In April 2021, Maricarmen Sequera Buzarquis, executive director of TEDIC, together with the organization, filed a criminal complaint against unidentified individuals for the crime of threat, following a series of posts on X (then Twitter) containing expressions inciting hatred and violence. The intimidation began after the launch of the “Cyborg Feminist” campaign, promoted by TEDIC. In response, anonymous accounts on the platform, such as @alesanz91, @TheEqualizerPy, @ANIBALCSPDS, and @BJY_96, shared the campaign’s content along with messages that, due to their tone and context, could be considered criminal threats1 under the Paraguayan Penal Code.
Despite having clear digital evidence, the complaint quickly encountered a judicial system that is not yet prepared to effectively respond to illicit acts committed in digital environments involving transnational actors. What could have set an important precedent became a long, costly and frustrating process. This experience highlights a structural problem shared by Paraguay and other countries in the region: access to justice for online crimes continues to face technical, regulatory and institutional barriers.
A legal path full of obstacles
As mentioned earlier, the crime of threat2 is defined in Article 122 of the Paraguayan Penal Code3. However, there is an important detail: according to the Code of Criminal Procedure (Article 17, subsection 4), this type of offense is not investigated ex officio, meaning the Public Prosecutor’s Office does not act automatically. It can only be pursued through an independent private prosecution (querella autónoma), which means the victim must take charge of the entire legal process themselves: hiring lawyers, collecting evidence and sustaining the case on their own.
Faced with this situation, Maricarmen Sequera and TEDIC decided to move forward with the complaint and requested a precautionary measure. What did they ask for? That the court issue a formal request (an international letter rogatory) to Twitter Inc. to identify who was behind the accounts that made the threats.
Once the case was initiated, the case file revealed several flaws in how the process was handled. Specifically, it became clear that the court4 was not entirely certain about the correct procedure for requesting data from a foreign company like Twitter, a key step in obtaining digital evidence in international investigations. What happened? After accepting the private prosecution, the court sent an official letter directly to Twitter Inc. requesting information about the reported accounts. That step, however, was a mistake. Twitter has no representation in Paraguay, and this type of request cannot be made directly. There is a formal international cooperation process for such cases, and it was not followed.
Since the official letter sent to Twitter could not be processed—a point the private prosecution had already raised—it became necessary to activate the international cooperation mechanism established by Law No. 2194/20035, as Twitter (now X) is based in the United States. The court then ordered the initiation of the letter rogatory process on July 2, 2021, and requested that the private prosecution submit translations of the documents to be sent. The issue was that the private prosecution was unaware it was responsible for this step, so the translations were only submitted almost four months later, on November 2 of that year.
However, nine months later—on August 9, 2022—the court again requested additional translations, this time of certified copies of the full case file (compulsas), effectively duplicating the requirements without clear justification. Faced with uncertainty over whether the Supreme Court of Justice could cover the cost of the translations, the judge first consulted the International Relations Office, which was unable to provide an answer. Only after contacting the General Secretariat was it confirmed that the Court was indeed authorized to assume those expenses. To proceed, the private prosecution had to submit a formal request; then, the judge had to appoint a certified public translator; that person would translate the documents; and finally, the judge would set the fees, each step causing further delays. Although Twitter was not a party to the case, the only way to obtain the data was through this formal letter rogatory. The procedure was only completed in December 2022, and nearly three years after the case began, there has still been no official response from the United States authorities.
When the letter rogatory was finally sent, there was another setback: due to an “error,” it was not submitted in time. By the time they attempted to reactivate the request, the aggressor accounts had already been deleted. This situation was confirmed by a notary specializing in digital evidence, hired by the private prosecution to document what had happened.
Although some technical leads had been obtained at the beginning of the process, the delay was such that the chances of receiving an effective response from the justice system were almost entirely diminished. Given this situation, it was decided not to pursue further legal actions: the accounts no longer existed, and it is very likely that the data linked to them is no longer available on the platform’s servers. In other words, identifying those responsible became practically impossible.
