Skip to main content
SpringerLink
Log in

Challenges Regarding the Compliance with the General Data Protection Law by Brazilian Organizations: A Survey

  • Conference paper
  • First Online:
Computational Science and Its Applications – ICCSA 2021 (ICCSA 2021)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12951))

Included in the following conference series:

Abstract

Brazilian organizations must comply with the Brazilian General Data Protection Law (LGPD) and this need must be carried out in harmony with legacy systems and in the new systems developed and used by organizations. In this article we present an overview of the LGPD implementation process by public and private organizations in Brazil. We conducted a literature review and a survey with Information and Communication Technology (ICT) professionals to investigate and understand how organizations are adapting to LGPD. The results show that more than 46% of the organizations have a Data Protection Officer (DPO) and only 54% of the data holders have free access to the duration and form that their data is being treated, being able to consult this information for free and facilitated. However, 59% of the participants stated that the sharing of personal data stored by the organization is carried out only with partners of the organization, in accordance with the LGPD and when strictly necessary and 51% stated that the organization performs the logging of all accesses to the personal data. In addition, 96.7% of organizations have already suffered some sanction / notification from the National Data Protection Agency (ANPD). According to our findings, we can conclude that Brazilian organizations are not yet in full compliance with the LGPD.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Erickson, A.: Comparative analysis of the eu’s gdpr and brazil’s lgpd: enforcement challenges with the lgpd. Brook. J. Int. L. 44, 859 (2018)

    Google Scholar 

  2. European Union. General data protection regulation (gdpr). Intersoft Consult. 1(1), 1–100 (2018). Accessed 24 Oct 2020

    Google Scholar 

  3. Australian Government Federal Register of Legislation. Privacy act (1988) https://www.legislation.gov.au/details/c2021c00139, Accessed 4 Apr 2021

  4. Code Section Group: California consumer privacy act of 2018. Accessed 14 2021

    Google Scholar 

  5. Ribeiro, R.C., Canedo, E.D.: Using mcda for selecting criteria of lgpd compliant personal data security. In: The 21st Annual International Conference on Digital Government Research, dg.o ’20, New York, NY, USA, pp. 175–184. Association for Computing Machinery (2020). https://doi.org/10.1145/3396956.3398252

  6. Ministério da Economia. Comercio exterior brasileiro, https://www.gov.br/produtividade-e-comercio-exterior/pt-br/assuntos/comercio-exterior/estatisticas, Accessed 30 Mar 2021

  7. Ribeiro, R.C., Canedo, E.D.: Using MCDA for selecting criteria of LGPD compliant personal data security. In: Eom, S.J., Lee, J. (eds.) dg.o ’20: The 21st Annual International Conference on Digital Government Research, Seoul, Republic of Korea, 15–19 June 2020, pp. 175–184. ACM (2020)

    Google Scholar 

  8. Presidência da República. Lei Geral de Proteção de Dados (2018). http://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/L13709.htm, Accessed 22 Mar 2021

  9. Governo Federal. Guia de boas práticas para implementação na administração pública federal (2020). https://www.gov.br/governodigital/pt-br/governanca-de-dados/guia-lgpd.pdf, Accessed 20 Mar 2021

  10. Serpro. Governo federal lança plataforma lgpd educacional. Serpro (2021)

    Google Scholar 

  11. Serpro. Pesquisa indica que 64% das empresas não estão em conformidade com a lgpd. InfoMoney (2020)

    Google Scholar 

  12. Pereira Neto Macedo. Brazilian general data protection law (lgpd). Braz. Natl. 1(1), 1–16 (2018). Accessed 18 Oct 2020

    Google Scholar 

  13. Khyara Passos. Compliance with brazil’s new data privacy legislation: What u.s. companies need to know. SSRN (2021)

    Google Scholar 

  14. Alencar, A.D.S.: ProteÇÃo de dados pessoais no brasil e no chile: Uma anÁlise comparativa sob a perspectiva da decisÃo de adequaÇÃo da comissÃo europeia. Observatório da LGPD, pp. 1 (2020)

    Google Scholar 

  15. Cantelle, A.: Marco civil da internet e proteção de dados pessoais 2017. conteúdo Jurídico, p. 1 (2020)

    Google Scholar 

  16. Machado, R., Kreutz, D., Paz, G., Rodrigues, G.: Vazamentos de dados: Histórico, impacto socioeconômico e as novas leis de proteçãoo de dados. Anais da Escola Regional de Redes de Computadores (ERRC) (2019)

