O direito à proteção de dados na sociedade em rede: a perspectiva comparada entre a Autoridade Nacional de Proteção de Dados (ANPD) e a Unidade Reguladora e Controladora dos Dados Pessoais (URCDP) do Uruguai

Abstract

The General Data Protection Law (LGPD) is presented as a relevant field of study in network society. With the legislation entering into force, adequacy challenges have arisen and depend on the work of the National Data Protection Authority (ANPD), especially in the promotion and regulation of protection mechanisms that assume a character of compatibility with the General Data Protection Regulation (GDPR), adopted in Europe. In this sense, it is relevant to analyze how the data-protection structuring process took place in Uruguay, which is internationally recognized as “adequate” and able to receive transfers of personal data by computerized means. This path depended on the performance of the Personal Data Regulatory and Controlling Unit (URCDP), a regulatory body with the same function as the ANPD. Starting from the comparative method, we seek to establish approximations and dissonances between the authorities to understand the factors that determine the performance of the Uruguayan regulatory body adjusted to the needs of European adequacy, but able to be incorporated with greater acceptability by Brazil. As a result of the research, it is possible to verify the existence of approximations such as the mandate of the leaders, as well as normative and supervisory powers that are proper to a regulatory agency unrelated to subordinations and interference, although, at the moment, both the ANPD and URCDP lack their own legal personality. The resolutions that allowed the specification of the Uruguayan adequacy to the GDPR and the mechanisms that prevent the identification of the data holders adopted by the URCDP were analyzed, so that this action promotes the adequacy in the concrete plan, making the regulation effective in international and regional standards. The analysis of the perspective of adopting quality seals, an important instrument of compliance with the best data protection techniques and suggested as a mechanism to be strengthened by the ANPD and URCDP, revealed that they perform the function of a real protection mechanism for data subjects. Finally, in view of the contrast and success of the Uruguayan experience, we promote the idea that the existence of authority is fundamental for the consolidation of data protection in Brazil and that there are foreseen mechanisms in the legislation that do not prevent the promotion and performance of ANPD activities in a technical and impartial manner.