October 19, 2020, the appointees were approved by the Infrastructure and Services Commission of Brazil’s Senate as part of an approval process named "Sabatina." The Sabatina aims to assess if the appointee meets the requirements provided by Brazilian law, which include having proven technical skills, experience, acquitted reputation, and professional experience. Their names were submitted for approval to Senate’s plenary in compliance with Law No. 9,986/2000 (the "Regulatory Agencies Act") and article 52, III, f, of the Brazilian Constitution and were approved on October 20, 2020.
The LGPD, whose main provisions entered into force on September 18, 2020 following a period of uncertainty over the exact implementation date (see our summary, here), requires Brazil’s President to establish the national regulator. The ANPD will have the ability to assess fines of 2% of the legal group’s Brazilian revenues in the preceding fiscal year (up to a maximum of BRL 50,000,000 per violation), once the LGPD’s administrative sanctions provisions enter into force on August 1, 2021.
In addition to investigations, enforcement, and oversight, the LGPD assigns the ANPD significant rulemaking authority over practical issues that are not fully developed in the law, which will impact companies’ compliance programs. For example, the ANPD is charged with:
- Guidance on scope of LGPD subject-matter jurisdiction exceptions;
- Sharing sensitive data between controllers;
- Standards for anonymization of data;
- Obligations related to satisfying consumer rights;
- Adequacy findings for third countries and defining data transfer mechanisms;
- Scope of required security, technical, and administrative measures;
- Timing of mandatory security incident reporting; and
- Rules for good practice and governance.
The ANPD appointees are:
- Waldemar Ortunho is the current president of Telebras, which is a state-owned company engaged in the telecommunications sector. He has been appointed as the chair of the ANPD’s board for a six-year term. As the chair, he will represent ANPD and will have hierarchical authority over the other officers. Also, he will be responsible for other administrative capacities and for ANPD sessions.
- Arthur Pereira Sabbtat is currently a Director at the Information Security department of the Brazilian Presidency. He was appointed for a five-year term.
- Joacil Basilio Rael is an advisor at Telebras and was appointed for a four-year term.
- Miriam Wimmer is a Director of Telecommunications Services at the Brazilian Ministry of Science, Technology, Innovation & Communications and was appointed for a two-year term.
- Nairane Farias Rabelo is a lawyer specialized in data privacy. She was appointed for a three-year term.
Authored by Isabel Carvalho, Paula Pagani, and Rafael Szmid.
