The EU’s General Data Protection Regulation (GDPR) is often cited as the world’s toughest data protection law. Many organizations have worked hard to bring themselves into GDPR compliance.

Brazil’s Lei Geral de Proteção de Dados Pessoais (LGPD) is similar to the GDPR in many ways. Both laws provide rules and principles about the processing of personal data, stipulate the information that must be provided to data subjects, and impose new requirements for data breach reporting.

But the two laws are far from identical. PrivSec Latin America will explore how the GDPR and the LGPD intersect, how they differ, and what extra steps you must take to bring your GDPR-compliant organization in line with Brazilian law.

Speakers

• Adriano Lima, DPO Exin, CISO, CISM, IT Risk Pro, DPO – Executivo de Proteção de Dados, Pixeon Medical Systems
• Marico Cots, Partner & Attorney-at-law at GetGlobal International
• Patricia Punder, Governance, Compliance, Data Privacy and ESG International Expert, Punder Consulting Office, Punder Advogados
• Alex Bermudez, Diretor, Ibéria e Itália at Onetrust
• Thais Novaes, Corporate Lawyer & DPO, BDF Nivea

While no region is spared by cybercriminals, Latin America has been hit particularly hard by phishing, ransomware, and other cybercrimes.

Recent research from Kaspersky suggests that Brazil is the phishing capital of the world. And a CheckPoint study places Argentina and Chile among the top five countries most frequently hit by ransomware attacks.

PrivSec Latin America will assess the state of cybercrime in Latin America—and ask what governments, tech experts, consumers, and businesses can do to reduce their exposure and fight back against the region’s cybercrime outbreak.

Speakers

• Marcos Sêmola, CISM, CIPM, CDPSE, PCI-DSS, PDPP and ISO27KLA, Cybersecurity Partner, EY
• Igor Gutierrez, Information Security Officer & Data Protection Officer, GROB
• Dr.João Pedro Ferraz Teixeira, Advogado at COTS Advogados (Attorneys-at-law)
• Marco Túlio Moraes, CISO at Oiti

Stakeholder support for a privacy program is key, especially as compliance programs grow and organizations focus their attention on an increasing number of regulations and frameworks from around the world. With so much information at play in a program, how do you know what to present in the boardroom?

This session will take a look at the key metrics and deliverables, dashboards, and reports that demonstrate the functionality and success of your organization’s privacy program.

Speaker

Beto Santos, Diretor, América Latina, Onetrust

With the rollout of digital identity schemes across Latin America, many of the region’s countries are adopting biometric identification schemes to authorize payments and access public services.

Police forces in countries such as Brazil and Uruguay are also implementing facial recognition systems to assist law enforcement efforts—allegedly without the knowledge or consent of populations.

Is Latin America becoming a region where submitting to biometric identification is unavoidable? PrivSec Latin America will examine the legal, ethical, and technical dimensions of this controversial method of identifying and surveilling individuals.

Speakers

• Cecilia Choeri, Partner, Chediak Advogados
• André H. Paris, CIPM, CCEP-I, Managing Partner, Fakos – Data Privacy & Compliance Consultancy
• Vanessa Ribeiro, Partner, Gusmão & Labrunie
• Ali Jessani, Senior Associate, WilmerHale

While Brazil’s LGPD arguably represents a “high water mark” for data protection law in Latin America, it is by no means the region’s only privacy and security-focused legislation.

For decades, the legal doctrine of habeas data has given rise to a vibrant and progressing legal landscape for information laws across Latin America. Respected data protection and security regimes exist or are in development in countries such as Peru, Mexico, Uruguay, and Argentina.

PrivSec Latin America will explore the regulatory landscape across the Latin American region—considering where the strongest data protection, privacy, and security laws exist; where such laws are in development; and which countries are lagging behind in terms of legal reforms.

