Article 15 of the Colombian Constitution sets out the general principle that no correspondence or private communication in any form may be intercepted by government agencies unless a judicial order has been granted to permit it.  The particular circumstances in which such an order may be granted must also be set out in other laws.

However, where a crime of any kind is being investigated, article 250 of the Colombian Constitution (as amended by Legislative Act 03 of 2002) states that the Attorney-General’s office may order the interception of private communications and in this instance a judicial order will not be required to commence the interception of communications. The process by which the Attorney General’s office may order interceptions is set out in the Criminal Procedure Code.


Article 235 of the Colombian Criminal Procedure Code (Law 906 of 2004 as amended by article 52 of Law 1453 of 2011) provides that public prosecutors (i.e. public officials of the Attorney-General’s office) may order the interception of any form of private communication over any telecommunications network to search for evidence or locate a person in relation to any crime that is under investigation.

Interception orders from a public prosecutor must be sent to the Telecommunications, Network and Service Providers (the bodies responsible for the operation of telecommunications networks and services, as defined in resolution 3067 of 2011 of the Colombian Communications Regulation Commission, “TNSPs“) in writing.  The confidentiality of all intercepted communications must be ensured throughout the process.

After the interception has taken place, the investigating body that requested it has certain duties to ensure the legality of the interception, as described in paragraph 5.1 below.

The maximum term of an order from a public prosecutor to intercept communications is six months.  After this period has elapsed, the prosecutor may obtain a judicial order allowing an extension. In granting the extension, the judge must deem it reasonable to extend the interception period beyond six months. It should not be extended, for example, simply because of inefficiencies in the investigation.

LAW 1708 OF 2014

Public prosecutors may also, under article 167 of Law 1708 of 2014, order the interception of any communications that use the radio spectrum in the course of an investigation into assets acquired with the proceeds of crime.  This law is most commonly used in relation to assets that have been acquired with money from the drugs trade.  Intercepting communications is permitted in these cases solely for the purpose of gathering evidence, and is subject to the other conditions from article 235 of the Criminal Procedure Code set out above.

LAW 1621 OF 2013

The military, the police and the Information and Financial Research Unit (together the “Intelligence and Counter-Intelligence Services“) may, under Article 17 of Law 1621 of 2013, intercept private telecommunications for the purposes of national security, even where they are not investigating a specific crime.

For these operations, the Intelligence and Counter-Intelligence Services are required to obtain a judicial order before initiating an interception of communications and cannot obtain an order from a public prosecutor as described in paragraph 1.2 above.  Such an order can only be granted after a private hearing at which officials from the relevant agency make representations before a judge, who will determine whether the interception is legal.

The request to the TNSP for access to the telecommunications network in question for interception purposes must be filed with the TNSP by the director of the relevant Intelligence or Counter-Intelligence Service before any interception can take place.

Under article 44 of Law 1621 of 2013, TNSPs are not required to allow interception of communications (or provide metadata) in the course of an intelligence or counterintelligence operation if doing so is not technically possible, although what is ‘not technically possible’ is not specifically defined in Colombian law.

DECREE 1704 OF 2012 AND LAW 1621 OF 2013

Under Decree 1704 of 2012, TNSPs must ensure that the infrastructure for their networks provides connections and access points for the equipment necessary to implement interceptions authorised under the above laws, and for any other activities necessary to carry out such an interception.  The Ministry of Information and Communication Technologies (“MICT“) prescribes the technical requirements for this.  If a TNSP does not comply with its obligations under this Decree, the MICT can initiate an administrative investigation and impose sanctions if required.  Under article 2 of the Decree, TNSPs have no right to appeal against changes to technical requirements.

Under article 44 of Law 1621 of 2013, when TNSPs change the technology of their infrastructure, they must provide both the Attorney General’s office and the MICT with the equipment required to allow these bodies to intercept communications carried by this new technology.  TNSPs may, however, charge a reasonable fee for providing this equipment.


Provided they are acting under an order from a public prosecutor in the Attorney General’s office or a judicial order as set out above, certain officials referred to as the ‘judicial police’ may access the TNSPs’ networks via designated points of connection for the purpose of intercepting communications.

The judicial police were defined in decision C-594 of the Colombian Constitutional Court as:

  • members of the national police force trained to perform activities in support of investigations where communications are to be intercepted;
  • members of the Technical Investigation Unit of the Attorney General’s office trained to perform activities in support of investigations where communications are to be intercepted; and
  • public servants who have been granted judicial powers, for example mayors, police inspectors and members of the public prosecutor’s office.

Once the intercepted data has been collected, the TNSPs must provide measures to allow the data to be conveyed to the storage facility used by the judicial police to process the data.  The cost of this is borne by the branch of the judicial police that is performing the interception.


DECREE 1704 OF 2012

There is no separate power for government agencies to request metadata from Telecommunications, Network and Service Providers (“TNSPs“) that is distinct from the interception-related powers above.  Under Decree 1704 of 2012, as part of the request to a TNSP for the interception of communications, the TNSP can be required to provide communications and subscriber data relating to interception targets such as their identity, billing address, type of connection and information relating to their exact location, provided that it is necessary for the purposes of the interception.

LAW 1621 OF 2013

Article 44 of Law 1621 of 2013 provides that TNSPs must, as part of an investigation, provide the military, the police and the Information and Financial Research Unit (together the “Intelligence and Counter-Intelligence Services“) with communications metadata. This can include information related to the history of the interception target’s communications, the equipment that they are using, and technical data relevant to the identity of the target.  The exact scope of the information required must be set out in both the judicial order for the investigation and the request to the TNSP from the director of the relevant Service.


