LGPD AND CONSUMER 4.0

 

*Adriana Sforcini Lavrik Esper and Glauco Moreira

 

The balzaquiano Consumer Defense Code (CDC) established a fundamental milestone for the maturation and evolution of consumer relations in the country. Over its three decades many changes have occurred in consumer relations, driven mainly by the advancement of technology.

The CDC, however, maintained its relevance in the face of new challenges, especially because one of its principles is the harmonization of the interests of the participants in consumer relations and the compatibility of consumer protection with the need for economic and technological development.

And it is not for nothing that the item technology was contemplated in the CDC. At the time of its enactment we were embarking on the so-called "digital era" (or information age), a path with no return that culminated in the popularization of the internet and the convergence of the media. In this context the Consumer 4.0 arises, the protagonist of a new consumer relationship directly related to Big Data, the result of the large volume of information and data that began to circulate in the digital world.

Big Data has become a very important element in driving the economy, and is a valuable tool for increasing companies' customer base, as well as retaining them and improving the quality of those relationships.

If in 1990, when the CDC came into force, companies said that "the customer was always right", with Big Data, consumers have become a product. In 2009, Meglena Kuneva (European Commissioner for Consumer Affairs) warned: "personal data is the new oil of the internet and the new currency of the digital world".

This statement summarized the understanding of how valuable the consumers' personal data became. It was clear that the standards then existing, including those regulating consumption, needed to be adapted to this new reality. Thus, in 2018 the General Data Protection Regulation (GDPR) came into force in the European Union, a regulation that aims to protect the personal data of European Community residents, and has inspired standards that are flourishing around the world.

It was in this context that, in August 2018, our General Data Protection Act (LGPD) was enacted. The foundations and principles of the LGPD have brought more security to consumer relations in the digital age. The LGPD not only improves and expands the rules of transparency and right of access to information that the CDC already provided for, but also establishes other mechanisms to protect the data subject, by providing for the adoption of privacy governance programs, as well as preventive measures and compliance mechanisms necessary to comply with the law and the effective demonstration of compliance(accountability).

From this perspective, the objectives of the CDC and the LGPD are convergent, complementary and strengthen the principles of information and transparency so dear to consumer law. And this is very good for the consumer market.

In times when data is worth more than oil, the regulation of the digital environment and its correct adaptation is necessary. The arrival of the LGPD brings the challenge of compliance management in the digital world, in which companies will have to adapt to a new reality and the CDC can be a great ally in this process.

The adaptation is necessary and urgent. The market is watching and companies that are not in compliance with LGPD will pay a high price, as is already happening in the European Union. Although the LGPD penalties, which can reach up to R$ 50 million, will only begin to be applied in August/2021, many consumer complaints are already based on the new law, and some court rulings as well.

Big Data may have turned personal data into a product, but it still belongs to the consumer who, even if it is 4.0, is still right (of course, within the limits of the law).

Adriana Sforcini Lavrik Esper is a lawyer and professor, with expertise in data privacy, digital and technological law. MBA in Risk Management and Compliance (FIPE), specialization in Data Science Ethics (Michigan University) and in Foreign Trade and International Business (FGV/SP). Member of the Compliance Commission and of the Privacy and Data Protection Commission of OAB- SP/Associate of IBDEE. Partner at Miguel Silva & Yamashita Advogados.

 

Glauco Moreira is a lawyer with a Masters degree in Computer and Communications Law from the University of London. He is a partner at Miguel Silva & Yamashita Advogados, with international experience in advising companies on commercial, contractual and regulatory matters, and representing clients in judicial and extrajudicial disputes.

 

Share: