BRAZIL Trends and Developments Contributed by: Juliana Abrusio and Mario Cosac, Machado Meyer
outlines the requirements for digitalisation and cybersecurity measures within the sector. This resolution mandates energy companies to adopt stringent cybersecurity protocols to protect their infrastructure and data. Additionally, the State-Owned Companies Law (Law No 13.303/2016) and the Digital Govern - ment Law (Law No 14.129/2021) impose further compliance obligations on energy companies, emphasising transparency, accountability, and the secure handling of data. These regulations collectively ensure that energy concessionaires adhere to high standards of data governance and cybersecurity, thereby safeguarding the sector against potential cybersecurity threats. Consumer protection In recent years, Brazil has made significant strides in enhancing consumer protection and cybersecurity. An important development in this area was the signing of the Technical Co-oper - ation Agreement No 1/2021 between the ANPD and the National Consumer Secretariat ( Secre- taria Nacional do Consumidor , or “Senacon”) on 22 March 2021. This agreement aims to expedite investigations involving cybersecurity incidents by fostering collaboration between the two enti - ties. Through the exchange of information, educa - tional initiatives, research, and joint enforcement actions, Senacon and the ANPD are working together to safeguard personal data and defend consumer rights. Senacon provides the ANPD with access to its database, which includes complaints and notifications, whereas the ANPD focuses on regulatory and enforcement actions under the LGPD. This partnership is expected to not only speed up investigations but also to strengthen the culture of data protection in Bra -
zil, ensuring greater legal security for consumers and organisations alike. In July 2024, Senacon announced an investiga - tion into the damage caused by a recent cyber - security breach that affected various sectors in Brazil. The incident stemmed from a problematic update by cybersecurity provider CrowdStrike, which disrupted services provided by Microsoft. This error disconnected computers and servers from the internet, leading to a system recov - ery loop that rendered machines inoperable. The fallout was widespread, impacting global companies and causing significant disruptions in Brazil. Airlines, banks, and even the health - care system faced operational challenges, with manual check-ins at airports for travellers and service interruptions for hospitals and energy Another significant effort in the realm of cyber - security is Brazil’s fight against digital piracy in the field of consumer protection. On 10 February 2025, the National Council for Combating Piracy and Intellectual Property Offences ( Conselho Nacional de Combate à Pirataria e Delitos contra a Propriedade Intelectual , or CNCP) submitted a list of 393 blocked pirate websites to the World Intellectual Property Organization (WIPO). This list will be included in WIPO Alert , an interna- tional monitoring and dissemination mechanism. The CNCP, which is linked to Senacon, has been actively involved in combating digital piracy and protecting citizens from cybercrimes. Opera - tions such as Redirect and 404 have targeted illegal platforms, blocking hundreds of websites and applications. These pirate sites not only dis - tribute illegal content but also expose more than 90 million consumers to fraud, data theft, and distributors. Digital piracy
65
CHAMBERS.COM
Powered by FlippingBook