Brazil has followed through on its promise to make its government email open source and entirely- on-shore.
The nation's Diário Oficial da União, or official gazette for the English-speakers among you, yesterday contained a “Decreto anuncia medidas para adoção dos serviços de correio eletrônico oferecidos pela administração pública federal”, or “Decree for adoption of e-mail services offered by the federal public administration”.
After pushing the decree (PDF ) through two translation engines, the Reg believes the decree makes the following provisions:
- Government data must be carried by a government organisation or an organisation in which the government is a shareholder, other than for mobile communications;
- The government will create and operate its own email services;;
- Facilities enabling audit of confidentiality, authenticity and integrity of the email system must be built in from the start;
- Data must be stored in government facilities in Brazil;
- Normal procurement practices are suspended in order to get this done without having to seek competitive bids and state-owned IT shops only need apply.
Brazil signalled the desire to implement its own secure email regime back in October, after deciding the NSA's shenanigans made it a national security imperative. Our reading of the decree suggests it's already in force, which presumably means sysadmins and security types are already hard at work trying to turn it into reality. ®