LGPD: What does the new Brazilian data protection law say?
People must have control over their personal data and must understand the legal framework of digital businesses. This is because, unfortunately, users’ personal data are often illegally captured, which can compromise their privacy. This whole scenario led to the creation of the General Data Protection Regulation (GDPR) for the European Union, which came into force in May 2018, and now Brazil is preparing to adjust to the new law, very similar to the one that already exists in the Europe. After more than eight years of debates in civil society, Law 13.709 / 2018, the Brazilian Data Protection Law, arrives. The legislation (LGPD) was enacted on August 14, 2018 and is expected to come into effect, definitely, this year. In today’s article, we will know the main points of this legislation.
Concepts of the new law
The holder of the data is the person that the law aims to protect and is the carrier of “personal data that are subject to treatment”, so that legal entities of a collective nature are excluded from the scope of the new law: this law is exclusively to protect people.
The concept of data processing is very important in this legislation and is defined as “any operation carried out with personal data, such as collecting, producing, receiving, classifying, using, accessing, reproducing, transmitting, archiving, storage, disposal, evaluation or control of information, modification, communication, transfer, diffusion or extraction”. This context is very broad and applies to all data processing operations carried out by an individual or collective person, both in the public sector and in the private sector. In order for the law to apply, this data processing must be carried out in Brazilian territory. In the case of foreign citizens, personal data are subject to the new law when they are collected in Brazil and when their treatment is intended to provide goods or services in Brazil.
What will change in practice?
Obligation to delete data when required by the user
Citizens will be able to require companies to delete their personal data, whenever requested by users. The new regulation allows the personal data of each citizen to be destroyed at his request.
Data portability
Citizens may require companies to send their personal data in a format that allows them to be sent to another company, facilitating their migration and making it simpler to change service provision. Whenever a citizen changes banks or a television service provider, he or she will not have to provide his/her personal data again, as they can be easily migrated from one company to another.
Need for express user authorization
Citizens will have full information about how companies treat their data, how they store it, how long they store it and with whom they share their information. The new law applies to all activities involving the use of personal data, including treatment over the internet.
Obligation to notify in case of violation of personal data
Businesses and organizations have a duty to notify the competent authority in situations which put individuals at risk and to communicate to the citizen concerned all high-risk violations as quickly as possible so that appropriate action can be taken. In case of data leaks, the company must inform the competent authority (National Data Protection Authority, an indirect public administration body linked to the Ministry of Justice), which will be responsible for monitoring, implementing and enforcing the law , within a “reasonable period”.
What happens in case of default?
In case of data leakage or any other violation of the law, fines may reach 2% of the billing, with a limit of R $50 million, and may also imply the suspension of the company’s activities.
4 steps to store data in the Cloud
The Cloud is an option increasingly used by companies. However, there are still many doubts related to this technology, especially with regard to security. Cloud Computing is an IT solution that allows online use of computing resources, using the Internet. Uncomplicated: wherever you are, you can access your programs and files by simply having an Internet connection. With multiple users and multiple access points, it is essential to take some precautions in order to guarantee data privacy. In today’s article, we present 4 precautions you should take when storing data in the Cloud.
Data privacy: 5 mistakes you can’t make in 2020
Data privacy remains a concern for companies in 2020. There are still many mistakes made in terms of security and this can cause serious problems for the organization. It is essential to protect data in the best possible way, otherwise it will be exposed or stolen by people outside the business. In today’s article, we selected 5 data privacy mistakes you can’t make in 2020!
The Advantages of Masking Your Data with Datapeers
Protecting data is essential, especially the most sensitive data. No business wants to see its data exposed, as such a situation can lead a business to bankruptcy. More than ever, companies are concerned about the security of their information as a result of the growing importance that data has gained in recent years. One of the most effective ways to protect confidential information is through data masking. Data masking aims at creating a structurally identical but not equal version of the data. This technique creates a database with fictitious but realistic information that can be used for testing and training purposes. Data masking solutions offer a variety of sophisticated scrambling techniques to protect sensitive data, irreversibly replacing it with unrealistic data while maintaining referential integrity of the database. It is therefore a real and growing need in contemporary organizations. In today’s article, we present the advantages of masking your data with Datapeers!
Meet the new data protection laws in the world
Today’s world is digital, so more and more companies are taking advantage of information and big data to gain relevant insights into markets and the business itself. Internet access is nowadays universal and the massive use of social media captures a huge volume of data. Data privacy is one of the key challenges facing companies today. There is a growing collection of user data, and more and more computer attacks that expose private data and cause huge financial losses to businesses. To combat these threats and to ensure that sensitive information remains private, several countries and regions have begun to implement measures to punish organizations that don’t safeguard information security. In today’s article, we will learn about the new data protection laws in the world!
Understand the difference between data security and privacy
Data security and privacy are two concepts that go hand in hand. Many people confuse the concepts and think they are the same thing. However, while they have the common goal of protecting sensitive data, data security and privacy are not the same thing and have different approaches to achieving the goal they share. In today’s article, we will understand the differences between these two concepts and understand how we can keep data private and secure!
What to do to avoid digital pitfalls?
There is more and more news of digital attacks and data loss. Hackers are stronger than ever and investing in digital security is essential. The evolution of the internet has altered society’s spending habits, so thousands of monetary transactions are now being made every minute of passing. Brands build their heritage based on digital data and information, and it is critical that this data is safe and secure. In today’s article, we leave you some tips to avoid digital pitfalls!
The importance of data storage for business security
Good management should be based on relevant business, process, market and stakeholder information. In order to have reliable data management, it is becoming increasingly important to use an efficient data storage system in organizations. Proper storage of data is essential for keeping it safe and confidential. The company needs to have a strategy so that the use of technological tools gives the business intelligence. In today’s article, we will see how important data storage is for business security.
How does RGPD affect a business-customer relationship?
GDPR came into force in May 2018 and, after a troubled period of adaptation, companies are calmer and apparently better prepared to comply with the new legislation. However, there are still some doubts as to the actual changes that the GDPR will bring to companies. In today’s article, we explain how GDPR affects the relationship between companies and customers!
5 fatal errors in protecting your information
To make mistakes and Private Data are two concepts that cannot go hand in hand. Data loss or exposure can completely compromise the viability of a business, so it is increasingly essential that companies properly protect their information. In today’s article, we present 5 fatal errors in protecting your information!
