Privacy, data protection and the European Community's experience with GDPR from the perspective of a team of international experts formed by Tony DeBos, Partner and Global Leader of Privacy and Data Protection at EY; Corinna Schulze, Director of EU Government Relations and Global Corporate Affairs at SAP; and Christina Montgomery, Vice President and Global Privacy Leader at IBM. The experts presented themselves at ABES SOFTWARE CONFERENCE 2019, held in São Paulo on October 14th. Thomaz Côrte Real, partner at MA SANTOS, CÔRTE REAL E ASSOCIADOS and legal advisor to ABES, was the panel's mediator.
Tony DeBos (EY) pointed out that data protection requires companies to continuously monitor and improve risk management. He also highlighted the importance of “ethics in the treatment and use of data, as it is still possible to do a lot and still comply with the law”. Each organization must define and be aware of what is acceptable or not acceptable as part of their data policies, knowing the legal implications of their decisions.
He explained that other companies and the press can test organizations to see if the processes determined by the legal framework are working properly, that is, it cannot be neglected, as everyone is keeping an eye on the good practices required and ready to disclose a non-compliance. conformity.
Corinna Schulze (SAP) warned that “data protection is not about protecting information, but the people who are after that data”, hence the importance of an approach based on consent and anonymization of data, whenever possible. She informed that in 2020 a review of the GDPR is planned and updates are expected in the processes involving the international transfer of data. In his opinion, “there is a lot of room in the legislation to improve privacy protection and be lighter on some requirements”, in order to ensure a balance between GDPR and new technologies.
For her part, Christina Montgomery (IBM) said that changes were made to the company's organizational structure due to the GDPR in order to adapt operations in dozens of countries around the world to the new requirements. She stressed that at IBM data protection is not just a matter of law, but of establishing a relationship of trust with customers, employees and the market, based on principles, values and transparency. In Christina's assessment, the market requires good regulatory practices in the face of cybersecurity demands. For her, the expansion of artificial intelligence will require more attention to ethical aspects, data protection and privacy in the use of technologies.
EN 
PT 
