Incident Response and Cybersecurity

Extrajudicial Action:

• Removal of illegal content from the internet, rectification, rewriting, offering a response or retraction before internet service providers, users, content platforms, and news channels;
• Reporting of illegal content, including offense to honor; improper use of name and image; fake profiles; among others;
• Preparation of notifications intended for data subjects, companies, and providers;
• Various agreements;
• Preservation of Electronic Evidence: intermediation for the execution of a Notarial Act or issuance of a content certificate via blockchain technology.

Adoption of the main incident response measures:

1. Creation of the Incident Response Committee.

2. Documentation of all processes adopted to respond to the incident.

3. Identification of technical issues related to the incident.

4. Identification and delimitation of the type of data breach.

5. Verification of the need to communicate to the ANPD and affected data subjects, in case of exposure of personal data.

6. Communication to other regulatory bodies, authorities, and stakeholders.

7. Preparation of the communication book.

8. Notification to the personal data controller, if operator.

9. Activation of Cyber Insurance (if applicable) and subsequent regulation of the claim.

Administrative Action: request for granting authenticity seals.

Specialized criminal action: presentation of requests to initiate police investigations, monitoring of investigative procedures, promotion, conduction, and monitoring of criminal actions, etc.

Legal Action (civil, criminal, and labor):

• Identification and accountability of perpetrators of cybercrimes and fraud;
• Inhibitory and compensation claims in relation to the improper use of name and image; unauthorized use and violation of intellectual property (trademarks, copyrights, patents); unauthorized access to social media accounts and emails; abuse of the right to freedom of expression and of the press and the manifestation of thought; and unfair competition;
• Inhibitory and compensation claims for copying and violating other software protection rights;
• Actions necessary for the production of evidence, including search and seizure for cases of cloning electronic devices and forensic expertise.

Legal advice in incidents: treatment of the diversion of documents, data, and business information by employees and third parties in an unauthorized manner.

Legal monitoring of technical assistants and forensic experts: assistance in cases of cloning electronic equipment and preservation of the authenticity and integrity of the evidence.

Crisis management: legal support in the management of crises arising from security incidents, participation in crisis committees, performing a legal score of the severity of the incident, reviewing the communication strategy, acting before the competent authorities, and liaising with partners, suppliers, and data subjects impacted by the incident.

Structuring of Corporate Governance for Information Security: preparation and review of documents, such as the Code of Ethical Conduct, Information Security Policy, Policy for Home Office, Policy for Bring Your Own Device, Manual for Secure Online Meetings, Terms of Use, Employment Contract, and Contractual Clauses for contracts with suppliers, partners, and customers. 

Technological Information Security Controls: legal analysis to assess legal risks related to employee privacy.

Data Loss Prevention Alert Management: evaluation of alerts produced by DLP systems in order to assess legal impacts, optimize system configurations, and give effectiveness to Information Security Policies;

Awareness: development and curation of content for educational and awareness purposes regarding Information Security, such as lectures, booklets, videos, knowledge pills, among others.