IMPLEMENTAÇÃO DA LEI GERAL DE PROTEÇÃO DE DADOS (LGPD) NO BRASIL: CONSIDERAÇÕES TECNOLÓGICAS

This article specifies the definition of the current General Law on Protection of Personal Data (LGPD) and the Law that served as inspiration, a General Regulation on Data Protection (GDPR). The purpose of the text is to demonstrate the relevance of these legislative devices to the lives of citizens today, when everything revolves around digital information. Methodologically, a literature review on the topic, present in physical and digital collections, is combined with a case study. As a result of the study, we saw that some technological considerations about the implementation of systems and their adequacy to the new Law, exemplify the ways of effectively applying the security of personal data.

Download Full-text

Data protection by design: Organizational integration

Harvard Deusto Business Research ◽

10.3926/hdbr.179 ◽

2018 ◽

Vol 7 (2) ◽

pp. 60

Author(s):

Santiago Martín-Romo Romero ◽

Carmen De-Pablos-Heredero

Keyword(s):

European Union ◽

Data Protection ◽

Personal Data ◽

The European Union ◽

Organizational Integration ◽

Definition Of ◽

Technical And Organizational Measures ◽

General Regulation

Firms perform the processing of physical personal data and are obliged to protect them according to the Acts. In the European Union, the General Regulation for Data Protection (GDPR) obliges firms to be proactive in the protection of the personal data they process, through data protection from the design. In this research, a group of technical and organizational measures to include in processing, under the focus of data protection from the design is determined from the definition of the processes in which data are processed. These activities, realized by making use of different firm’s profiles, promote the need to develop a proper organizational integration amongst participants. The activities done by different profiles at firms promote the need to develop an organizational integration amongst participants, activities performed by different agents, results interchanged and common products used.

Download Full-text

A LEI GERAL DE PROTEÇÃO DE DADOS COMO INSTRUMENTO DE CONCRETIZAÇÃO DA AUTONOMIA PRIVADA EM UM MUNDO CADA VEZ MAIS TECNOLÓGICO

Revista Juridica ◽

10.21902/revistajur.2316-753x.v3i56.3581 ◽

2019 ◽

Vol 3 (56) ◽

pp. 354

Author(s):

Lucas Gonçalves SILVA ◽

Bricio Luis da Anunciação MELO

Keyword(s):

Literature Review ◽

Data Protection ◽

Personal Information ◽

Human Person ◽

Personal Data ◽

Self Determination ◽

General Law ◽

Private Autonomy ◽

The Individual ◽

Technological World

RESUMONo mundo tecnológico, informações pessoais encontram-se dispersas em diversos bancos de dados. A privacidade passou a ser concebida como direito fundamental à autodeterminação informativa, deferindo-se ao indivíduo o controle de seus dados pessoais. Os bancos de dados vulneram a dignidade dos indivíduos, uma vez que há a sua completa exposição e é possível criar um perfil com base em informações que antes permaneciam dispersas. Com base na autonomia privada, a Lei Geral de Proteção de Dados passou a condicionar à anuência do titular a utilização de dados pessoais. Far-se-á uso da técnica de revisão de literatura sobre proteção de dados.PALAVRAS-CHAVE: Autonomia privada; Autodeterminação informativa; Privacidade; Bancos de Dados; Dignidade da pessoa humana.ABSTRACTIn the technological world, personal information is scattered across multiple databases. Privacy was conceived as a fundamental right to informational self-determination, allowing the individual to control their personal data. Databases violate the dignity of individuals, since there is complete exposure and it is possible to create a profile based on information that previously remained scattered. Based on the private autonomy, the General Law of Data Protection became conditioned to the consent of the holder the use of personal data.The literature review technique on data protection will be used.KEYWORDS: Private autonomy; Informative self-determination; Privacy; Databases; Dignity of human person.

Download Full-text

Importance of Personal Data Protection Law for Commercial Air Transport

Transactions on Aerospace Research ◽

10.2478/tar-2017-0004 ◽

2017 ◽

Vol 2017 (1) ◽

pp. 35-44

Author(s):

Dawid Zadura

Keyword(s):

Data Protection ◽

Public Information ◽

Personal Data ◽

Air Transport ◽

Civil Aviation ◽

Aviation Industry ◽

Personal Data Protection ◽

It Systems ◽

Data Protection Law ◽

The Law

Abstract In the review below the author presents a general overview of the selected contemporary legal issues related to the present growth of the aviation industry and the development of aviation technologies. The review is focused on the questions at the intersection of aviation law and personal data protection law. Massive processing of passenger data (Passenger Name Record, PNR) in IT systems is a daily activity for the contemporary aviation industry. Simultaneously, since the mid- 1990s we can observe the rapid growth of personal data protection law as a very new branch of the law. The importance of this new branch of the law for the aviation industry is however still questionable and unclear. This article includes the summary of the author’s own research conducted between 2011 and 2017, in particular his audits in LOT Polish Airlines (June 2011-April 2013) and Lublin Airport (July - September 2013) and the author’s analyses of public information shared by International Civil Aviation Organization (ICAO), International Air Transport Association (IATA), Association of European Airlines (AEA), Civil Aviation Authority (ULC) and (GIODO). The purpose of the author’s research was to determine the applicability of the implementation of technical and organizational measures established by personal data protection law in aviation industry entities.

