Our May to July Journey: National Advocacy 2025

TEDIC
Blog

At TEDIC, we believe that defending human rights in digital environments requires sustained, coordinated work that is deeply rooted in community engagement. That’s why, from May to July 2025, we strengthened our presence in institutional, technical, and civil society spaces, with concrete proposals aimed at building public policies that meet people’s needs.

This quarter was marked by crucial debates around the use of technology, the management of personal data, and the limits of state surveillance.

Protection of Women and the Defense of Institutional Integrity

On May 22, we took part in the public hearing on the bill to create the “Ministry of the Family,” which would eliminate the Ministries of Women, Children and Adolescents, and the Youth Secretariat. The hearing was convened by the Senate’s Equity and Gender Committee.

Together with other civil society organizations, representatives from the affected ministries, activists, women’s rights advocates, and survivors of femicide, we expressed our deep concern over the potential elimination of these institutions and the rollback of rights that this could represent.

Specifically, as an organization focused on digital rights, we are especially concerned about technology-facilitated gender-based violence—a growing phenomenon that is an extension of the structural violence that affects women. To prevent and address this kind of violence, it is essential to maintain specialized ministries and targeted approaches.

During the hearing, we submitted our statement to the Committee, since we were not able to deliver it live due to time constraints. We categorically reject any attempt to undermine institutions. Merging institutions does not guarantee rights—on the contrary, it dilutes them. Rights are not merged; they are guaranteed.

Personal Data and the Path Toward Comprehensive Legislation

This quarter, as part of the Personal Data Coalition—formed by TEDIC, APADIT, PUENTE, and the Internet Society Paraguay Chapter—we intensified efforts to pass the Personal Data Protection Law in Paraguay.

At the end of May, after four years in Congress, the bill was finally approved by the Chamber of Deputies, both in general and article by article. This marked a significant step in the legislative process. While the original version promoted by the Coalition included 85 articles and a more comprehensive approach, the approved version has 60 articles, reflecting various negotiations and technical adjustments.

Currently, the bill is under review in the Senate. On July 4, 2025, TEDIC actively participated in a public hearing organized by the Senate’s Committee on Science, Technology, Innovation, and the Future as part of the bill’s analysis.

At that hearing, we raised several concerns about the current version of the bill. We believe that personal data processing should not be treated merely as a technical or administrative issue, as it is closely tied to democracy, accountability, access to justice, freedom of expression, and social equity.

Following the hearing, the Coalition submitted a legal opinion with technical arguments and recommendations to strengthen the law. Some of our key concerns included: overly broad and unconstitutional exclusions from the law’s scope; the absence of a data retention principle; and the lack of proactive accountability mechanisms.

This legal opinion was submitted to various Senate committees—including Science and Technology, Human Rights, and Legislation—as well as to individual senators. The Senate now has the opportunity—and responsibility—to improve the text by incorporating essential legal and technical adjustments.

TEDIC remains committed to collaborating with Congress by providing materials, comparative analyses, and technical arguments to strengthen this law. We will continue working alongside civil society and all individuals committed to defending digital rights, so Paraguay can have a Data Protection Law that meets today’s challenges and public expectations.

Cybersecurity in Paraguay: Legislative Momentum vs. Robust Public Policy

Between May and July 2025, Paraguay experienced another massive data breach at the Ministry of Health, confirming the ongoing exposure of sensitive information—names, addresses, debts, biometrics—stored in public systems. This highlighted the urgent need for a national cybersecurity law.

In response, Congress introduced two legislative bills on cybersecurity, while the Metropolitan University of Asunción submitted a draft proposal accompanied by a public hearing.

At TEDIC, as a digital rights and tech-focused organization, we view this momentum with cautious optimism. Although we welcome this legislative attention—we’ve been working on this issue since 2016—we are concerned that multiple proposals may fragment the debate and result in overlapping or contradictory laws.

We submitted our opinions and main concerns on all three proposals and shared our vision for building an effective public cybersecurity policy.

We urge Congress—particularly the Chamber of Deputies, which is leading two of the proposals—to unify efforts and work toward a single, strong, and ambitious legislative proposal that includes input from specialized organizations, academia, the private sector, and civil society.

TEDIC’s Contributions to the Cybersecurity Strategy

In 2017, we submitted recommendations for MITIC’s first National Cybersecurity Plan. In 2024, we submitted comments on the draft of the new National Cybersecurity Strategy, which was approved in May 2025 under Resolution 3900/25.

Our feedback included key points on governance, rights protection, and strategic strengthening. Unfortunately, these essential perspectives were not incorporated. A truly democratic approach to cybersecurity not only blocks threats—it enables freedoms, builds trust, and reduces inequalities.

Regrettably, the new National Cybersecurity Strategy published by MITIC does not yet fully reflect this vision. While it references general principles like a “human-centered approach,” in practice the strategy continues to be dominated by technical and punitive frameworks. That’s why we urge MITIC to rethink these concepts and seriously consider our timely and valuable contributions.

Alert: The State’s Invisible Surveillance

In a year marked by urgent debates on digital rights and state control, Paraguay still lacks transparency about its use of surveillance technologies. In 2021, TEDIC submitted a public information request regarding the State’s potential acquisition of IMSI catchers—devices capable of intercepting mobile communications—but the National Police merely stated that it “could neither confirm nor deny” their use.

Through systematic monitoring of public procurement records, we identified that the Paraguayan government has indeed acquired this type of technology over the years. Notably, we found evidence suggesting a purchase by the Ministry of the Interior in 2014, during the Cartes administration. Additionally, we found a $12 million procurement notice by the Itaipú Technology Park (PTI) for various surveillance software tools, including an IMSI catcher intended for the Interior Ministry.

At TEDIC, we demand greater transparency regarding the acquisition and use of surveillance technologies, a robust legal framework to ensure their proportional and necessary use, and a strict ban on IMSI catchers without judicial oversight—as well as the protection of the right to protest.

Workshops, Campaigns, and Alliances

While this quarter was filled with public policy advocacy, we also focused on strengthening alliances and dialogue with government and civil society organizations:

  • We participated in the first session of the “Electoral Outlook: Municipal Elections 2026” series, organized by the Paraguayan Electoral Integrity Network at the Catholic University. The panel, titled What Do People Vote For?, brought together experts to discuss civic engagement, electoral tech, and threats to democracy.
  • We took part in Tech Week, a week dedicated to exploring tech tools that support initiatives like the Poverty Stoplight. We led the session “Cybersecurity and Digital Rights.”
  • We conducted a cybersecurity workshop for the National Mechanism for the Prevention of Torture (MNP), raising awareness about digital threats and defense strategies for institutional staff.
  • At Tech Tips, we discussed how gender-based violence manifests online and how to recognize its digital signs.
  • We led a digital security workshop for the Paraguayan Red Cross, focusing on the protection of sensitive data and devices.
  • In the context of rising WhatsApp account hacks, we were interviewed by Radio La Unión, where we shared accessible digital safety tips and tools.
  • Representing multiple civil society organizations, we joined the regular session of the Interinstitutional Board for the Prevention of Violence Against Women (PREVIM) to express our concern over recent cases of violence against women.
  • We met with Senator Ignacio Iramain to share our concerns regarding the use of autonomous weapons for military purposes. He signed his support for the international Stop Killer Robots campaign, of which we are a member.
  • We participated in the international seminar “Building Equality: Challenges and Strategies for Access to Justice”, organized by the Public Defender’s Office and the Center for Judicial Studies. We spoke on the panel “Digital Violence and Exclusion from the Virtual Space.”

Looking Ahead: Commitments for the Second Half of 2025

This period reaffirmed the urgent need for strong data protection laws, a cybersecurity approach that respects freedoms, transparent and inclusive electoral processes, and deeper protection strategies for women in both physical and digital spaces.

As we look ahead, we renew our commitment to maintaining an active presence, building strategic alliances, and promoting a safer, more inclusive, and just digital environment for all. Our focus remains firmly on the future—with the conviction that technology must serve to expand rights, not restrict them.