Companies to reduce data collection with new Brazil, EU data rules

Wednesday, August 15, 2018

With the general data protection law signed into law by President Michel Temer this week, companies will likely rethink the type of personal data they are collecting and the real need for such collection.

"One of the main challenges of the new law in Brazil, and that includes the GDPR, will be to treat the personal information consistently, taking into account that it is not easy to classify and identify all the data, where they are, etc, and then link them to their owners," said Gartner research VP Claudio Neiva.

Start your 15 day free trial now!


Already a subscriber? Please, login

Neiva spoke at a press conference during Gartner's Security and Risk Management event, in São Paulo, and responded to questions from BNamericas on the new Brazilian legislation.

Coupled with the European GDPR regulation, which is in effect since May, the new rules in Brazil tend to reduce the amount of personal data collected by private and public enterprises, according to the Gartner analysis.

Neiva said several companies have no idea how much data they have, where they are located nor how to access them, which adds difficulties to asking for consent to their usage.

ALSO READ: Vale explains how it employs data science

"From now on, as the law starts to set in following the adaptation period, the tendency is that companies rethink how they formulate their databases and their systems and what kind of data is needed and effectively used. With this, many enterprises will question: 'do I need such data in my systems? Do I need all the data of all my clients at all times for anything?' This should reduce the volume of data captured, ease costs and facilitate compliance with the law," he said.

At the conference, Gartner analysts were unanimous in praising the law, saying that the legislation will give legal security for local and international companies operating in Brazil as well as improving awareness and maturity on the issue.