The Economic Affairs Commission (CAE) approved this Tuesday (3) a favorable opinion on the PLC 53/2018, by Deputy Milton Monti (PR-SP), which regulates the processing of personal data in Brazil, both by the public authorities and the private sector. The report was prepared by Senator Ricardo Ferraço (PSDB-ES), who made changes to the text approved by the Chamber. The proposal now goes to the Plenary on an emergency basis.
Ferraço rejected three other propositions originating in the Senate that were being processed together: PLS 131/2014, PLS 181/2014 and PLS 330/2013. “It was a debate held concurrently in the House and Senate. Throughout this process, we dialogued a lot and the texts came together. The Chamber was quicker and approved this proposal, which I consider very reasonable. The proposal voted on in the Chamber was very close to what we wanted here, so our amendments are just to improve the legislative technique”, he explained.
uncensored
The senator again denied that the project brings any kind of censorship. According to him, it is just a set of norms, limits and consequences for companies or people who insist on continuing to think that the internet is a world without rules, where anything goes.
“We seek to create balanced rules to work on privacy protection, but not to impede technological innovation”, explained Ferraço, who also recalled Brazil's delay in this area.
In the debate phase, there was support from all the senators present, who considered it important for Brazil to join other countries in the world that have already approved their rules on the subject.
“The project's merit is to balance individual guarantees with the concern of not hindering the economic dynamism of a country that must have a propensity for innovation. There is no way to fail to recognize the strategic importance of the approval”, opined Armando Monteiro (PTB-PE).
Beyond social networks
The rapporteur argued that for most people, the protection of personal data is seen in a very simplified way, as if it were just mere exposure on social networks or on the internet in general. However, the issue goes much further: "We may not be aware, but everything we do is collected and stored in ever-larger databases: when we wake up, we use our cell phone or tablet for everyday activities, such as checking messages, reading news on the internet, check the weather and check the traffic level to the place of work or the children's school. When we leave the house, cell phone towers record our itinerary. Programs installed in our cars, telephones or computers record our habits, tastes and preferences. Everything is measurable in data, which can reveal who we are", Ferraço recalled in his report.
The senator gave an example of how this information can impact business decisions in the commercial relationship with consumers. This is the case of the offer of airline tickets based on the geographical location of the citizen, a practice known as geopricing (geographic pricing). Recently, according to him, a large Argentine tourism company was fined for the abusive practice of such an expedient.
"This is a case in which the personal data processed ended up harming the holder. What can we say, then, about cases of leakage or improper access to databases maintained by companies?", he asks.
Structure
PLC 53/2018 has 65 articles, distributed in 10 Chapters. The text was heavily inspired by specific lines of the European regulation that came into force on May 25 this year, the General Data Protection Regulation (GDPR).
Hypotheses for data processing
* With the consent of the holder;
* For compliance with a legal or regulatory obligation by the controller;
* By the public administration, for the treatment and shared use of data necessary for the execution of public policies;
* To carry out studies by research body, without individualizing the person;
* For the protection of the life or physical safety of the holder or a third party;
* For the protection of health, with a procedure carried out by health professionals or health entities;
* For the performance of a contract or preliminary procedures related to a contract to which the holder is a party at his request;
* For claims in judicial, administrative or arbitration proceedings;
* For credit protection, under the Consumer Protection Code.
Coverage - Any data, such as name, address, e-mail, age, marital status and patrimonial situation, obtained on any type of support (paper, electronic, computer, sound and image, etc.).
Adhesion contracts - In the case of adhesion contracts, when the processing of personal data is a condition for the provision of a product or service, the holder must be informed about it prominently.
Sensitive data – The text brings the concept of sensitive data, which receive different treatment: on racial or ethnic origin; religious convictions; political opinions; membership of unions or organizations of a religious, philosophical or political nature; data relating to health or sex life; and genetic or biometric data when linked to a natural person.
Legal vacancy - The new rules will only come into force after a year and a half of the publication of the law for bodies, companies and entities to adapt.
National Data Protection Authority (ANPD) – The project provides for the creation of a special autarchy linked to the Ministry of Justice with the mission of ensuring data protection, inspecting and applying sanctions, among other attributions.
Administrative sanctions - Anyone who violates the new law is subject to a warning, simple fine, daily fine, partial or total suspension of operations, in addition to other sanctions.
Civil responsability - The person in charge who, due to the exercise of data processing activity, causes property, moral, individual or collective damage, is obliged to repair. The judge, in civil proceedings, may invert the burden of proof in favor of the data subject when, in his opinion, the allegation is credible, there is insufficient evidence for the production of evidence or when the production of evidence by the data subject results in excessive onerous.
Source: Agência Senado
EN 
PT 
