Scandals related to the leakage and use of personal data in the last decade, especially the Cambridge Analytica case, have driven the creation of laws and regulations aimed at protecting personal data and the right to privacy in different regions of the world.
In Brazil, this process resulted in the General Data Protection Law (LGPD). Sanctioned, with vetoes, in 2018, during the Temer government, the legislation came into force in September 2020, providing a deadline for compliance until August 2021.
Although our country was at the forefront of protecting digital network users with the establishment of the Internet Legal Framework, it was necessary to go further and have specific legislation regarding the processing of personal data, whether carried out digitally or analogously.
If you have not yet complied with the LGPD – the law is applicable to all who perform some form of data processing in their business, regardless of size, classification, or area of activity – be aware that since the last August 1st, you risk being fined. Come with us to understand what the LGPD sanctions are and the consequences of disobeying the law.
LGPD sanctions are already in effect – understand the risks
Before detailing the sanctions provided for in the LGPD for those who carry out some form of data processing in disobedience to its principles and guidelines, it is necessary to reinforce that the legislation is an advance to be celebrated by all, as it guarantees the right of any person over their own personal data.
Therefore, respecting the LGPD is not only a matter of avoiding fines but also an ethical issue. Remember that you are also benefited by it and also have the right to protect your personal data, especially sensitive ones.
Having made this reservation, you need to know that the sanctions provided for in the General Data Protection Law are heavy, capable of compromising the survival of your company.
The LGPD provides for the application of daily fines that can reach 2% of the previous year’s net revenue of companies, with the amount limited to R$50 million per infraction. Another possible sanction is the blocking of the company’s database for up to six months.
Both penalties provided for are rigorous. While the application of fines can severely compromise the cash flow of businesses, blocking the database can make the operation unfeasible. Thus, the risks for those who choose to disobey the legislation are significantly high.
Although the foundations of the right to privacy and protection against the misuse of data are provided for in the 1988 constitution, the LGPD reinforces the importance of data protection effectively, establishing practices, principles, and guidelines so that data processing is carried out securely and in obedience to the rights of the owners.
Creating a data protection culture
It is clear that the concern with the protection of personal data is a new demand from society, gaining traction from the popularization of digital solutions, which allowed the creation and traffic of data and information like never before in the history of humanity.
Thus, the protection of personal data provided for in the LGPD applies with greater urgency in the digital world, although not only to that. Although this period of adaptation may be traumatic for some businesses, one of the great advantages of the legislation is to stimulate the creation of a data protection culture in the country.
Although large companies and multinationals already pay attention to this issue, investing heavily in solutions and technologies aimed at information security, for most entrepreneurs and professionals, this is a minor issue or goes unnoticed in the face of day-to-day challenges.
The application of good principles and practices in the processing of personal data is beneficial to all, including businesses, which have greater legal security and reliability for their operations while demonstrating that they are in line with the desires and aspirations of consumers and customers.
If you have not yet adapted data processing to the principles and guidelines of the LGPD, do not waste any more time. In addition to avoiding the risk of LGPD sanctions, capable of compromising the survival of your business, you contribute to the creation of a data protection culture.
Keep following our blog and follow STWBrasil on social media to learn more about the General Data Protection Law and other topics related to information security.
See you next time!
