General Law on Protection of Personal Data – LGPD

ORIGINAL ARTICLE 

Machado, Daniel Dias ^[1]

Machado, Daniel Dias ^[1]. General Law on Protection of Personal Data – LGPD. Revista Científica Multidisciplinar Núcleo do Conhecimento. Year 06, Ed. 04, Vol. 08, pp. 93 – 98. April 2021. ISSN: 2448-0959, Access link: https://www.nucleodoconhecimento.com.br/law/law-on-protection

ABSTRACT

Given that the validity of the General Data Protection Law, in 2020, limited the circulation of personal information of individuals, causing a negative impact on existing mechanisms for the Prevention of Money Laundering, this article aims to deal with the new Law on the protection of personal data, which aims to protect the personal data of individuals and legal entities , in order to find out if there will be difficulties to be faced by the mechanisms of prevention of money laundering in the face of the adequacies required by the General Data Protection Law. This research is relevant in order to measure the practical consequences that will result from this greater protection of personal data, such as legal certainty. This is because in practice it means a great advance, not only within the legal and legal system, but also within the social system that covers the citizen. Thus, this is a bibliographical research that found the existence of efficient data protection mechanisms and the possibility of further expansion of them in the coming years.

Keywords: Data protection, Law on the protection of personal data, Law 13.709/2018.

1. INTRODUCTION

The present work aims at the study of the General Law on The Protection of Personal Data (LGDP), published in the Official Gazette on 08/14/2018 and which will enter into force after the 24-month period of vacatio legis. This study will examine whether the aforementioned law will serve as greater protection of consumer rights or act as a way to limit the mechanisms to combat money laundering and terrorist financing.

This law was being cut over time between its creation and its approval and voting, gaining quite different contours of the initial bill on which it was based. These changes were the subject of numerous criticisms and debates, and the eve of its entry into force, Law 13.709/2018 still raises doubts and concerns.Even the General Data Protection Law launched by the European Union in 2018 served as inspiration only in parts of the new Brazilian law.

2. THEORETICAL REFERENCE

2.1 BRAZILIAN GENERAL LAW ON THE PROTECTION OF PERSONAL DATA

Humanity has never in its history gone through a period of as many innovations and growth as the present. Phenomena such as globalization, the technological revolution and the invention of the Internet have made the planet take a quantum leap in relation to modernity. In the wake of such phenomena, there was a consequent decrease in privacy and increased abuses such as access to private data of citizens, without order and authorization of these.

This expansion of information and easy access to private data of third parties, on the other hand, raised the need for mechanisms that would curb any kind of abuse or excess in the use of private and personal data of third parties. From the need for mechanisms that would curb the excesses and abuses in this sense was initially born the Law of the Civil Framework of the Internet, and in recent moment the Law of Protection of Personal Data, all in order to bring greater protection to Brazilian citizens and their personal data.

In this sense,

In 2014, the Internet Civil Framework entered into force in Brazil, establishing principles, guarantees, rights and duties for the use of the Internet in the country. It was a way of recognizing and regulating new legal-virtual relationships, due to the existence of numerous users and providers, as well as companies working online, given that much of it was not adapted to the new digital reality. The MCI deals with online crimes (cyber crimes) and net neutrality, establishing rights and guarantees for freedom of expression, and, despite taking care of privacy, ended up leaving a gap on the processing of personal data, because due attention was not given to its use, destination, marketing, etc. (SOUZA, 2018).

The law known as the General Data Protection Law (LGPD), Law No. 13,709 of August 14, 2018, defines how the processing of personal data should be done by a natural or legal person, also covering digital media, in order to protect the fundamental rights of freedom and privacy of individuals, providing greater security to the general public.

This protection should be performed in order to ensure that all information collected is authorized by the user (this user must be aware of what information was collected and for what purpose it will be used). ​

The definition of personal data came in the General Law for the Protection of Personal Data, which in its article 5 and items brings what can be defined as personal data and its various hypotheses, not only in the simple definition of personal data but also the definition of sensitive personal data, and anonymized data.

Personal data, according to the General Law on The Protection of Personal Data, may still be sensitive, that is, those that by their intimate and subjective characteristics gain greater protection of the State, and anonymized, that is, those that it is not possible to identify the holder.

2.1.1 BEGINNINGS AND FEATURES OF LGPD

When the LGPD, or Law No. 13,709 of 2018 was enacted, it was instituted with the aim of giving greater regulation with regard to the handling of personal data, and in this sense, it was the first law to deal with the matter. The law brought with it, important devices in the fight for greater legal rigor, also brought the obligation to have greater transparency and protection within cyber practices that involve not only the user, but the consumer (PIOVESAN, 2018).

According to Lemos (2018) some of the main terms defined by the Law in article 5 are:

• Personal Data: Any data related to a natural person directly identified or identifiable.
• Sensitive Personal Data: genetic, biometric, health, life and sexual orientation data, racial or ethnic origin; political, trade union, philosophical or religious conviction.
• Data Processing: Any operation that can be performed on the data. E.g. collection, storage, use, transmission, modification, disposal.

One of the main characteristics that the general data protection law has is to be based on the dictates of the General Data Protection Regulation of the European Union – RGPD38, which repealed the Data Protection Directive, as will be best worked out in the course of the work. However, it is important to note that this similarity means a kind of legislative advance, in order to promote practices involving the protection of data collected and stored by European companies (CAMPOS, 2019).

This served as an example for the world, and in the case of the GDPR, this demonstrates its extraterritorial character. For this law, it was inaugurated at the time of its inauguration, because its elaboration was made in order to correct the cybernetic right, based on its most detonating characteristic of the other: its dematerialization of borders in relation to the scope of the standard (DE LUCCA et al, 2015).

2.2.RIGHTS AND PRINCIPLES INHERENT IN DATA PROTECTION

According to Lovato (2015), fundamental rights mean the rights of the human being recognized and positive in the constitutional sphere of a given State. In other words, fundamental rights are those provided for and constitutionally protected, and in other countries they are also positive by their Constitution of the Republic.

The author Silva (2012) argues that fundamental rights are defined as the set of rights and guarantees of the human being institutionalization, whose main purpose is respect for their dignity, with protection of state power and the guarantee of the minimum conditions of life and development of the human being, that is, it aims to guarantee the human being, respect for life, freedom , equality and dignity, for the full development of his personality.

With regard to the principles that govern the Brazilian order, they are of vital importance, because it is in them that all the validity requirements are based and it is through them that the right comes to express itself in the way it should be, serving its purpose of justice in all senses and at all levels, constituting the principles on the basis of all legal systems , underpantiating the national right.

The principles of fundamental rights are, in this conception, expression of the possible legal-institutional arrangement in the Social and Democratic State of contemporary law. The constitutionalism that legitimizes this State is, by definition, complex and open to the different conceptions of quality of teaching that seek to achieve hegemony in society. For this reason, as Alexy (2008) predicts, the answer to what should be the content of a particular fundamental right will always include the values of those who solve the issue. This is the reason why the author defends the necessary complementarity between normative and analytical approaches, since the latter allows those who study a certain right to establish the bases from which they construct their argumentation. This means that, from a normative point of view, it is not only possible but also necessary to answer rationally the question about the content of the constitutional principle inscribed in item VII of Art. 206 (XIMENES, 2014, p. 1030).

The principles of data protection are of immense relevance within the newly created legislation for the protection and processing of personal data, so much so that they receive protection through their own standards. For the collection and processing of personal data, companies and organisations must observe and respect the principles inherent in such activities.

The principles governing data protection are contained in Article 6 of Law 13.709/2018 or General Law for the Protection of Personal Data, which exhaustively brings the list of principles that govern the processing of data and that must be observed and respected by companies and organizations that perform data processing, under penalty of accountability and application of penalties including financial.

