if u study for civil service exams, u know that seeing ur name at the top of the ranking is one of the best feelings in the world. recently i got approved in 1st place in a municipal exam for the role of systems analyst. the feeling of duty accomplished was huge, but the appointment that was supposed to be a natural process just never arrived.
without rushing, but demanding respect for my effort and the rules of the game, i decided not to just sit and wait. i started my own investigation using public tools: the transparency portal and the official city gazette. what i found was a real script on how the public machine often bypasses meritocracy.
the discovery on the transparency portal
when cross-referencing the data, i discovered that the city finance department had signed an emergency contract, with waiver of bidding, to hire a private it company. the object of the contract was "temporary maintenance of system to ensure data review, validation and extraction".
the problem is, when i checked the exam notice, the legal duties of my role included exactly that! monitoring systems and administering databases (own or outsourced).
it could have been just a 60-day transition contract for software, but the investigation went further. analyzing the transparency portal history, i realized the city had been doing a real "chain" of successive emergency contracts with the same it company, always using the justification of maintaining "current contractual conditions".
this evidences a scenario of precarization. instead of appointing someone who passed the career exam, the municipality drains public coffers paying expensive bidding waivers for a company to do the continuous data management work.
from a governance and information security standpoint, this is extremely serious. fiscal and citizen registry data is being manipulated exclusively by third parties, without audit from an effective and impartial public servant who should act as the technical inspector of this transition.
what does the law say about this?
legally, this practice has a name. preterition. the supreme court has consolidated understanding (theme 784) that whoever passes the exam has a liquid and certain right to appointment when the public administration demonstrates unequivocal need for the position, but opts to fill it precariously or outsourced during the validity of the exam.
besides, the legal deadline to judicially challenge this maneuver and demand appointment is 5 years, counted from the moment the outsourced (or temporary) worker was hired to occupy the place of whoever passed the exam.
action taken: contacting the public prosecutor
since my main goal was ensuring the seriousness of public management, without necessarily spending on lawyers immediately, i compiled screenshots of the exam notice and the emergency contracts and filed a formal complaint at the state public prosecutors ombudsman.
many ppl fear retaliation when reporting public agencies, but brazilian legislation has evolved a lot in this regard. law no. 13.608/2018 ensures full protection against retaliation and guarantees the preservation of the informants identity who reports irregularities in public administration in good faith.
the complaint has already been processed, became an official procedure and is now in the hands of a state prosecutor, who has the power to summon the city to explain itself and eventually force the signing of an agreement or file a public civil action to suspend the irregular contracts and demand appointments.
the danger of lock-in: total it outsourcing and police cases
during the investigation, i noticed the justification for the city to keep the first company on emergency basis was the "transition" to a new and million-dollar cloud management system, provided by another mega private tech company. unfortunately, municipal governments are adopting the practice of fully outsourcing the entire it department.
by handing over the entire database and the administrative heart of the city to closed-source proprietary software, the municipality suffers what we call in tech vendor lock-in. public management becomes completely hostage to the company, making any future data migration or supplier change an expensive, rigid and nearly impossible process.
besides, delegating massive handling of fiscal data and sensitive citizen information to third parties drastically increases the risks of violating data protection laws.
the technically, economically and morally correct solution for public administration would be investing in the development and adoption of free and open source software. using public and auditable technologies ensures state digital sovereignty, preventing public data from becoming hostage to corporations.
with free software, the municipality eliminates abusive licensing fees and gains freedom to share the created solutions with other cities, generating savings for all of society.
to make things worse, the recent history of closed-source public management software demands maximum alert. as an example, this same company that won the million-dollar contract for the citys new system was the central target of mega-operations by the public prosecutor and gaeco codenamed "marked cards".
authorities investigated an alleged scheme of fraud and supply of ready-made document packages to direct software bidding in various cities, resulting in dozens of search warrants and the blocking of millions in assets.
handing over city data to corporations with this history, while the technical role of whoever passed the exam sits empty, is the perfect recipe for disaster.
the policy that existed and was abandoned
starting in 2003, the federal government implemented an official policy of prioritizing open source software across all public administration. the goal was to save hundreds of millions in licenses, ensure the countrys digital sovereignty and stimulate national technological development.
but in late 2016, the government of former president michel temer promoted a radical reversal of this policy. abandoned the guideline of prioritizing free software and paved the way to standardize federal agencies systems with closed-source microsoft products.
the excuse given by the government at the time for this million-dollar migration was that closed-source systems would "protect national systems against hackers".
information security experts heavily criticized this decision. the argument is simple, open source software is more secure precisely because it allows complete public audit to find vulnerabilities. when code is open, anyone can review, report bugs and improve security. closed code is a black box. u trust a single company and never know whats running behind it.
besides the absurd cost to public coffers, the main warning from experts was exactly the lock-in we already discussed. this action annihilated part of the countrys independence and chained the state to a single foreign private corporation, making any future change impossible without spending fortunes.
the lesson
passing the exam is just the first battle. the second is making sure the law is followed. if u pass the exam and the positions are frozen, do ur part as a citizen:
- access the transparency portal
- audit ur citys contracts
- contact the oversight bodies
the rule of law depends on our vigilance. (⌐■_■)