PRIVACY AND DATA PROTECTION - FROM EUROPE TO BRAZIL

Authors

  • Christian Perrone Georgetown Law Centre - Fulbright Foundation
  • Sabrina Strassburger Bocconi University Milan

Keywords:

GDRP - LGDP - Data Protection - Privacy

Abstract

The European General Data Protection Regulation (“GDPR”) has entered into force in May 2018. It is the result of many years of debate on how to update privacy and data protection normative within the States members if the union. The discussion that lead to its adoption has served as a platform for legislation reform across the globe. Brazil was not immune to it. This papers uses comparative side-by-side analysis to understand how similar or dissimilar the recently approved General Data Protection Law (Lei Geral de Proteção de Dados Pessoais - “LGDP”) is to its European counterpart. Systematically the paper is divided in two parts: one exposing the GDPR and another underscoring it to the LGDP. The six main axes used are: a) criteria in order to lawfully collect and process data; b) its major principles; c)  obligations for the companies of having privacy by design and by default; d) data protection authorities; e) possible sanctions for breaches; and f) extraterritoriality of their application. It concludes that the Brazilian regulation has only minor differences from its system across the Atlantic and may even be said to be a “GDPR à la Brasileira”.

Author Biographies

Christian Perrone, Georgetown Law Centre - Fulbright Foundation

Ph.D Candidate and Fulbright Scholar (Georgetown Law). LL.M. Cambridge University (UK); Diploma EUI on International Human Rights. Former Secretary for the Inter-American Juridical Committee (OAS) and Human Rights Specialist at the Inter-American Commission on Human Rights. Currently Public Policy Consultant, specialized in International Law and crossborder data-protection.

Sabrina Strassburger, Bocconi University Milan

Ph.D. in Legal Studies Bocconi University Milan; Post graduate Studies - International Trade, Instituto Universitario di Studi Europei. Currently Legal Counsel for Fiat Chrysler Automobile (Italy), specialized in data protection and European cross border issues.

References

DE HERT, P., & PAPAKONSTANTINOU, V. The proposed data protection Regulation replacing Directive 95/46/EC: A sound system for the protection of individuals. In.: Computer Law & Security Review , 28, 130-142, 2012.

CARSON, Angelique. Consent Is King in Latin America: Navigating the Eight Existing DPAs with a Look to the Future. Available at: https://iapp.org/news/a/2013-06-03-consent-is-king-in-latin-america-navigating-the-eight-existing/

FOLSOM, Ralph H., LAKE Ralph B., NANDA, Ved P. European Union Law After Maastricht: A Practical Guide For Lawyers Outside the Common Market. The Hague: Kluwer. 2012, p. 5.

EDWARDS, Lilian, VEALE, Michael. Slave to the algorithm? Why a 'right to an explanation' is probably not the remedy you are looking for. 16 Duke L. & Tech. Rev. 18. December 4, 2017. P. 32.

POST, Robert C. Data privacy and dignitary privacy: Google Spain, the right to be forgotten, and the construction of the public sphere. 67 Duke Law Journal. February 2018.

SCHWARTZ, Paul M., PEIFER, Karl-Nikolaus. Transatlantic Data Privacy Law. 106 Geo. L.Journal. November 2017.

PETERSEN, Kyle. GDPR: What (and why) you need to know about EU data protection law. 31 Utah Bar Journal. July/August, 2018.

DWARDS, Lilian, VEALE, Michael. Slave to the algorithm? why a 'right to an explanation' is probably not the remedy you are looking for. 16 Duke L. & Tech. Rev. 18. December 4, 2017. P. 23.

VOSS, W. Gregory. Internal Compliance Mechanisms for Firms in the EU General Data Protection Regulation. 50 R.J.T. 783, 2016.

FACCIPONTI, Joseph P., MCGRAIL, Katherine. GDPR Is Here — What If You Didn't Prepare? Law 360. May 24, 2018.

FRANCKE, Glory. Time To Update Your Privacy Statement For GDPR. Law 360, September 26, 2017.

SLOAN, R. H. and WARNER R. Beyond Notice and Choice: Privacy, Norms, and Consent. In.: Suffolk University Journal of High Technology Law, No.: 2013-16, 12 Apr 2013. Available at SSRN: https://ssrn.com/abstract=2239099.

ARRUDA, D. S. and FRANCO, P. Nova lei do cadastro positivo beneficia consumidor?Porque nem tudo que reluz é ouro. In.: Jota, January 12, 2018. Available at: https://www.jota.info/opiniao-e-analise/artigos/nova-lei-do-cadastro-positivo-beneficia-consumidor-12012018.

SOLOVE, D. and HARTZOG, W. The FTC and the New Common Law of Privacy. In.: Columbia Law Review, vol. 114, 2014, 583.

MAYER-SCHÖNBERGER, V. Delete: The Virtues of Forgetting in the Digital Age. Princeton, 2011.

BIONI, B.; OLIVEIRA GOMES, M. C. and MONTEIRO, R. L. GDPR matchup: Brazil's General Data Protection Law. IAPP, October 4, 2018. Available at: https://iapp.org/news/a/gdpr-matchup-brazils-general-data-protection-law/.

GELLERT, R. Data protection: a risk regulation? Between the risk management of everything and the precautionary alternative. International Data Privacy Law , 5, 3-20, 2015;

SPINA, A. A Regulatory Mariage de Figaro: risk regulation, data protection, and data ethics. European Journal of Risk Regulation , 8, 88-94, 2017.

ZANNATA, R. Proteção de Dados Pessoais como Regulação de Risco: uma nova moldura teórica? In.: Artigos Selecionados Rede de Pesquisa em Governança da Internet, 2017. Available at: https://www.researchgate.net/publication/322804864_Protecao_de_dados_pessoais_como_regulacao_do_risco_uma_nova_moldura_teorica

Artigo 19. Proteção de dados pessoais no Brasil. Análise dos projetos de lei em tramitação no Congresso Nacional. November, 2016. Available at: http://artigo19.org/wp-content/blogs.dir/24/files/2017/01/Prote%C3%A7%C3%A3o-de-Dados-Pessoais-no-Brasil-ARTIGO-19.pdf

Internet Lab. O que está em jogo no debate sobre proteção de dados pessoais no Brasil? 2016. Available at: http://www.internetlab.org.br/wp-content/uploads/2016/05/reporta_apl_dados_pessoais_final.pdf.

Downloads

Published

2019-09-09

How to Cite

Perrone, C., & Strassburger, S. (2019). PRIVACY AND DATA PROTECTION - FROM EUROPE TO BRAZIL. PANORAMA OF BRAZILIAN LAW, 6(9-10), 82–100. Retrieved from https://www.e-publicacoes.uerj.br/pbl/article/view/38253