3. CONCLUSION

Currently, with the LGPD in Brazil, data processing is done autonomously within the legislation, this was observed first in the European wave of damage, and can be clearly visualized in Brazilian legislation on the subject. A general data protection law has been consolidated as the most efficient way to curb data tampering and misdestination.

In the context of Brazil, some laws are important for this protection, such as the Consumer Protection Code, together with the Internet Civil Framework and the Magna Carta of 1988, which protects fundamental rights and guarantees, including the right to privacy.

The conclusion that is reached is that the Brazilian Law, despite presenting its deficiencies follows the worldwide pace of protection, and has had efficient mechanisms in this prohibition data breach. Thus, it is possible that protection will be expanded in the coming years, which would correspond to greater protection of the State to Fundamental Rights and Guarantees.

BIBLIOGRAPHIC REFERENCES

BRASIL. Constituição da República Federativa de Brasil, de 5 de outubro de 1988. Diário Oficial da União, Brasília, DF, Outubro de 1988.

___________. Lei Geral de Proteção a Dados Pessoais. Disponível em http://www.planalto.gov.br/ccivil_03/_Ato2015-2018/2018/Lei/L13709.htm. Acesso em 22 fev. 2021.

___________. Lei n° 12.965 de 23 de Abril de 2014. Estabelece princípios, garantias e direitos e deveres para o uso da internet do Brasil. Diário Oficial da União. Disponível em < http://www.planalto.gov.br/ccivil_03/_ato2011-2014/2014/lei/l12965.htm > Acesso em 22 fev. 2021.

DE LUCCA, Newton; SIMÃO FILHO, Adalberto; PEREIRA DE LIMA, Cíntia Rosa. Direito e Internet III: Marco Civil da Internet. São Paulo: Quartier Latin, 2015.

DONEDA, Danilo. Da Privacidade à Proteção de Dados Pessoais. Rio de Janeiro: Renovar, 2006.

LEMOS, R.; ADAMI, M.P.; SUNDFELD, P. Proteção de dados na Administração Pública. Jota. 14 de maio de 2018.

LOVATO, Ana Carolina. Direitos fundamentais e direitos humanos – Singularidades e diferenças. 2015.

PIOVESAN, Eduardo. Câmara aprova projeto que disciplina tratamento de dados pessoais. Disponível em: <http://www2.camara.leg.br/camaranoticias/noticias/POLITICA/558252-CAMARA-APROVA-PROJETO-QUE-DISCIPLINA-TRATAMENTO-DE-DADOS-PESSOAIS.html>. Acesso em: 22 fev. 2021.

SILVA, Keila Brito. Direito à saúde e integralidade: uma discussão sobre os desafios e caminhos para sua efetivação. 2012.

SOUZA, Thiago Vieira de, A proteção de dados pessoais como direito fundamental e a [in]civilidade do uso de cookies. 2018.

XIMENES, Salomão Barros. O Conteúdo Jurídico do Princípio Constitucional da Garantia de Padrão de Qualidade do Ensino: uma contribuição desde a teoria dos direitos fundamentais. Educ. Soc., Campinas , v. 35, n. 129, p. 1027-1051, Dec. 2014.

^[1] Bachelor in Psychology with a focus on Clinical and Hospital Psychology, from the Faculdade de Administração, Ciências, Education and Letters, Bachelor in Biological Sciences (Medical Modality) graduated from the Instituto de Ensino Superior de Minas Gerais, Bachelor in Biomedicine from the Centro Universitário ETEP. Postgraduate degree in Aesthetic Biomedicine held at the Faculdade de Tecnologia e Ciência do Alto Paranaíba, Master’s student in Orofacial Harmonization in progress at Faculdade São Leopoldo Mandic.

Posted: March 2021.

Approved: April 2021.