To debate privacy and data protection is a global and multisectoral endeavor. Today it is no longer possible to think of an adequate regulation of what are perhaps two of the most important fundamental rights of this century without considering the relevance and contribution of different legal systems and their perspectives, as well as the role of public and private actors directly involved in such debate.
In other words, certain issues concerning the right to privacy and to the protection of personal data demand discussions that go beyond the (already quite frayed) borders of nation-states, mobilizing stakeholders from different origins, but just as relevant. Public agents, such as regulatory authorities and politicians, the legal community, experts and academics from distinct areas, civil society organizations, CEOs, entrepreneurs. They are all actors who, despite their particularities, can and should contribute in an equitable way to the construction of an adequate protection regime for these rights.
To speak of the need for cooperation seems obvious when we think, for example, of issues related to the international transfer of personal data, or data sovereignty. Especially with the growing popularity of cloud computing, data sovereignty has become an important legal issue not only for governments, but also for companies and businesses, regardless of their size. As we increasingly rely on data processing operations that are not restricted to the territory of a single country, establishing an adequate framework for protecting the rights of data subjects while fostering innovation and development is no easy task.
Beyond these areas, being open to what is happening in the world in different sectors brings several opportunities for learning and growth, both from a regulatory and technological development perspective. Such is the case with the artificial intelligence (AI) regulation initiatives that have been emerging around the globe. In the European Union, the European Commission (EC) published the long-awaited “Proposal for a Regulation establishing harmonized rules on artificial intelligence“, known as the AI Act, in 2021. In the United States, general bills or resolutions on artificial intelligence have been introduced in at least 17 states in 2021 alone, and enacted in states such as Alabama, Colorado, Illinois, and Mississippi. In Brazil, Bill 21/20 aims to create the legal framework for the development and use of AI by the public authorities, companies, other entities, and individuals, an initiative that adds to the Brazilian AI Strategy (EBIA). China, in turn, went ahead of the rest of the world and enacted, in March of this year, a series of regulations for the use and development of AI.
It is no coincidence that these regulatory measures have emerged in different places at the same time: today we are experiencing the digitalization of globalization, or a digitalized globalization, which poses common, contemporary challenges to the most diverse jurisdictions. So why not join forces and look for solutions that address all these challenges as comprehensively as possible?
The importance of this joint effort, as a matter of fact, has become evident on a global level in the last two years, due to the pandemic of Covid-19. The use of new information and communication technologies, combined with the possibility of processing personal data in an amount and at a speed unheard of until recently, has allowed better control of the disease in several places around the world, being a crucial factor to avoid (even more) deaths. And perhaps one of the main outcomes of the pandemic is in this, the use of personal data for the treatment of diseases and, ultimately, for the promotion of better public health policies. New challenges brought about by this global health emergency have demanded extraordinary solutions, several of them based on personal data processing, which have been adopted simultaneously in several countries. Once again, it seems appropriate to share the different points of view on how such measures can and should be taken. Universities and research institutions, governments, public and private hospitals, and insurance companies are all players that, in their own way, can contribute effectively to the construction of a body of knowledge that is not limited to a single country.
In this perspective, the initiatives for dialogue about the issues mentioned here, and also about many other related topics – such as the structuring of fifth generation mobile internet networks (5G), the opportunities and challenges of the metaverse, the development of new cybersecurity tools and technologies, the automation of compliance measures, to name a few of the topics currently in vogue – are becoming increasingly relevant and fruitful.
Bearing all of this in mind, representatives from the different sectors mentioned at the beginning of this text gathered in Venice, Italy, for the Privacy Symposium 2022 Conference, with the aim of promoting international dialogue, cooperation, and knowledge sharing on global data protection laws and regulations, emerging technologies, and compliance. Keeping the tradition of being pioneer in discussions on digital law, Brazil was represented at the event by Waldemar Gonçalves Ortunho Junior (President Director of the Brazilian Data Protection Authority – ANPD) and Nairane Rabelo Leitão (Counselor Director at the ANPD) who, alongside, Renato Opice Blum (founder and chairman of Opice Blum, Bruno e Vainzof Advogados) addressed a panel on the Brazilian Data Protection Perspective. Ricardo Campos, partner of Opice Blum Advogados, was also present at the event.
Renato also took part in the discussion on data protection compliance in multijurisdictional contexts (“Addressing Multijurisdictional Data Protection Compliance in Practice”). Along with other leading names in the field of data protection, such as Geert Somers (partner at the renowned Timelex), Andreas Maetzler (CEO of the Prighter Group), and Caroline Goemans-Dorny (DPO at INTERPOL), Renato discussed ways to comply with different data protection laws, concerning different legal systems. Today there are at least 500 laws and regulations on the subject, in more than 130 countries, a fact that in itself demonstrates the indispensability of discussing the subject.
More than just a mere event, the Privacy Symposium represented an important step in promoting the necessary global dialogue on privacy, personal data protection and related topics. And the existence of a panel dedicated to Brazil’s contributions on the subject, presented from the point of view of regulators and members of the private sector, demonstrates not only the relevance of the country to the global panorama of privacy and protection of personal data, but also the indispensability of the joint work of members and institutions from multiple sectors of society.
Check out the photos of the event: