The truism that knowledge is power has perhaps never been more relevant than in our current age of ‘Big Data.’ This idea has clearly not escaped Jair Bolsonaro’s notice, as this week he signed a presidential decree to instigate the creation of a massive, single database to hold sensitive personal information on every one of the country’s 200 million citizens.
Initially, this database would hold more commonly captured information, such as names, date of birth, social security numbers and addresses. But in a second stage, more sensitive data would be added including fingerprints, facial scans, irises, voices and gait.
All this information stored in one place will undoubtedly draw the attention of hackers, as it’s a veritable gold-mine of personal data. To compound the problem of security, the database “will be shared as widely as possible” within governmental departments.
The arguments for such a database are simple to make: it’s simpler to access and maintain, it allows for greater consistency across government departments, and it will likely lead to fewer inaccuracies or less duplicated effort. But it’s the arguments against such a system which need to be posited, too.
One strong counter-argument comes from a very recent example. As reported by Forbes a week ago, another dataset of 92 million records, purportedly from an existing Brazilian government department, was auctioned on the dark web. This contained information such as name, gender, date of birth, taxpayer ID and mother’s name for almost half the country’s population.
Such treasure-troves of personal data create massive incentives for criminals, and time and again we see instances of data breaches -- in countries and institutions holding that information all across the globe -- which suggest that nefarious actors are outwitting company employees or governmental officials.
President Bolsonaro was elected on a ‘law-and-order’ platform, holding information on every citizen about how they walk, talk, or look could be a step too far.