People must have control over their personal data and must understand the legal framework of digital businesses. This is because, unfortunately, users’ personal data are often illegally captured, which can compromise their privacy. This whole scenario led to the creation of the General Data Protection Regulation (GDPR) for the European Union, which came into force in May 2018, and now Brazil is preparing to adjust to the new law, very similar to the one that already exists in the Europe. After more than eight years of debates in civil society, Law 13.709 / 2018, the Brazilian Data Protection Law, arrives. The legislation (LGPD) was enacted on August 14, 2018 and is expected to come into effect, definitely, this year. In today’s article, we will know the main points of this legislation.
The holder of the data is the person that the law aims to protect and is the carrier of “personal data that are subject to treatment”, so that legal entities of a collective nature are excluded from the scope of the new law: this law is exclusively to protect people.
The concept of data processing is very important in this legislation and is defined as “any operation carried out with personal data, such as collecting, producing, receiving, classifying, using, accessing, reproducing, transmitting, archiving, storage, disposal, evaluation or control of information, modification, communication, transfer, diffusion or extraction”. This context is very broad and applies to all data processing operations carried out by an individual or collective person, both in the public sector and in the private sector. In order for the law to apply, this data processing must be carried out in Brazilian territory. In the case of foreign citizens, personal data are subject to the new law when they are collected in Brazil and when their treatment is intended to provide goods or services in Brazil.
Citizens will be able to require companies to delete their personal data, whenever requested by users. The new regulation allows the personal data of each citizen to be destroyed at his request.
Citizens may require companies to send their personal data in a format that allows them to be sent to another company, facilitating their migration and making it simpler to change service provision. Whenever a citizen changes banks or a television service provider, he or she will not have to provide his/her personal data again, as they can be easily migrated from one company to another.
Citizens will have full information about how companies treat their data, how they store it, how long they store it and with whom they share their information. The new law applies to all activities involving the use of personal data, including treatment over the internet.
Businesses and organizations have a duty to notify the competent authority in situations which put individuals at risk and to communicate to the citizen concerned all high-risk violations as quickly as possible so that appropriate action can be taken. In case of data leaks, the company must inform the competent authority (National Data Protection Authority, an indirect public administration body linked to the Ministry of Justice), which will be responsible for monitoring, implementing and enforcing the law , within a “reasonable period”.
In case of data leakage or any other violation of the law, fines may reach 2% of the billing, with a limit of R $50 million, and may also imply the suspension of the company’s activities.
You certainly know Black Mirror, a series in which each episode tells us about the use we make of machines and the power we give them. Chatbots, virtual reality and drones are some of the topics covered in this series that make us think about our ethical values and their relationship with technology. Behind each episode, there are several messages to keep in mind, many of which are related to information security. For today’s article, we’ve selected 3 security lessons we learned from Black Mirror!
We have never been as concerned about privacy as we are today. Our privacy can be invaded at virtually any time, from data theft on Facebook or theft of bank data. Actually, there are more and more computer attacks, but it is also our responsibility. It is crucial to have good habits to keep our data safe. We have selected a few simple tips to protect the privacy of your data and present them in this article!
2019 is rapidly moving towards its end and it is time for us to anticipate trends. The area of information security has been one of the main concerns of companies, due to the high number of threats that companies face and also due to the recently legislation in Europe and Brazil. By 2020, security will continue to be a priority for companies wishing to ensure that their data remains confidential. In today’s article, we present the top security trends for 2020!
Information security in companies is an increasingly debated topic. Companies need to protect themselves to ensure their data is not lost in the event of a computer attack or natural disaster. Although there is growing concern about this topic, many companies still make mistakes that can totally compromise business continuity. In today’s article we present the 5 fatal errors for the security of any business!
Good management should be based on relevant business, process, market and stakeholder information. In order to have reliable data management, it is becoming increasingly important to use an efficient data storage system in organizations. Proper storage of data is essential for keeping it safe and confidential. The company needs to have a strategy so that the use of technological tools gives the business intelligence. In today’s article, we will see how important data storage is for business security.
In today’s era of technology, data is the most valuable asset of any organization and must be protected, otherwise it will jeopardize the whole business. The new general data protection regulation has made the importance of information protection even more evident. However, there are still many companies that do not pay enough attention to data security and are at great risk every day to see their information stolen and exposed. In today’s article, we will address the importance of information security in a digital environment.
The 6 pillars of information security are:
Today, digital security requires the attention of all employees in a company. Unfortunately, the digital revolution has greatly increased exposure to attack risks, and so no company is safe from cyber-attack that provides data loss that is essential to the proper operation of the business. And who thinks this should be a concern only of large companies is wrong: all companies are at risk if they don’t protect their information. In today’s article, we’ve selected the best practices to keep your business data safe!
Computer attacks are the order of the day. Increasingly, business data is important in day-to-day business, and IT managers are constantly looking for ways to make information more secure. Unfortunately, however careful we may be, we can never guarantee 100 percent that companies are free to suffer a computer attack. For this reason, it is essential that companies use the most appropriate tools to avoid and minimize as much as possible the occurrence of computer attacks. In this article, we’ll give you a checklist of steps you must take to see if your business is effectively protected from a computer attack!
Data security is an ever-increasing concern in business life, as data is the most important asset of a business. Today, businesses are working every day to increase the protection of their business and take increasingly effective measures to counter the threats that may arise in the digital world. A security flaw and the consequent exposure of sensitive data can seriously compromise a company’s survival, so companies should not (and especially can not) overlook data protection. In today’s article we leave you some safety precautions that every business should have!