However, this setback cannot be seen as an isolated incident. It reflects a deeper problem: the Paraguayan judicial system lacks clear rules for handling this type of cases. There is no established definition of how long data should be preserved, which channels should be used when platforms are headquartered abroad, or how judicial requests should be structured to comply with the requirements of other jurisdictions. Although the Judiciary provides basic guidelines for processing international letters rogatory in criminal matters6, these focus mainly on extradition cases. Meanwhile, the instructions for non-criminal letters rogatory7—in civil and commercial matters, child and adolescent issues, labor, and administrative law—as well as the National work protocol for the processing of active and passive judicial letters rogatory8, are so general that they fail to adequately address complex situations like this one.
The available instructions address formal aspects such as identifying the requested court, translating documents officially when they are in a foreign language and sending the judicial request through the Directorate of International Judicial Cooperation and Assistance. However, they lack clear guidelines on the urgent preservation of data, interaction with technology platforms or procedural timeframes for effective processing. This situation highlights the need to strengthen technical and institutional capacities concerning electronic evidence and international legal cooperation.
Cross-border access to data in the context of criminal investigations is typically regulated by Mutual Legal Assistance Treaties (MLATs)9, which establish formal legal bases for cooperation between states10. These treaties define standardized procedures between designated authorities and include minimum guarantees related to privacy, due process and data sovereignty. Paraguay does not have an MLAT specifically signed with the United States11, the country where the company requested in this judicial case is domiciled. However, both countries have signed the Inter-American Convention on Mutual Assistance in Criminal Matters12, ratified by the aforementioned Law No. 2194/2003, which establishes a binding legal framework for cooperation between states in criminal investigations and proceedings, including private prosecution.
The procedure outlined in this legal provision is based on written requests channeled between designated Central Authorities—in Paraguay’s case, the Directorate of International Judicial Cooperation and Assistance of the Judiciary13—and covers actions such as obtaining evidence, notifications, transfer of detainees, taking testimony, inspections, seizures and delivery of documents. The regulation also requires that requests be substantiated, detailed, and translated into the language of the requested State, and it even contemplates grounds for denial, such as affecting sovereignty, public order, or the existence of discriminatory purposes. While this Convention provides guidance related to the formal structure required for the exchange of criminal information between State Parties, it does not specifically address access to data stored by technology platforms, which creates operational gaps in cross-border contexts of cybercrime or digital violence.
Certainly, the Judiciary does have a guiding form for procedures directed at judicial authorities in the United States14. However, this form is limited to outlining the basic information to be included in the request and the amount of the corresponding consular fee, without providing substantive or procedural guidelines for urgent cases that require the preservation or retrieval of digital evidence. In this regard, according to Twitter’s applicable privacy policy15, metadata was retained for a maximum of 18 months—a timeframe that required timely action to ensure access to this information. The delay in processing the letter rogatory, combined with the absence of effective mechanisms for preserving digital evidence, seriously compromised the evidentiary integrity of the case. This situation also constitutes a violation of the right to effective judicial protection16, by preventing a timely and adequate response from the justice system.
Judicial speed is crucial in cases like this, as the privacy policies of digital platforms—aligned with international data protection standards—set strict deadlines for retaining information relevant to investigations, such as IP addresses, posts or interaction logs. According to X’s current privacy policies17, retention periods vary depending on the type of data: some are kept while the account is active, while others—like activity or interaction logs—are stored for 90 days to 18 months. The company does have temporary preservation mechanisms at the request of competent authorities, allowing certain data to be preserved for up to 90 days while a court order is processed to extend retention18.
However, the availability of this information is not guaranteed unless action is taken with due diligence and within the established timeframes. In addition, technology platforms impose further requirements, such as submitting formal court orders, certified translations and strictly following internal protocols. These conditions not only complicate the process but also significantly increase litigation costs for the private prosecution.
Given this scenario, any delay in processing a letter rogatory seriously jeopardizes the possibility of accessing digital evidence essential to advancing the judicial process. This highlights the importance of judicial bodies having both specialized technical knowledge and the institutional capacity to act promptly and competently, in line with international legal cooperation standards. In the case at hand, the absence of clear protocols outlining the steps for submitting international requests to technology platforms, based on current regulations, resulted in procedural errors, avoidable delays, and financial burdens for the requesting party. An ineffective request was submitted, decisions regarding translation needs were improvised, and redundant requirements caused unnecessary setbacks.
