicitado (SPAM), April 12, 2005, available at <http://www.cpsr-peru.org/spam/anti-spam/> (in Spanish).
[4028] Juan Carlos Lujan, "En julio quedará reglamentada ley contra el 'spam mail' en el Perú," available at <http://www.elcomercioperu.com.pe/EdicionImpresa/Html/2005-05-13/impVidayFuturo0305641.html>; see generally León, Leysser L. Spamming y Responsabilidad Civil, Compensación Pecuniaria y Protección Resarcitoria Ordinaria en el Régimen Jurídico del Correo Electrónico Comercial No Solicitado [Spamming and Civil Liability: Pecuniary and Resarcitory Compensation in the Judiciary Norms for Unsolicited Commercial Electronic Mail], No. 50, Themis – Revista de Derecho, 2005, at 295-311, available at <http://www.jus.unitn.it/cardozo/Review/2005/Leon1.pdf> (in Spanish).

[4029 ]Texto Único Ordenado de la Ley de Telecomunicaciones, D.S. 013-93-TCC, <http://www.mtc.gob.pe/portal/comunicacion/control/normaslegales/basicadetelecomuni/TUO_Ley_de_Telecomunicaciones.pdf> (in Spanish).
[4030] Id.at Article 52-f, Article 87, numerals 4 and 5.

[4031] Texto Único Ordenado del Reglamento General de la Ley de Telecomunicaciones, D.S. 027-2004-MTC, published on July 15, 2004, Article 13, <http://www.mtc.gob.pe/portal/comunicacion/concesion/interna/tuoregley.pdf> (in Spanish).

[4032] Ley que otorga Facultad al Fiscal para la Intervención y Control de Comunicaciones y Documentos Privados en caso Excepcional, Law 27697, April 12, 2002, available at <http://www.leyes.congreso.gob.pe/Imagenes/Leyes/27697.pdf> (in Spanish).

[4033] Former Agent Accuses Peru Spy Chief, Associated Press, March 17, 1998. See also <http://en.wikipedia.org/wiki/Vladimiro_Montesinos>.
[4034] 1998 Human Rights Watch Report, available at <http://www.hrw.org/hrw/worldreport/Americas.htm>.
[4035] Former UN Chief Charges Peru Tapped His Phone, Reuters, August 4, 1997.
[4036] The equipment used by the DIE for the interception of fixed and cellular telephones was manufactured in Israel, Germany, and the United States. More than 100 units were involved. In downtown Lima, six interception points were implemented where practically all public, private, newspaper and even ecclesiastical, organizations, were controlled. Diario El Comercio, Lima.

[4037] Information that is exempt under the freedom of information law.

[4038] Código Procesal Penal, Legislative Decree 957, Articles 205-206, July 29, 2004, <http://www.cpsr-peru.org/bdatos/peru/privacidad/cpp/> (in Spanish).

[4039] See IFEX, Gobierno aprobó decreto legislativo que limita cobertura de prensa, [Government approves legislative decree limiting press coverage], February 25, 2003, <http://www.ifex.org/es/content/view/full/33608/>.

[4040] Id. at article 207 Código Procesal Penal, <http://www.cpsr-peru.org/bdatos/peru/privacidad/videovigilancia/> (in Spanish).
[4041] Miraflores Boletín Informativo, Year 2, July 2004, at 5.

[4042] Ley que incorpora los Delitos Informáticos al Código Penal, Law 27309, July 17, 2000, incorporating Article 207 A, B and C of the Penal Code, <http://www.congreso.gob.pe/ntley/Imagenes/Leyes/27309.pdf> (in Spanish).

[4043] Ley que Prohíbe el Acceso de Menores de Edad a Páginas Web de Contenido Pornográfico, Law 28119, <http://cpsr-peru.org/bdatos/peru/filtros/121503--18-48-ley28119.pdf> (in Spanish).

[4044] CPSR-Perú <http://www.cpsr-peru.org>, Privaterra <http://www.privaterra.org>.
[4045] Symposium, Privacidad y Protección de Datos en Iberoamérica captó interés en Colombia, (October 20-21, 2005), <http://peru.cpsr.org/privacidad/noticias/eventocolombia> (papers available). See also, Symposium, Privacidad y Protección de Datos Personales en Iberoamérica: Análisis y Perspectivas, (October 2005), available at <http://www.thepublicvoice.org/events/bogota05/espanol.html>.

[4046] Conference, Foro-Taller de Privacidad y Acceso a la Informacion en LAC, (November 11-12, 2006), <http://www.alfa-redi.org/conferencias.shtml> (papers available).

[4047 ]Ley de Transparencia y Acceso a la Información Pública, Law 27806, modified by Law 27927, both consolidated in a unified text approved by Supreme Decree 043-2003-PCM, <http://www.cpsr-peru.org/bdatos/peru/derechos/> (in Spanish).
[4048] Ley que regula el Proceso Contencioso Administrativo, Law 27584, December 7, 2001 <http://www.tc.gob.pe/legconperu/leyorganicatc.html>.
[4049] Ley referida a la aplicación de la acción Constitucional de Habeas Data, Law 26301, May 2, 1994, available at <http://www.tc.gob.pe/legconperu/leyhd.html> (in Spanish).

[4050] Campaign for this law was led by the Consejo de la Prensa Peruana (The Peruvian Press Council is a NGO of media owners that works on freedom of press and freedom of information) and other organizations such as the Instituto Prensa y Sociedad (the Press and Society Institute is a NGO of national and Latin American journalists, affiliated with Reporters Without Borders and the International Freedom of Expression Exchange (IFEX) of Canada that protects freedom of the press and freedom of information and fights against corruption). The amendment to the law incorporated a revised exemption for national security that was negotiated by the Peruvian Press Council and the armed forces. See <http://www.freedominfo.org/news/peru1/>. The law also included almost all of the proposals concerning national security restrictions that the Peruvian Press Council and the Ombudsman had put forward. See <http://www.freemedia.at/wpfr/Americas/peru.htm>.
[4051] Tribunal Constitucional del Perú [TC], January 29, 2003, “Rodríguez v. Sexta Sala Civil Corte Superior de Justicia”, Habeas Data, Proceeding 1797-2002-HD/TC, <http://www.tc.gob.pe/jurisprudencia/2003/01797-2002-HD.html>.