LAW 1621 OF 2013

As described in paragraph 1.4 above, all interception operations conducted by the military, the police and the Information and Financial Research Unit (together the “Intelligence and Counter-Intelligence Services“) can only be carried out on the basis of national security and under the legal authority of a judicial order.

LAW 1341 OF 2009

Under article 8 of Law 1341 of 2009, in the event of an emergency, internal or external turmoil, disaster or public calamity, any government agency that requires priority access to a telecommunications network to transmit a specific message must be given that priority access by any Telecommunications, Network and Service Provider.  This does not allow government agencies to access the data of the provider’s customers, simply access to the network for transmitting the message.


LAW 679 OF 2001 AND DECREE 1524 OF 2002

According to Law 679 of 2001, no Telecommunications, Network and Service Provider (“TNSP“), administrator or user of a network is permitted to store text, images, documents or audio files that are directly or indirectly related to sexual abuse of children, or such files where there are sufficient indications that they relate to child sex abuse.

Articles 6 of decree 1524 of 2002 obliges TNSPs to implement internal security systems to prevent access to websites that contain child sex abuse images.

Under article 10 of Law 679 of 2001 as amended by Law 1336 of 2009, TNSPs providing internet access must allow public prosecutors and the police access to their network to track IP addresses which store files relating to sexual abuse of children.  The law also allows the Ministry of Information and Communications Technology (“MICT“) to request that IP addresses and web pages containing such types of data be blocked.

LAW 1341 OF 2009

Under Articles 64 and 65 of Law 1341 of 2009, the MICT may investigate the operation of a TNSP.  If the TNSP has breached any legal rules related to telecommunications, the MICT can suspend the TNSP’s network for a maximum of two months, for example a breach of the provisions of Law 679 of 2001 described above.  Failure to comply with these obligations after a suspension could lead to a cancellation of the permit, licence or authorisation of the TNSP.

LAW 1581 OF 2012

Under article 21 of Law 1581 of 2012, the Superintendent of Industry and Commerce (a government agency that regulates intellectual property rights, consumer protection, personal data protection and competition) has the power to temporarily block web pages that host and store personal data where the site providing such pages does not have mechanisms to ensure that:

  • data is kept sufficiently confidential;
  • the rights of data subjects are protected;
  • data subjects are allowed sufficient control of their data; and
  • the information on the page is not inaccurate, out-of-date or incomplete.



After public prosecutors in the Attorney General’s office have ordered an interception and it has been carried out, the investigating body that requested the interception must file a report with a judge setting out the facts of the interception.  Within 24 hours of the report, the judge will determine the legality of the initial interception order.

Under article 114 of the Colombian Criminal Procedure Code (Law 906 of 2004 as amended by article 52 of Law 1453 of 2011), the investigating body is required to hold a hearing before a judge within 36 hours of obtaining information from any intercepted communications. At this hearing, the judge will determine if the interception was performed legally.

If it is determined that the interception was not legal, then the information gained from intercepted communications may not be used as evidence of the crime under investigation.

LAW 1621 OF 2013

As set out above, under article 17 of Law 1621 of 2013, the military, the police and the Information and Financial Research Unit (together the “Intelligence and Counter-Intelligence Services“) must obtain a judicial order before intercepting any private communications.  Once an interception has taken place, any information gained from it has to be presented before a judge who will determine if the interception was performed legally.

LAW 1437 OF 2011

As a general rule, administrative decisions made by public bodies in Colombia are subject to a right of appeal under article 74 of Law 1437 of 2011.  Therefore, Telecommunications, Network and Service Providers may appeal any sanctions imposed upon them in the aftermath of an administrative investigation by the Ministry of Information and Communications Technology, for example a sanction for non-compliance with Law 1341 of 2009 or a sanction imposed for alleged non-compliance with technical requirements under Law 1704 of 2012.


Article 20 of the Colombian Constitution provides for a general right to freedom of expression, and Article 86 provides a specific mechanism for protecting this right, the “Accion de Tutela”.  This involves filing a writ with a judge arguing for protection of the specific act of freedom of expression, who then determines whether that action should be specifically protected.

The Constitutional Court of Colombia, in decision T-391 of 2007, expanded on the general right to freedom of expression.  The Court found that freedom of expression could only be limited where the limitations:

  • are specifically provided for by law;
  • are intended for a legitimate purpose;
  • are appropriate for the required purpose;
  • were implemented prior to the specific exercise of freedom expression to be limited;
  • do not represent censorship; and
  • where the limitations in question do not hamper the exercise of the right to freedom of expression.


Publication of laws


There is no restriction on a TNSP publishing the laws or regulations to which it is subject.  Under article 157 of the Colombian Constitution, a law does not come into full force until it has been published in the official journal of Colombian law.

LAW 1712 OF 2014

Under Law 1712 of 2014, all information stored, managed and produced by government authorities is deemed to be public information and can be published freely.  Therefore, there is nothing to prevent publication of laws relating to the use of government powers unless a separate law states otherwise.

Publication of Aggregate Data

LAW 1621 OF 2013

There is no law that explicitly forbids the publication of aggregate data on interception requests and requests for metadata.  However, under article 33 of Law 1621 of 2013, documents, information and technical details related to investigations of Intelligence and Counter-Intelligence Services in Colombia are deemed to be confidential to the extent that it would compromise their investigations.  This provision allows the Intelligence and Counter-Intelligence Services to prevent the publication of aggregate data.

Law stated as at 3 March 2015

This information was originally published by the Telecommunications Industry Dialogue in June of 2015.

2018-10-15T20:40:24+00:00October 6, 2018|Categories: legal frameworks|