Host

• Angela Maria Noguera Moreno, Of Counsel, Vanegas Morales Consultores

Speakers

• Viviane Rico Menezes, CDPO Exin, CDPSE, ISO27001LA, Governance Cybersecurity Manager, ITAU
• Angela Maria Noguera Moreno,Of Counsel, Vanegas Morales Consultores
• Guilherme C. Tovar, Data Privacy Specialist, Mercado Libre
• Stella Sofía Vanegas, VanegasMoralesConsultores

With US privacy law remaining patchy and comparitively liberal, US companies hoping to thrive in Latin America must develop their privacy compliance programs beyond what is required in the States.

The comprehensive data protection laws that are springing up across Latin America require a principles-led approach to compliance and careful attention to regional differences.

PrivSec LatAm will bring together experienced privacy professionals to explore how US companies should approach privacy compliance in Latin America.

Host

• Joel Schwarz, JD, CIPP, CDPSE, Director & Data Protection and Privacy Capability Lead at MBL Technologies Inc., Adjunct Professor of Law, Albany Law School

Speakers

• Lily Li, CIPP/US/E/M, GCFA, Founder/President of Metaverse Law Corporation, Metaverse Law Corporation
• Isabel Davara, CIPP-E-US-CIPM-FIP, Propietario at DAVARA ABOGADOS

Privacy laws, such as the LGPD, have changed the way organizations must respond to data subject requests and consumer rights. These laws, spurred on by the recurrent rise in data breaches and an ever-increasing use of personal data by companies, have created many challenges for organizations responding to requests for privacy rights. As a result, organizations need an efficient way to find out what data they have about these individuals in their IT environment and retrieve it to fulfill those requests and comply.

In this session, we’ll take a look at:

The best ways for companies to find, manage, query, and action data

How organizations can plan for compliance with intelligent discovery tools, purpose built with regulatory guidance

Walk through every day use cases to help organizations use integrated data discovery technology to run scans, gain predictive insights, automate manual tasks, and streamline data processes

Speakers

• Moacir Klapouch, Solution Engineering Manager - OneTrust

The Brazilian Senate has passed a proposal for an amendment to the Constitution which includes personal data protection to the list of citizen fundamental rights and guarantees.

What are the implications of the consistutional protection of privacy in Brazil? Will the amendment protect Brazilians' privacy against government intrusion—or will the change affect the private sector, too?

PrivSec LatAm will explore the impact of privacy as a fundamental right for all Brazilians.

Host

• Adriano Lima, DPO Exin, CISO, CISM, IT Risk Pro, DPO – Executivo de Proteção de Dados, Pixeon Medical Systems

Speakers

• Marcelo Crespo, Partner / Founder, Peck Advogados / Privacy Rocket
• Luiza Sato, Partner, ASBZ Advogados
• Felipe Palhares, Partner, BMA – Barbosa, Müssnich, Aragão
• Erica Costa, Data Privacy Specialist, OneTrust

Transferring personal information across borders is among the biggest compliance challenges for privacy professionals.

For example, the EU’s notoriously complex rules on international data transfers have led some to conclude that it’s better to simply keep data in the jurisdiction it was collected. And businesses operating across Latin America face significant data transfers challenges, too.

But the nature of the regional economy means some personal information will always need to flow across borders.

PrivSec Latin America will consider how businesses can meet the challenge of transferring personal information between Latin American countries—and outside of Latin America altogether—with a particular focus on Brazil’s LGPD.

Host

• Cristiana Maia, DPO Exin, CISO Exin, CEC, CIICC, ISMF, ISMP, PDPP, PDPF, PDPE, ISO27001IA, PCI/DSS, ITIL, Data Privacy and Cybersecurity Consultancy, Compliance, Data Privacy & Protection Lawyer

Speakers

• Frederico Felix Gomes, DPO, Zoop (Movile Group)
• Dr. Humberto De Jesús Ortiz Rodríguez, Gerente de Dados - Data Protection Officer (DPO) en Neon
• Mariano Peruzzotti, Partner, Ojam Bullrich Flanzbaum