Privacy & Information Security Law Blog

As part of its ongoing Brazil outreach initiative, a delegation of the Centre for Information Policy Leadership at Hunton & Williams (“CIPL”) is in Brasilia and Rio de Janeiro the week of March 23, 2015. The delegation will meet with Brazilian government representatives, organizations and experts to discuss global privacy law and best practice developments and other issues of mutual interest, as well as a joint global privacy dialogue workshop in Brazil planned for later this year.

Specifically, CIPL President Bojana Bellamy and several CIPL members will discuss with potential local partners the venue, timing and agenda for the planned global privacy dialogue workshop. Further, in anticipation of the meetings, CIPL has prepared “Preliminary Comments” on the draft Brazilian privacy law that was issued for public consultation at the end of January 2014. The delegation will discuss these comments with Brazilian counterpart organizations, private sector representatives and policymakers. Upon return, CIPL plans to finalize its comments and to formally submit them at the end of April when the consultation period ends.

The Preliminary Comments focus on several key issues in the draft law that are particularly relevant to CIPL’s work and consistent with global privacy trends, including those focused on using organizational accountability and privacy risk management to enable responsible uses of data and facilitate global data flows in the modern information age. Key issues covered in the comments are:

• the draft law’s jurisdictional scope;
• the controller/processor distinction;
• the status of anonymized data;
• principles of processing;
• purpose specifications and “compatibility” of uses;
• consent and its alternatives and exceptions;
• cross-border transfer mechanisms;
• data transferred to Brazil for processing;
• good practices;
• the time frame for effectiveness of the law; and
• the competent authority.

At the global privacy dialogue workshop in Brazil later this year, CIPL hopes to bring together international privacy experts from the private sector, academia and regulatory authorities with their Brazilian counterparts and government officials to discuss the draft Brazilian privacy law and exchange views on other key issues of global concern relating to modern information use and management.