The General Law for the Protection of Personal Data will provide citizens with greater control over their personal information. It requires, for example, explicit consent for the collection and use of data, both by the public authorities and the private sector, and obliges the offer of options for the user to view, correct and delete this data.
Despite being much debated from a legal point of view, the Law still needs further maturation in terms of technical issues, according to the executive president of ABES, Francisco Camargo. “The legal aspects are already much discussed in Brazil, now the technical aspects, especially those involving security, still need greater regulation. That's why we came to seek the collaboration of the ITI, for us, the most technical body of the government”, explained Camargo.
The director-president of the ITI, Marcelo Buz, thanked ABES for approaching and stated that the ITI has already been working to assist the Government in the implementation of the General Law for the Protection of Personal Data. “This is a topic of great relevance to us, the ITI is a body naturally focused on information security issues. ICP-Brasil, coordinated by the ITI, is an example of excellence in the process of capturing and protecting data in a safe and efficient way”, detailed Buz.
The vice president and director of Innovations at ABES, Paulo Roque, the counselor and deputy director of the Association, Rodolfo Fücher, and the chief consultant at Vector, Thales Ribeiro, also participated in the meeting. For the ITI, the director of Public Key Infrastructure, Waldeck Araújo Jr, the chief federal prosecutor, Alexandre Machado, and the special advisor to the Institute's presidency, Eduardo Lacerda, were present.
Secrecy and reliability
“ABES visited the ITI to understand how a culture of secrecy, rigorous procedures and reliability was established, essential for anyone dealing with one of the most important things in Brasil Digital, the Brazilian Public Key Infrastructure – IPC Brasil – and the protection of their cryptographic keys, which allow the issuance of digital certificates, e-CPF and e-CNPJ”, highlights Camargo, who invited the ITI to send representatives to the meetings of the Data Protection WG that ABES created to study the LGPD, not only for the purpose of legal regulation, but to understand the complex technical aspects of data security, essential to guarantee the effective privacy of citizens.
In Camargo's assessment, while the legal aspects of the new LGPD and the ANPD (National Data Protection Authority) are discussed a lot in Brazil, little is discussed about the relationship between privacy and data security, an aspect that can have profound implications for the regulation of data. law.
“The discussion moves forward to understand the technical competences that the future ANPD would have and the secrecy that will involve its activities, since it is a very important agency, whose activities will influence all companies and businesses in Brazil, from the leak of the patient register of a doctor to the hijacking of data for blackmail purposes. The degree of trust and confidentiality to which ANPD employees will be subject will be quite high”, predicts the president of ABES.
EN 
PT 
