Coronavirus crisis threatens data protection regulations in Brazil
Lobbying to postpone the implementation of the new rules gains momentum with the pandemic.
The COVID-19 crisis will likely result in the postponement of the go-live date for Brazil's general data protection regulations. According to industry observers, the pandemic is seen as a fair justification to delay the go-live date for the regulations, which are due to be enforced in August 2020.
A bill authored by congressman Carlos Bezerra presented in November 2019 had already proposed pushing the go-live date for the rules to August 15, 2022. In his proposal to delay the introduction of Brazil's GDPR, Bezerra used the slowness in setting up the National Data Protection Authority (ANPD, in the Portuguese acronym), which will be responsible for editing the data protection and privacy regulations, as a key part of the argument.
Bezerra argues that the time extension would allow the ANPD's governing body to be chosen, as well as a national campaign to be set up, which would inform the population and businesses about the importance of the new rules.
According to Brazilian privacy lawyer and member of the education advisory board at the International Association of Privacy Professionals (IAPP), Dirceu Santa Rosa, maintaining the August go-live date for the law could be a possibility, with some obligations, such as the formation of the data protection authority, being fulfilled further down the line. However, this would create additional problems:
"If the law is introduced without the ANPD, that role would be played by the prosecutor's office at a state and federal level, as well as consumer rights bodies, which would weaken the original function of the data protection authority", he points out.
Source ZDnet: https://www.zdnet.com/article/coronavirus-crisis-threatens-data-protection-regulations-in-brazil