Download Full-text

Love in the time of Covid-19: a case-study of the complex laws governing weddings

Legal Studies ◽

10.1017/lst.2021.17 ◽

2021 ◽

pp. 1-17

Author(s):

Rebecca Probert ◽

Stephanie Pywell

Keyword(s):

First Century ◽

Marriage Law ◽

England And Wales ◽

General Law ◽

The Social ◽

The Future ◽

Fit For Purpose ◽

The Law ◽

The Impact

Abstract During 2020, weddings were profoundly affected by the Covid-19 pandemic. During periods of lockdown few weddings could take place, and even afterwards restrictions on how they could be celebrated remained. To investigate the impact of such restrictions, we carried out a survey of those whose plans to marry in England and Wales had been affected by Covid-19. The 1,449 responses we received illustrated that the ease and speed with which couples had been able to marry, and sometimes whether they had been able to marry at all, had depended not merely on the national restrictions in place but on their chosen route into marriage. This highlights the complexity and antiquity of marriage law and reinforces the need for reform. The restrictions on weddings taking place also revealed the extent to which couples valued getting married as opposed to having a wedding. Understanding both the social and the legal dimension of weddings is important in informing recommendations as to how the law should be changed in the future, not merely to deal with similar crises but also to ensure that the general law is fit for purpose in the twenty-first century.

Download Full-text

Regulatory Challenges of Data Mining Practices: The Case of the Never-ending Lifecycles of ‘Health Data’

European Journal of Health Law ◽

10.1163/15718093-12520368 ◽

2018 ◽

Vol 25 (3) ◽

pp. 284-307

Author(s):

Giovanni Comandè ◽

Giulia Schneider

Keyword(s):

Data Mining ◽

Data Protection ◽

Personal Data ◽

Health Data ◽

General Level ◽

General Data Protection Regulation ◽

The Face ◽

General Data ◽

Level Of Analysis

Abstract Health data are the most special of the ‘special categories’ of data under Art. 9 of the General Data Protection Regulation (GDPR). The same Art. 9 GDPR prohibits, with broad exceptions, the processing of ‘data concerning health’. Our thesis is that, through data mining technologies, health data have progressively undergone a process of distancing from the healthcare sphere as far as the generation, the processing and the uses are concerned. The case study aims thus to test the endurance of the ‘special category’ of health data in the face of data mining technologies and the never-ending lifecycles of health data they feed. At a more general level of analysis, the case of health data shows that data mining techniques challenge core data protection notions, such as the distinction between sensitive and non-sensitive personal data, requiring a shift in terms of systemic perspectives that the GDPR only partly addresses.

Download Full-text

The Brazilian Law on Personal Data Protection

International Journal of Network Security & Its Applications ◽

10.5121/ijnsa.2020.12602 ◽

2020 ◽

Vol 12 (6) ◽

pp. 15-25

Author(s):

Jonatas S. de Souza ◽

Jair M. Abe ◽

Luiz A. de Lima ◽

Nilson A. de Souza

Keyword(s):

Technological Change ◽

Data Protection ◽

Personal Data ◽

Major Change ◽

Personal Data Protection ◽

Brazilian Society ◽

General Law ◽

Internet Users ◽

The Subject ◽

New Challenges

Rapid technological change and globalization have created new challenges when it comes to the protection and processing of personal data. In 2018, Brazil presented a new law that has the proposal to inform how personal data should be collected and treated, to guarantee the security and integrity of the data holder. The General Law Data Protection - LGPD, was sanctioned on September 18th, 2020. Now, the citizen is the owner of his personal data, which means that he has rights over this information and can demand transparency from companies regarding its collection, storage, and use. This is a major change and, therefore, extremely important that everyone understands their role within LGPD. The purpose of this paper is to emphasize the principles of the General Law on Personal Data Protection, informing real cases of leakage of personal data and thus obtaining an understanding of the importance of gains that meet the interests of Internet users on the subject and its benefits to the entire Brazilian society.

