PRIVACY AND DATA PROTECTION - FROM EUROPE TO BRAZIL
Keywords:
GDRP - LGDP - Data Protection - PrivacyAbstract
The European General Data Protection Regulation (“GDPR”) has entered into force in May 2018. It is the result of many years of debate on how to update privacy and data protection normative within the States members if the union. The discussion that lead to its adoption has served as a platform for legislation reform across the globe. Brazil was not immune to it. This papers uses comparative side-by-side analysis to understand how similar or dissimilar the recently approved General Data Protection Law (Lei Geral de Proteção de Dados Pessoais - “LGDP”) is to its European counterpart. Systematically the paper is divided in two parts: one exposing the GDPR and another underscoring it to the LGDP. The six main axes used are: a) criteria in order to lawfully collect and process data; b) its major principles; c) obligations for the companies of having privacy by design and by default; d) data protection authorities; e) possible sanctions for breaches; and f) extraterritoriality of their application. It concludes that the Brazilian regulation has only minor differences from its system across the Atlantic and may even be said to be a “GDPR à la Brasileira”.
References
DE HERT, P., & PAPAKONSTANTINOU, V. The proposed data protection Regulation replacing Directive 95/46/EC: A sound system for the protection of individuals. In.: Computer Law & Security Review , 28, 130-142, 2012.
CARSON, Angelique. Consent Is King in Latin America: Navigating the Eight Existing DPAs with a Look to the Future. Available at: https://iapp.org/news/a/2013-06-03-consent-is-king-in-latin-america-navigating-the-eight-existing/
FOLSOM, Ralph H., LAKE Ralph B., NANDA, Ved P. European Union Law After Maastricht: A Practical Guide For Lawyers Outside the Common Market. The Hague: Kluwer. 2012, p. 5.
EDWARDS, Lilian, VEALE, Michael. Slave to the algorithm? Why a 'right to an explanation' is probably not the remedy you are looking for. 16 Duke L. & Tech. Rev. 18. December 4, 2017. P. 32.
POST, Robert C. Data privacy and dignitary privacy: Google Spain, the right to be forgotten, and the construction of the public sphere. 67 Duke Law Journal. February 2018.
SCHWARTZ, Paul M., PEIFER, Karl-Nikolaus. Transatlantic Data Privacy Law. 106 Geo. L.Journal. November 2017.
PETERSEN, Kyle. GDPR: What (and why) you need to know about EU data protection law. 31 Utah Bar Journal. July/August, 2018.
DWARDS, Lilian, VEALE, Michael. Slave to the algorithm? why a 'right to an explanation' is probably not the remedy you are looking for. 16 Duke L. & Tech. Rev. 18. December 4, 2017. P. 23.
VOSS, W. Gregory. Internal Compliance Mechanisms for Firms in the EU General Data Protection Regulation. 50 R.J.T. 783, 2016.
FACCIPONTI, Joseph P., MCGRAIL, Katherine. GDPR Is Here — What If You Didn't Prepare? Law 360. May 24, 2018.
FRANCKE, Glory. Time To Update Your Privacy Statement For GDPR. Law 360, September 26, 2017.
SLOAN, R. H. and WARNER R. Beyond Notice and Choice: Privacy, Norms, and Consent. In.: Suffolk University Journal of High Technology Law, No.: 2013-16, 12 Apr 2013. Available at SSRN: https://ssrn.com/abstract=2239099.
ARRUDA, D. S. and FRANCO, P. Nova lei do cadastro positivo beneficia consumidor?Porque nem tudo que reluz é ouro. In.: Jota, January 12, 2018. Available at: https://www.jota.info/opiniao-e-analise/artigos/nova-lei-do-cadastro-positivo-beneficia-consumidor-12012018.
SOLOVE, D. and HARTZOG, W. The FTC and the New Common Law of Privacy. In.: Columbia Law Review, vol. 114, 2014, 583.
MAYER-SCHÖNBERGER, V. Delete: The Virtues of Forgetting in the Digital Age. Princeton, 2011.
BIONI, B.; OLIVEIRA GOMES, M. C. and MONTEIRO, R. L. GDPR matchup: Brazil's General Data Protection Law. IAPP, October 4, 2018. Available at: https://iapp.org/news/a/gdpr-matchup-brazils-general-data-protection-law/.
GELLERT, R. Data protection: a risk regulation? Between the risk management of everything and the precautionary alternative. International Data Privacy Law , 5, 3-20, 2015;
SPINA, A. A Regulatory Mariage de Figaro: risk regulation, data protection, and data ethics. European Journal of Risk Regulation , 8, 88-94, 2017.
ZANNATA, R. Proteção de Dados Pessoais como Regulação de Risco: uma nova moldura teórica? In.: Artigos Selecionados Rede de Pesquisa em Governança da Internet, 2017. Available at: https://www.researchgate.net/publication/322804864_Protecao_de_dados_pessoais_como_regulacao_do_risco_uma_nova_moldura_teorica
Artigo 19. Proteção de dados pessoais no Brasil. Análise dos projetos de lei em tramitação no Congresso Nacional. November, 2016. Available at: http://artigo19.org/wp-content/blogs.dir/24/files/2017/01/Prote%C3%A7%C3%A3o-de-Dados-Pessoais-no-Brasil-ARTIGO-19.pdf
Internet Lab. O que está em jogo no debate sobre proteção de dados pessoais no Brasil? 2016. Available at: http://www.internetlab.org.br/wp-content/uploads/2016/05/reporta_apl_dados_pessoais_final.pdf.
Downloads
Published
How to Cite
Issue
Section
License
Panorama of Brazilian Law employs Open Journal Access policies.
Authors are fully and exclusively responsible for their submissions.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License that allows others to share the work on a non-comercial basis with an acknowledgement of the work's authorship and initial publication in this journal and indicating if any changes were made. If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.