On Thursday, Brazil’s National Data Protection Authority (ANPD) issued its first fine against a company for failing to comply with the country’s data protection law. The move, against Telekall Infoservice, a small telecommunications company, comes almost three years after the law went into effect in September 2020.
According to information previously disclosed by the ANPD, an investigation was launched in March last year because Telekall Infoservice did not have a data protection officer or the consent of the people whose data the company obtained.
During the investigation, the company failed to comply with multiple requests from the agency to correct its practices. Two fines were imposed, totaling BRL 14,400 (less than USD 3,000).
Due to the small size of the case, it remains to be seen whether this fine is a tone-setter from the ANPD — and whether it will go after big tech companies. But the agency is working to make regulations stick.
Back in February, the ANPD released its framework of penalties for companies and government agencies that fail to protect the data they handle. Violations will be dealt with according to the severity and nature of a data breach, not to mention the various consumer rights that may be breached in the process.
Guilherme Guimarães, chief counsel at consulting firm Datalege, told The Brazilian Report at the time that the move “gives the regulatory agency muscle” and lays the groundwork for companies to be punished.
In late May, the agency released a list of 27 companies and public entities under investigation for possible violations of data protection laws. The list includes Bytedance, the parent company of TikTok, Telegram, WhatsApp, and the Justice Ministry.
Instagram could soon be on the list as well. Privacy experts say Threads, an app recently launched to compete with Twitter, violates Brazilian data protection laws by making account creation contingent on consenting to hand over large amounts of information (including but not limited to financial information, sensitive health data, and “confidential information,” as the app’s terms and conditions state).
Search