Download Full-text

Ambiguity in Insider Trading Regulations: Saudi Arabia as a Case Study

Arab Law Quarterly ◽

10.1163/15730255-bja10054 ◽

2020 ◽

Vol 34 (4) ◽

pp. 408-427

Author(s):

Yahya A. Alomari

Keyword(s):

Saudi Arabia ◽

Insider Trading ◽

Public Information ◽

Case Law ◽

Insider Information ◽

The Law ◽

Definition Of ◽

Criminal Conduct ◽

Material Information

Abstract The Saudi legal system recognises insider trading as a crime and has established laws in order to prevent it. Yet, the complicated nature of insider trading makes it challenging to enact regulations that cover all of the aspects of the crime and clearly identify criminal conduct. This article analyses insider trading regulations in Saudi Arabia and addresses their ambiguities. This article specifies current Saudi regulations pertaining to the crimes of insider trading and disclosing material information, as well as analysing both crimes. It addresses ambiguities found in the language of the law as well as in case law. This article also criticises the definition of insider information under the law. The issue of ‘use’ versus ‘possession’ is discussed: namely, whether what is prohibited is trading on the basis of material non-public information or trading while in possession of material non-public information.

Download Full-text

Article 9 Processing of special categories of personal data

The EU General Data Protection Regulation (GDPR) ◽

10.1093/oso/9780198826491.003.0038 ◽

2020 ◽

Author(s):

Ludmila Georgieva ◽

Christopher Kuner

Keyword(s):

Decision Making ◽

Data Protection ◽

Personal Data ◽

Genetic Data ◽

Biometric Data ◽

Individual Decision Making ◽

Vital Interest ◽

Data Portability ◽

Definition Of ◽

Data Subject

Article 4(1) (Definition of personal data); Article 4(2) (Definition of processing); Article 4(11) (Definition of consent); Article 4(13) (Definition of genetic data, see also recital 34); Article 4(14) (Definition of biometric data); Article 4(15) (Definition of data concerning health, see also recital 35); Article 6(4)(c) (Lawfulness of processing, compatibility test) (see too recital 46 on vital interest); Article 13(2)(c) (Information to be provided where personal data are collected from the data subject); Article 17(1)(b), (3)(c) (Right to erasure (‘right to be forgotten’)); Article 20(1)(a) (Right to data portability); Article 22(4) (Automated individual decision-making, including profiling); Article 27(2)(a) (Representatives of controllers or processors not established in the Union); Article 30(5) (Records of processing activities); Article 35(3)(b) (Data protection impact assessment) (see too recital 91); Article 37(1)(c) (Designation of the data protection officer) (see too recital 97); Article 83(5)(a) (General conditions for imposing administrative fines).

Download Full-text

22. Data Protection and Data Exclusivity

European Intellectual Property Law ◽

10.1093/he/9780198831280.003.0022 ◽

2019 ◽

pp. 497-512

Author(s):

Justine Pila ◽

Paul L.C. Torremans

Keyword(s):

Data Protection ◽

Patent Protection ◽

Personal Data ◽

Pharmaceutical Sector ◽

Data Exclusivity ◽

The Law ◽

Data Subject

This chapter examines the law on data protection and data exclusivity. It focuses on the new GDPR Regulation. It covers rules on lawful processing of personal data, on the security of the processing, on the transparency of the processing, and on promoting compliance. It also discusses the rights of the data subject, the transfer of personal data to third countries, and the period of data exclusivity granted to the pharmaceutical sector independent of any form of patent protection.

Download Full-text

Applicable Law to Transnational Personal Data: Trends and Dynamics

German Law Journal ◽

10.1017/glj.2020.73 ◽

2020 ◽

Vol 21 (6) ◽

pp. 1283-1308

Author(s):

Jie (Jeanne) Huang

Keyword(s):

Data Protection ◽

Personal Data ◽

Chinese Media ◽

Applicable Law ◽

Personal Data Protection ◽

Regional Coordination ◽

The Law ◽

Model Law ◽

The Right ◽

The Eu

AbstractThe recent COVID-19 outbreak has pushed the tension of protecting personal data in a transnational context to an apex. Using a real case where the personal data of an international traveler was illegally released by Chinese media, this Article identifies three trends that have emerged at each stage of conflict-of-laws analysis for lex causae: (1) The EU, the US, and China characterize the right to personal data differently; (2) the spread-out unilateral applicable law approach comes from the fact that all three jurisdictions either consider the law for personal data protection as a mandatory law or adopt connecting factors leading to the law of the forum; and (3) the EU and China strongly advocate deAmericanization of substantive data protection laws. The trends and their dynamics provide valuable implications for developing the choice of laws for transnational personal data. First, this finding informs parties that jurisdiction is a predominant issue in data breach cases because courts and regulators would apply the law of the forum. Second, currently, there is no international treaty or model law on choice-of-law issues for transnational personal data. International harmonization efforts will be a long and difficult journey considering how the trends demonstrate not only the states’ irreconcilable interests but also how states may consider these interests as their fundamental values that they do not want to trade off. Therefore, for states and international organizations, a feasible priority is to achieve regional coordination or interoperation among states with similar values on personal data protection.

Download Full-text