Constitutional Amendment 115 is a milestone in the development of data protection in Brazil

On February 10th of this year, Constitutional Amendment (EC) 115 was published in the Official Gazette of the Union (DOU), which included the protection of personal data, including digital data, among fundamental rights and guarantees. The text also establishes the Union's exclusive competence to legislate on the protection and processing of personal data. In other words, we are facing a true milestone in Brazilian legislation, which demonstrates the attention that the country has paid to the issue in a relatively short period of time.

Before we look into the subject itself, it is important to understand what a constitutional amendment is. This is a change in the Federal Constitution - in this case, in articles 5, 21 and 22. Therefore, it is a process that ensures that a country's Constitution is modified in parts, to adapt and remain updated in the face of relevant social changes. Definitely, information security and data privacy are among these changes, which became evident with the arrival of the Covid-19 pandemic. The rise of home office, e-commerce and social networks has increased companies' concern about the issue, given the increase in cybercrime in several segments.

For this reason, the president of the Senate, Rodrigo Pacheco (PSD-MG), stated in the promulgation session that the measure favors investments in technology in Brazilian territory. It is worth mentioning that, according to Agência Senado, not only politicians were present on the occasion, but also representatives of some institutions, such as the European Union delegation in Brazil, Facebook, the National Data Protection Authority (ANPD), Portal Brasileiro of Open Data, the LGPD Forum of the Regulatory Committee of the Brazilian Association of Software Companies, the Association of Information and Communication Technology Companies (Brasscom) and the National Association of Private Universities.

Clearly, different sectors are concerned about the protection of personal data. Not surprisingly, a few years ago, before even imagining a world with social isolation, some actions already demonstrated this perspective. One of them is the Marco Civil da Internet, from 2014; another is the General Data Protection Law (LGPD), of 2018. In fact, this law is further strengthened with the amendment - together with the ANPD -, as it brings an increase in legal security. Therefore, the author of the Proposed Amendment to the Constitution (PEC) that gave rise to EC 115, senator Eduardo Gomes (MDB-TO), stated in the session: "Brazil reached maturity on the subject [data protection] in less than four years."

In fact, entrepreneurs and companies that previously did not pay attention to information security and privacy have become conditioned to change their position. Therefore, companies are increasingly understanding that the personal data in their databases cannot, in fact, be shared with third parties without consent. And, in this sense, compliance with the laws that deal with the topic is essential. Firstly, for business groups to demonstrate credibility to their customers, proving that they are willing to provide a quality service that does not generate a risk of exposure.

Secondly, to internally demonstrate care for employees. As already mentioned, the home office created an intensification in the flows of personal data, which generated the need to protect employees, with actions such as antivirus and firewall, for example. Measures like this are essential to avoid intrusion into systems, the increase in electronic fraud and, consequently, the leakage of sensitive organizational and personal data.

Finally, in addition to corporations, Brazilian citizens in general receive a gift with the guarantee of protection and adequate processing of personal data based on our Carta Maior. People digitize more every day, whether to use social networks, make an online purchase or as a work tool. In this way, the digital environment cannot be an unknown and dangerous territory for the thousands of individuals who enter it, but a safe territory and, just like in life outside the internet, which has legal support specified in the nation's legislation.

By Carla Prado A. Paes Manso, lawyer and product manager at Compugraf