Private Internet Access removed Brazilian servers, for the security of its customers.

The enforcement of an existing law has come into effect [ Lei nº 12.965 ], which requires the owner of an IP-address to store all traffic, both incoming and outgoing for a minimum of one year.

Another interesting law is [Lei nº13.709], expected to take legal effect in August 2020.

Public authorities can use private data in investigations (art.4).

When the company that owns the ISP is contacted to provide data about a particular user, it is not obliged to inform the user about it (art.7).

Private Internet Access removed Brazilian servers.

PIA's previous Brazilian datacenter company, Equinix, let them know, that the Brazilian government has changed its tone and fully intends, to have internet service providers, even the virtual ones, comply with Brazilian logging laws.

Even though the virtual nodes have been removed, anyone can still use PIA VPN, just choose another country.

You can get more information from PIAs own blog.

Research Center InternetLab, in partnership with the Electronic Frontier Foundation, released its annual report on how Brazilian ISPs, approach the personal data of its customers.

"Freedom of expression is guaranteed, but it cannot be anonymous."

Each company received ratings in six categories: data processing, data disclosure to the government, defense of user privacy in the courts, pro-user privacy public engagement, transparency reports, and user notification.

Vivo, led the privacy rankings with four out of six stars, a designation it earned due to its strong commitment to transparency.

The company was the only ISP to earn a full star for informing users about data processing, disclosing terms of compliance with data requests from the government and publishing transparency reports about data requests.

Brazilian internet users are still able to use the vast Private Internet Access network and those that know what a VPN is, would want to use one.

However, PIA has no plans to establish a new Brazilian exit node in light of the current interpretation of Brazilian internet laws.

The ISP SKY exposed all private information on all 32 million of its users in 2018.

This leak was discovered by Brazilian independent researcher Fabio Castro.

The information was stolen via an "improperly configured ElasticSearch search engine", that Sky Brasil had been maintaining online at two IP addresses.

The search engine for Sky Brasil users data was accessible via two IP addresses without password protection.

In total, Sky Brasil leaked 28.7GB of users log files and a whopping 429.1GB of API data.

The leaked data includes private, identifiable information that could be used by hackers to blackmail or impersonate victims.

This is Brazil’s biggest exposure of private data, but is not the worst that the internet has seen this year.

"The data the server stored was Full name, e-mail, password, pay-TV package data (Sky Brazil), client ip addresses, personal addresses, payment methods. Among other information the model of the device, serial numbers of the device that is in the customer’s home, and also the log files of the whole platform.”

Castro explained the gravity of the exposed data to Bleeping Computer.