Global biometric surveillance

Paraguay Claims Facial Recognition Protocols Are a State Secret. The IACHR Is Being Asked to Rule Otherwise.

EFF, TEDIC and CEJIL's June 2026 petition to the Inter-American Commission challenges the doctrine that 'national security' can shield surveillance systems from any public accountability.

Paraguay's Facial Recognition Gap People of Internet Research · Global 137 Alerts in 4 years Total facial recognition alerts ge… ~4M Facial images breached Approx. faces exposed in 2023 Nati… 13+ State bodies with FR Public institutions in Paraguay th… 7+ Years without data law Paraguay deployed facial recogniti… peopleofinternet.com

Key Takeaways

On June 19, 2026, the Electronic Frontier Foundation (EFF), Paraguay's digital rights group TEDIC, and the Centre for Justice and International Law (CEJIL) filed a petition with the Inter-American Commission on Human Rights (IACHR) asking the regional body to rule that Paraguay violated the rights of its citizens by refusing to disclose how it operates a facial recognition surveillance network that has been running in Asunción since 2018. The petition is not a demand to shut the cameras down. It asks for something far more modest — and, in its modesty, more revealing of what states are willing to protect: the protocols and impact assessments behind a system that affects everyone who walks through the capital.

A Surveillance System Built on Institutional Secrecy

In July 2018, Paraguay's Ministry of the Interior and National Police announced the acquisition of 154 cameras for Asunción, 44 of which were equipped with facial recognition technology. The system then spread rapidly: by the time TEDIC published its April 2025 investigation "Not With My Face", at least 13 public institutions — from the National Directorate of Migration to the Chamber of Senators — had acknowledged possessing the technology.

The effectiveness record is thin. According to TEDIC's research, Paraguay's facial recognition systems generated only 137 alerts across the entire four-year span from 2019 to 2023. The system that surveils thousands of people daily managed to flag fewer individuals in four years than most medium-sized police precincts process in a week.

Yet despite this underwhelming operational record, the state has consistently classified implementation details as national security secrets. Maricarmen Sequera, a lawyer and TEDIC's executive director, filed a formal information request seeking the protocols behind the system, whether any human rights or data protection impact assessments were conducted before deployment, and what data-protection measures were in place for the biometric information being collected. Paraguay's authorities refused most of the request, asserting that implementation protocols and personal data processing details were "confidential security information."

Three Lawsuits, Three Defeats

When the information request was denied, TEDIC pursued the matter through Paraguay's courts. Three separate strategic litigation cases have been filed since 2018, each seeking to compel disclosure of how the facial recognition system operates. All three were rejected. Paraguay's judicial system consistently upheld the government's position that surveillance protocols merit blanket confidentiality.

This is the legal dead-end that drove the IACHR petition. Having exhausted domestic remedies without result, the organizations are now asking the regional human rights body to determine whether the Inter-American standards on access to information permit states to hide not just operational parameters but the very existence of safety assessments.

The State's Strongest Case — and Its Limits

Before dismissing Paraguay's position, it deserves a fair hearing. Governments do have legitimate interests in protecting operational security. Disclosing the precise locations of surveillance infrastructure or the specific parameters of a facial recognition algorithm could help bad actors evade detection. Law enforcement agencies routinely and reasonably withhold tactical details of investigative systems. A blanket rule requiring full public disclosure of all surveillance technology could undermine genuine public safety functions.

But the petition draws a distinction that the Paraguayan courts failed to engage with: implementation protocols and human rights impact assessments are not the same thing as operational secrets. Whether the government evaluated accuracy rates, error rates, or demographic bias before deploying a system that processes the faces of everyone in Asunción is not a tactical question — it is an accountability question. Whether a data protection impact assessment was conducted is not sensitive operational information; it is either a document that exists or evidence that it was never done.

Inter-American jurisprudence has long held that restrictions on access to information must clear a necessity-and-proportionality test — harm must be "concrete and verifiable," not theoretical. The blanket refusal to acknowledge whether an impact assessment exists fails that test.

The Data Breach That Makes the Secrecy Worse

The opacity the Paraguayan state has insisted on came at a cost. In 2023, a breach of the National Police's systems exposed more than 400 gigabytes of confidential data, including approximately four million facial images captured by the recognition cameras, alongside civil identification numbers from identity documents. The breach was not a hypothetical risk — it was a documented consequence of deploying biometric infrastructure without any publicly accountable governance framework.

Paraguay had no general personal data protection law until November 27, 2025, when Law No. 7593/2025 was promulgated — more than seven years after the facial recognition system was first deployed. Even now, the law's full implementation has been pushed to November 2027, a two-year transition period. That means the entire initial phase of the country's facial recognition experiment — deployment, expansion to 13 institutions, and a major data breach — happened in a legal vacuum. The new law does require data protection impact assessments for high-risk processing activities, which retroactively underscores that no such assessment was apparently conducted before the system went live.

Why the IACHR Forum Matters

The petition's venue choice is strategic. The IACHR has developed a robust body of standards on surveillance and access to information, drawing on the American Convention on Human Rights and inter-American case law. If the Commission accepts the petition and ultimately rules in the petitioners' favour, the remedies sought are specific: delivery of the denied information, permanent transparency mechanisms for surveillance technology acquisition and use, and mandatory human rights impact assessments before any future biometric system is deployed.

The regional significance extends beyond Paraguay. Facial recognition deployments across Latin America have followed a similar pattern — rapid acquisition funded through telecommunications or infrastructure budgets, minimal legal frameworks, and court systems that have deferred to security classifications. A binding IACHR ruling establishing that pre-deployment impact assessments are non-classifiable public documents would create a regional accountability floor that domestic courts have been unwilling to build.

Proportionality, Not Abolition

The petition does not argue that Paraguay may not operate facial recognition cameras. It argues that the state must be able to show it thought through what it was doing before it did it — and that this showing must be available to the public. That is a proportionate ask. A surveillance system that generates 137 alerts over four years, that experienced a breach exposing four million facial images, and that spread to 13 state institutions without any disclosed legal framework is not a system being protected by secrecy. It is a system being insulated from accountability by it.

Proportionate regulation does not mean no regulation. It means the constraints match the risk. For a biometric surveillance network that processes the faces of a city's entire population, a requirement that impact assessments exist and be disclosed is not a burden — it is the minimum. The IACHR petition asks Paraguay to meet that minimum. The fact that three domestic courts declined to require it is precisely why regional human rights mechanisms exist.

Sources & Citations

  1. EFF/TEDIC/CEJIL IACHR Petition — EFF
  2. TEDIC 'Not With My Face' State Deployment Investigation
  3. TEDIC 'Not With My Face' Full Report
  4. ID Tech Wire — Paraguay Facial Recognition Secrecy
  5. Paraguay Law 7593/2025 — Daniel Law Client Alert
  6. Access Now — Paraguay Biometrics Bill Veto