Although Law No. 2194/2003 and the Judiciary’s guidelines establish a general framework for cooperation, ambiguity remains as to whether such requests should be processed through consular, judicial or mixed channels. This lack of operational clarity leaves considerable room for judicial discretion, undermines the effectiveness of criminal prosecution and highlights the urgent need for specific protocols to obtain digital evidence in cross-border contexts, where procedural certainty is essential to ensuring effective access to justice.
Towards a justice system fit for the digital age: reflections and challenges
This case prompts reflection on the adequacy of the legal framework for addressing crimes committed in digital environments. Offenses such as threats, originally conceived from an analog perspective, often fail to capture the collective, systematic and transnational nature of technology-facilitated violence19. The current classification of these crimes as private criminal actions exacerbates this gap, placing the procedural burden on victims and reinforcing a structural asymmetry with perpetrators who operate under the cover of digital anonymity.
It should be noted that these kinds of shortcomings transcend the merely procedural20. In contexts of digital violence, the lack of a timely response from the judicial system can constitute a form of revictimization. Even more so when the aggressions target women, LGBTIQ+ individuals, activists or historically marginalized communities, who already face additional obstacles in asserting their rights online21.
Furthermore, given the growing centrality of technology platforms in everyday life—and their role in the commission, facilitation and documentation of illicit conduct—it is essential that the Paraguayan judicial system develop clear, specific and operational guidelines for channeling international requests to these companies. With millions of users in the country interacting in digital environments22, the lack of adequate protocols for preserving and requesting electronic evidence—particularly in cases of digital violence—not only limits procedural effectiveness but also significantly undermines guarantees of access to justice and due process. The technical complexity of these proceedings requires that judges, prosecutors and legal professionals be equipped with normative and procedural tools aligned with international standards and the real dynamics of digital environments.
Lessons and recommendations:
The TEDIC case highlights the lack of a comprehensive institutional strategy to address the challenges posed by technology-facilitated violence in Paraguay, particularly against civil society organizations and human rights defenders. This gap becomes even more critical when such violence is channeled through digital means, where the judicial system’s lack of normative, procedural and operational capacity to respond adequately to these types of crimes can perpetuate procedural inequalities and impose unjustified costs on those seeking protection through the justice system.
Furthermore, the events in this case illustrate the lack of clear and up-to-date guidelines or protocols for handling evidence in digital contexts, as well as the urgent need to train judges and legal professionals in electronic evidence, cross-border cooperation and digital rights. This deficiency severely limits effective access to justice, fosters institutional revictimization and increases the risk of impunity for crimes committed in digital environments. Instead of ensuring effective responses, the system ultimately shifts the economic and procedural burden of a process that should have been swift and efficient onto the victims—in this case, a civil society organization.
Based on the analysis presented, and considering the gaps identified throughout the process, the following recommendations are proposed:
- Establish clear protocols within the framework of the Inter-American Convention on Mutual Assistance in Criminal Matters, approved and ratified by Paraguay, to ensure a timely response in cases involving foreign technology platforms and the need to preserve digital evidence. These guidelines should include specific technical criteria that limit judicial discretion and prevent improvisation in situations where the lifespan of digital evidence is crucial for the success of the investigation.
- Strengthen the technical capacities of the Judiciary and the Public Prosecutor’s Office in matters of digital evidence, international cooperation and the protection of digital rights. With a basic understanding of how transnational evidence-gathering mechanisms work, judicial bodies can better anticipate potential delays, properly assess arguments presented by the State, the defense or the private prosecution, and facilitate the evidentiary process.
- Review the private prosecution regime for certain crimes such as threats, taking into account their particular impact on victims of technology-facilitated violence and their collective dimension.
- Incorporate an intersectional perspective that takes into account the differentiated effects that technology-facilitated violence can have on vulnerable groups and communities.
