As a result of a public consultation on the regulation of the General Data Protection Law (LGPD), the National Data Protection Authority (ANPD) received, until last Monday (1st), proposals from several associations defending the adequacy of the text. to the reality of Brazilian micro and small companies.
The Brazilian Internet Association (Abranet) suggested, in principle, that the deadline for fulfilling the obligations of the LGPD for micro, small and medium-sized companies (SMEs) and startups should be double that determined for large companies.
Another suggestion from Abranet is that SMEs and startups be exempted from hiring a data supervisor, a professional who would communicate between the companies and the ANPD. Citing European regulations, the entity proposes that the aforementioned companies should not be required to register their operations, unless their primary activity is data processing, or dealing with a large volume of information.
More LGPD proposals for SMEs and startups
Among the proposals received, the contribution of the Federation of Industries of Rio de Janeiro (Firjan) also suggests that it is not mandatory for MEPs to hire a person in charge of data protection business, establishing some criteria, such as company billing, for example.
A second criterion, according to Firjan, would be the corporate name. Speaking to Agência Brasil, the entity’s president, Rodrigo Santiago, said: “if the purpose of the business itself is data processing, then there is no reason why it should fit into simplification”. And the last criterion would be the automated and continuous use of data, even if it is not part of the business model.
After assessing the subsidies received, the ANPD must define the measures for the sector in the first half of this year. As for requests for flexibility, such as the definition of the requirement or not of a data supervisor, it is possible that the deliberation will arrive only at the beginning of 2022.