Sharing consumers’ geolocation data by telecom operators does not violate the Federal Constitution or LGPD when done in an aggregated and anonymized way (i.e., for statistical purposes); the terms of the sharing agreement must be made public, the data can only be used for a concrete, specific and legitimate objective (rather than generic justifications such as “fighting the pandemic”), and the lifecycle of the processing must be clearly determined in its entirety (i.e., beginning, means and end of processing).
COVID-19: Brazilian Regulator’s Principles for Processing Geolocation Data
Related Posts
University of Michigan Data Breach
The recent cyberattack on the University of Michigan, where sensitive employee and student data fell victim to a…
Irish National Police Data Leak Highlights Third-Party Risk
The recent data breach incident involving the Irish National Police. This breach underscores the critical importance of addressing…
California Enacts New Delete Act to Strengthen Data Privacy
We are thrilled to share a significant development in data privacy regulation. California has taken a momentous step…