    Google Scholar 

  17. Ferreira De Jesus, A.P., et al.: Robôde conversação baseado em inteligência artificial para treinamento na lei geral de proteção de dados pessoais. Unisanta Science and Technology, pp. 1–10 (2020)

    Google Scholar 

  18. de Souza Lehfeld, L., Celiot, A., Siqueira, O.N., Barufi, R.B.: A (hiper)vulnerabilidade do consumidor no ciberespaço e as perspectivas da lgpd. In: Revista Eletrônica Pesquiseduca, p. 10 (2021)

    Google Scholar 

  19. Ferrão, S.R., Carvalho, A., Canedo, E.D., Costa, M.P., Cerqueira, A.: Diagnostic of data processing by brazilian organizations-a low compliance issue. Academic Editor Willy Susilo (2021)

    Google Scholar 

  20. Canedo, E.D., Calazans, A., Masson, E., Costa, P., Lima, F.: Perceptions of ict practitioners regarding software privacy. Entropy 22, 429 (2020)

    Article  Google Scholar 

  21. Allen, I.E., Seaman, C.A.: Likert scales and data analyses (2007)

    Google Scholar 

Download references

Acknowledgments

The authors would like to thank the support of the Brazilian research, development and innovation agencies CAPES (grants 23038.007604/2014-69 FORTE and 88887.144009/2017-00 PROBRAL), CNPq (grants 312180/2019-5 PQ-2, BRICS2017-591 LargEWiN, and 465741/2014-2 INCT in Cybersecurity) and FAP-DF (grants 0193.001366/2016 UIoT and 0193.001365/2016 SSDDC), as well as the cooperation projects with the Ministry of the Economy (grants DIPLA 005/2016 and ENAP 083/2016), the Institutional Security Office of the Presidency of the Republic (grant ABIN 002/2017), the Administrative Council for Economic Defense (grant CADE 08700.000047/2019-14), and the General Attorney of the Union (grant AGU 697.935/2019).

Author information

Authors and Affiliations

  1. National Science and Technology Institute on Cyber Security, Electrical Engineering Department (ENE), University of Brasília (UnB), Brasília, DF, Brazil

    Vanessa Coelho Ribeiro, Ana Paula de Aguiar Alarcão, Lucas Alexandre Carvalho Chaves, Johann Nicholas Reed, Fábio Lúcio Lopes Mendonça & Rafael T. de Sousa Jr

  2. Department of Computer Science, University of Brasília (UnB), Brasília, DF, Brazil

    Edna Dias Canedo

  3. University Center Uniprojeção, Brasília, DF, Brazil

    Vanessa Coelho Ribeiro

Authors
  1. Edna Dias Canedo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vanessa Coelho Ribeiro
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ana Paula de Aguiar Alarcão
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lucas Alexandre Carvalho Chaves
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Johann Nicholas Reed
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Fábio Lúcio Lopes Mendonça
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Rafael T. de Sousa Jr
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Edna Dias Canedo .

Editor information

Editors and Affiliations

  1. University of Perugia, Perugia, Italy

    Osvaldo Gervasi

  2. University of Basilicata, Potenza, Potenza, Italy

    Beniamino Murgante

  3. Covenant University, Ota, Nigeria

    Sanjay Misra

  4. University of Cagliari, Cagliari, Italy

    Chiara Garau

  5. University of Cagliari, Cagliari, Italy

    Ivan Blečić

  6. Monash University, Clayton, VIC, Australia

    David Taniar

  7. Kyushu Sangyo University, Fukuoka, Japan

    Bernady O. Apduhan

  8. University of Minho, Braga, Portugal

    Ana Maria A. C. Rocha

  9. Polytechnic University of Bari, Bari, Italy

    Eufemia Tarantino

  10. Polytechnic University of Bari, Bari, Italy

    Carmelo Maria Torre

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Canedo, E.D. et al. (2021). Challenges Regarding the Compliance with the General Data Protection Law by Brazilian Organizations: A Survey. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2021. ICCSA 2021. Lecture Notes in Computer Science(), vol 12951. Springer, Cham. https://doi.org/10.1007/978-3-030-86970-0_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-86970-0_31

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-86969-4

  • Online ISBN: 978-3-030-86970-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation