Brazil Discusses Simplified Data Protection Rules For SMEs And Startups
A consultation has been launched to debate a proposal for simplified rules and exemptions relation to data protection for small and medium enterprises (SMEs) and startups in Brazil.
In the proposed framework put forward on Monday (30), the National Data Protection Authority (ANPD) plans to exempt smaller companies from maintaining a data protection officer. Instead, having a communication channel for data holders would be sufficient. Moreover, according to the proposed rules, SMEs and new tech-based firms could also be represented by business entities, legal entities or individuals, meaning companies could outsource part of the tasks relation to data protection.
"This regulatory alternative aims to guarantee the rights of [data] holders, while bringing balance between the rules contained in the General Data Protection Regulations and the size of the data processing agent", said Arthur Sabbat, a director at ANPD and rapporteur of the proposal.
The measures aimed at providing greater flexibility outlined in the proposal also includes different compliance deadlines for smaller firms, as well as the exemption from the obligation to keep records of personal data processing operations. The ANPD will hold a public hearing on September 14 and 15 to debate the proposal and receive manifestations from society about the draft resolution.
The discussion around the adaptation of the current data protection rules for small and medium businesses started to gather pace in June. At the time, ANPD's Sabbat said the idea was to introduce "feasible" rules for SMEs, and that these companies are often diverting staff from commercial and other core functions to data protection duties, and that's is not the authority's goal. Rather, the intention is to adapt the rules so that firms can ensure compliance at a minimal level.
A survey by Brazilian martech RD Station carried out with more than 1,100 SMEs from different segments has found that 48% see finding complete and objective information on the subject as the biggest hurdle to compliance, while 20% mentioned the lack of access to tools to adapt their business to the requirements. Lack of technical knowledge of the legal team appeared in 13% of responses, while the lack of resources to adapt to the data protection rules was the main reason for non-compliance for 8% of those polled.
Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals
The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more
AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments
Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more
Technology Sector Fuels U.S. Economic Growth In Q2
The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more
Tech Start-Ups Advised To Guard Against Foreign Investment Risks
The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more
Global IT Outage Threatens To Cost Insurers Billions
Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more
Global IT Outage Disrupts Airlines, Financial Services, And Media Groups
On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more