On November 7, we discussed the challenges that Brazil faces regarding the regulation of personal data. The issue depends on how lawmakers will define what “personal data” actually means. Brazil’s existent legal framework and the bills around the use of personal data in the country have created data categories that help clarify what “sensitive personal data” is – and the implications it has on people’s lives.
The normative pyramid of how to classify data is formed in the following way:
On its base, we have a category simply called “information,” as defined in the 2011 Access to Information Act. That refers to data, processed or not, that can be used to produce and diffuse knowledge in any way. In other words, it refers to all data produced either in an automatized way or through human action. Examples range from a simple text file to a medical chart.
The next category is “personal data.” This concept is described in a 2016 presidential decree that created the Civil Rights Framework for the Internet. Based on a European directive, the Brazilian concept defines personal data as any data related to identified (or identifiable) persons – including ID numbers or electronic IDs, when they are related to a person. The concept is similar to a definition established in a bill (number 5,276/2016) that...
The São Paulo City Council on Thursday approved legislation authorizing Brazil’s largest city to sign…
The proposal is the first step in a long legislative process. The ground rules are…
In 2000, Formula 1 great Michael Schumacher had just racked up his 41st race win,…
Overall, the worldwide economic outlook has improved according to the Organization for Economic Co-operation and…
“This is f***ing corruption, it has to change,” protested an irate John Textor, owner of…
Eduardo Leite, governor of the southern Brazilian state of Rio Grande do Sul, on Wednesday…