- 16/08/2019 - The Brazilian Patent: A Soap Opera or Novel?
- 15/08/2019 - Judicial Remedies against Excessive Delay in BPTO Examination
- 12/08/2019 - Brazil: Leading Mobile Operator Threatened with Marketing Suspensions over Privacy Concerns
- 06/08/2019 - I did it my way – Saving a Brazilian patent application
- 25/07/2019 - A importância da propriedade intelectual para a ALAE
- 25/07/2019 - FaceApp’s viral success creates privacy concerns in Brazil
- 16/07/2019 - Brazil: The protection of minimally invasive cosmetic procedures
- 15/07/2019 - Acordo Mercosul-UE e tratado fomentam proteção da propriedade intelectual
- 12/07/2019 - Brazil on its way to eliminate the existing patent backlog
- 07/06/2019 - As estratégias do INPI para solucionar o backlog de patentes
- 03/06/2019 - Madrid protocol: Brazil almost there
- 30/05/2019 - Intellectual Property is the key to brazilian development
25/07/2019 - FaceApp’s viral success creates privacy concerns in Brazil
If you never heard of FaceApp, a smartphone app that provides photo-transformations and recently went viral, you probably saw at least one friend, or a famous character, posting his or her AI-aged selfies on social media. And with the same speed that the Russian-developed app went viral, legal issues began to arise in several countries, including Brazil.
The ˜Procon SP Foundation”, a not-for-profit consumer protection watchdog linked to the Secretary of Justice from the State of Sao Paulo, recently sent warning letters to the developers of FaceApp, Wireless Lab, as well as to Apple and Google, owners of the virtual stores that make the app available In Brazil. In these letters, Procon SP demands all companies to inform and clarify why the application collects consumer data.
“You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you. When you post or otherwise share User Content on or through our Services, you understand that your User Content and any associated information (such as your [username], location or profile photo) will be visible to the public.”
While the above issues could be interpreted in Brazil as “minor” violations of our consumer protection law, it is interesting to examine how the privacy argument became a pivotal issue in such debate. Now that Brazil has approved its Data Protection Law (Lei Geral de Proteção de Dados, or “LGPD”) and passed the necessary laws to create a Brazilian data protection authority (Agencia Nacional de Proteção de Dados, or “ANPD”), privacy has become a “hot topic” for the Brazilian press. A few days after the app went viral, several media outlets started to alert users about these privacy issues, and consumer authorities were pushed to react.
At present, since LGPD is not into force yet (this might occur in August 2020), it is up to public prosecutors to decide the possible next steps against FaceApp or its local resellers. Before LGPD, Brazil did not have a specific data protection law, but privacy was briefly mentioned in other legislation, such as our Internet Bill of Rights (“Marco Civil da Internet”).
Moreover, as data breaches and privacy concerns usually involve customer data, authorities could use a broader interpretation to fit any problems within the scope of Brazil´s Consumer Protection Law, and use it to try to block or shut down the app in Brazil. However, on previous occasions the interest on data protection was not as big as it is today. We are now seeing a clear growth in customer awareness regarding privacy, which leads authorities to get more involved and, consequently, increases the risk of possible lawsuits for app developers from Brazil and abroad.
Since LGPD`s rules will, in the very near future, fully apply to any developer offering his app or making it available to customers located in Brazil, developers should do their best to clarify their policies for collecting, storing and using the data of consumers using any application, before entering the Brazilian market. Also, using “privacy by design” methodologies to address data protection during the app’s development phase could help to avoid such problems when the app “goes live”, guaranteeing a safer level of compliance with Brazilian data protection laws.
If all else fails, a developer should be ready to handle possible backlash from Brazilian authorities, which can be very aggressive if pushed by the media. While Privacy and Data Protection Law is probably now “the practice to develop” for several local firms, consultants and legal practitioners, it is still advisable to seek specialized legal advice if your app becomes so viral and popular to become a problem for Brazilian authorities.
Por Dirceu Santa Rosa