Documenting this case is, therefore, an an act of remembrance, a defense of rights and a call for institutional transformation. Naming, classifying and exposing the various forms of technology-facilitated violence, identifying perpetrators and focusing efforts on the comprehensive protection of those affected is not merely a conceptual task: it is a political tool to demand protection and justice. In this sense, the question this case compels us to ask is: what kind of justice system do we need for rights to be upheld in the digital sphere as well?
When the judicial system fails to act swiftly or with the necessary technical capacity, the consequences are not merely procedural: they directly affect the life, security and freedom of those seeking to exercise their fundamental rights online. It is time for the courts to adapt to the challenges of a digital world, ensuring timely responses and preventing bureaucracy, costs or lack of institutional capacity from discouraging access to justice.
References:
1 X. (2025). Guidelines for law enforcement. https://help.x.com/en/rules-and-policies/x-law-enforcement-support#6.
2 Lara-Castro, P., Horta, D., Venturini, J., de Souza, M. R., Martins, P., & Ferrari, V. (2023). When protection becomes an excuse for criminalisation: Gender considerations on cybercrime frameworks. Association for Progressive Communications (APC) & Derechos Digitales. https://creativecommons.org/licenses/by/4.0/deed.es
3 Beyond its normative definition, TEDIC carried out sustained work in the classification and naming of the different forms of technology-facilitated violence (TFV). Based on the premise that what is not named does not exist, identifying and making these forms of violence visible is essential to understanding their impact, demanding accountability and promoting adequate responses.
In this context, “digital threats, which can manifest through messages, images or intimidating discourse, constitute a concrete form of violence that compromises online rights, and whose documentation is key to their prevention and sanction”. TEDIC. (2025). Types of digital gender-based violence. https://violenciadigital.tedic.org/en/b/guia/types-of-gender-digital-violence
4 According to the aforementioned legislation, the crime of threat is defined as the act of “threatening another with an offense against life, physical integrity, property of considerable value or through sexual coercion, in a manner capable of alarming, intimidating or limiting their freedom of self-determination”, being punishable with a prison sentence of up to one year or a fine.
5 Paraguayan Penal Code. (1997). Law No. 1160. Article 122.
6 National Congress. Law No. 2194/2003 approving the “Inter-American Convention on Mutual Assistance in Criminal Matters,” signed in Nassau, Commonwealth of The Bahamas, on May 23, 1992. Official Gazette of the Republic of Paraguay.
7 Judicial Branch of the Republic of Paraguay. (2025). Directorate of International Judicial Cooperation and Assistance. Processing of Criminal Rogatory Letters. https://www.pj.gov.py/descargas/ID3-211_gua_sobre_exhortos_penales_preguntas_frecuentes.pdf
8 Sentencing Court No. 21, Private Prosecution: Unidentified person re: threat, Criminal Case No. 1-1-3-1-2021-153 (2021).
9 Judicial Branch of the Republic of Paraguay. (2025). Directorate of International Judicial Cooperation and Assistance. Processing of Non-Criminal Letters Rogatory. https://www.pj.gov.py/descargas/ID4-198_guia_sobre_exhortos_no_penales_preguntas_frecuentes.pdf
10 Judicial Branch of the Republic of Paraguay. (2025). Directorate of International Judicial Cooperation and Assistance. Processing of Letters Rogatory. Protocol for the Processing of Letters Rogatory. https://www.pj.gov.py/descargas/ID1-452_protocolo_para_la_tramitacion_de_exhortos.pdf
11 European Commission. (2025). Mutual legal assistance and extradition. https://commission.europa.eu/law/cross-border-cases/judicial-cooperation/types-judicial-cooperation/mutual-legal-assistance-and-extradition_en?prefLang=es
12 Access Now. (2022). The need to fix the broken system for cross-border access to data. https://www.accessnow.org/profile/drew-mitnick/
13 U.S. Department of Justice. (2022). Mutual Legal Assistance Treaties (MLATs) of the United States. https://www.justice.gov/d9/pages/attachments/2022/05/04/mutual-legal-assistance-treaties-of-the-united-states.pdf
14 Organization of American States. (1992) Inter-american Convention on Mutual Assistance in Criminal Matters https://www.oas.org/juridico/english/sigs/a-55.html
15 Judicial Branch of the Republic of Paraguay. (2025). Directorate of International Judicial Cooperation and Assistance. https://www.pj.gov.py/contenido/131-direccion-de-cooperacion-y-asistencia-judicial-internacional/131
16 Judicial Branch of the Republic of Paraguay. (2025). Directorate of International Judicial Cooperation and Assistance. Processing of Letters Rogatory – U.S. Justice. https://www.pj.gov.py/contenido/131-direccion-de-cooperacion-y-asistencia-judicial-internacional/1608
17 Twitter. (2022). Privacy Policy. https://x.com/en/privacy/previous/version_17
18 Effective judicial protection is the right of every person to access justice to assert their rights before the courts, obtaining a legally grounded response within a reasonable timeframe. This principle is enshrined in Article 14.1 of the International Covenant on Civil and Political Rights, as well as in Articles 8.1 and 25 of the American Convention on Human Rights.
19 X. (2025). How long we keep information. https://x.com/en/privacy.
20 United Nations Human Rights Council. (2012). Resolution 20/8: The promotion, protection and enjoyment of human rights on the Internet. A/HRC/RES/20/8, 31st session, 5 July 2012. https://documents.un.org/doc/resolution/gen/g12/153/25/pdf/g1215325.pdf
21 According to data from the National Statistics Institute (INE), in 2022, 97.8% of the Paraguayan population aged 10 and over (approximately 4,556,000 people) used the internet for instant messaging services (such as WhatsApp or Line), 84.2% for social media (such as Facebook, Twitter or Instagram), and 82.6% for making telephone calls. These indicators demonstrate the degree of digital penetration in daily life and reinforce the need to adapt institutional responses to an environment increasingly mediated by information and communication technologies.
(See: National Institute of Statistics (INE). (2023). Information and Communication Technology: Permanent Household Survey 2015–2022. https://www.ine.gov.py/Publicaciones/Biblioteca/documento/226/Tecnolog%C3%ADa%20de%20la%20Informaci%C3%B3n%20y%20Comunicaci%C3%B3n%20EPH%202015_2022.pdf)
22 While there is no single, universally agreed-upon definition, especially concerning its gender dimension, this article adopts a broad understanding of Technology-Facilitated Violence and Abuse (TFV). This concept serves as an umbrella term that encompasses the use of technological tools to exert control, harassment, abuse or violence, primarily in interpersonal contexts. The choice of this definition responds to the objective of making visible the multiple manifestations of TFV and the challenges it poses for the effective guarantee of rights in digital environments.
Additional References:
Carrillo, E., Peralta, P., Sáenz, R., Moreno, C., Bogado, A., Adams, J., Mawutor, D., Camacho, K., Atanasio, A., & Aceng, S. (2024). From theory to practice: building and testing a framework for definitions of online gender-based violence and other terms. TEDIC, Sula Batsú, Fundación Karisma, Pen to Paper, MFWA, Hope for Mozambique, WOUGNET, & Web Foundation. https://www.tedic.org/wp-content/uploads/2024/07/Definiciones-Violencia-de-Genero-Online-1.pdf
United Nations. (1966). International Covenant on Civil and Political Rights. Adopted on December 16, 1966; entered into force on March 23, 1976. https://www.ohchr.org/en/instruments-mechanisms/instruments/international-covenant-civil-and-political-rights
Organization of American States. (1969). American Convention on Human Rights (Pact of San José, Costa Rica). Adopted on November 22, 1969; entered into force on July 18, 1978. https://www.oas.org/en/iachr/mandate/Basics/convention.asp
Sequera, M., & Cuevas, M. (2024). Technology-facilitated gender-based violence against women politicians. TEDIC. https://www.tedic.org/wp-content/uploads/2024/09/WEB.pdf
TEDIC. (2025). Types of gender violence facilitated by technology. https://violenciadigital.tedic.org/en/b/guia/types-of-gender-digital-violence
Not with my face: The Paraguayan State deploys facial recognition without transparency or oversight