The trial of the decade that might drastically upend the rules of the internet

Two major lawsuits that are being brought in the U.S. Supreme Court (Gonzalez v. Google and Twitter v. Taameneh) target Big Techs Google, Facebook and Twitter and could drastically upend the rules of the internet.

 

The cases seek to blame the platforms for recommending violent and recruiting content from the Islamic State, which would have taken directly encouraged its users to commit terrorist acts. Both perpetrators are relatives of the victims killed in attacks in France and Turkey, both of which are authored by the Islamic State.

 

It turns out that since 1996 (even before Google was created) the U.S. has legislation (known as “section 230” of the Communications Decency Act – CDA) that exempts, “protects platforms from culpability for posts, photos, and videos that people share.” Therefore, there would be no responsibility on the part of the platforms in monitoring the content made available by third parties.

 

 

The center of the family’s claims would be that Google and Twitter should have the means to prevent videos of violent and terrorist recruitment nature from circulating on their platforms and prevent the algorithm from recommending it.

 

Today digital platforms work mostly based on the algorithm recommendation system, offering content based on user personal preferences. The main point would be whether section 230 would also apply to the act of recommendation, in addition to hosting the contents. There is questioning about the impact of this decision on freedom of expression and on the entire current functioning of digital platforms.

 

The judge’s position is still unclear in determining whether there would be a direct link between the recommendations and the commission of the terrorist acts themselves, but the case is complex and promises a long discussion in the coming months.

 

It is worth remembering that in Marco Civil Law of the Internet in Brazil of the Internet has a similar position from CDA, determining that it is not the direct responsibility of the platforms filtered the contents, only when judicially determined.

 

Both are really important cases that, depending on the decision can drastically upend the rules of the internet worldwide.

 

Author: Ana Luiza Pires and Cesar Pedut Filho, Peduti Advogados.

Source: How two supreme court battles could reshape the rules of the internet

 

“If you want to learn more about this topic, contact the author or the managing partner, Dr. Cesar Peduti Filho.”

“Se quiser saber mais sobre este tema, contate o autor ou o Dr. Cesar Peduti Filho.”

 

The importance of security measures and the personal data protection in maintaining business

Data leaks, phishing, ransomware, viruses, among other terms, have become recurrent and much talked about in recent years. With the entry into force of the recent Brazilian General Personal Data Protection Law (Law No. 13.709/2018), also called “LGPD”, on September 18 of 2020, attention is focused mainly on the data of individuals and the incidents that may occur involving these data.

 

There is no precise definition in Brazilian law on what would specifically be a personal data breach. Despite this, there is a great influence of international data protection law, mainly from the European Union. According to article 4 of the General Data Protection Regulation, such a breach can be understood as a “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed”.

 

As an example, malware can be cited, which is a malicious program, ransomware being one of the best known. It can be understood as a malicious code to hijack data – after infecting a computer, access to a company’s files can be blocked, for example, in order to demand a ransom to release this access. The theme generates great concern because as exposed by “Jornal Hoje”, in the case of the city of São Paulo, cybercrimes recorded in six months of this year exceeded the total of last year. Furthermore, studies revealed that 54% of global organizations assessed admitted that their methods of assessing cyber risks are not sufficiently sophisticated, leaving them vulnerable to potential threats.

 

 

With an essentially preventive character, the LGPD determines that “the processing agents shall adopt security, technical and administrative measures that are capable of protecting personal data from unauthorized access and accidental or unlawful situations of destruction, loss, modification, communication or any other form of inappropriate or unlawful processing.” (Article 46, LGPD). It is therefore understood the importance of implementing security measures by those responsible for processing personal data. The consequences of underestimating the relevance of these measures can be extremely harmful to a company’s business and can result in financial and reputational losses. The security measures will, above all, help in business continuity, that is, not allow its unplanned interruption or, even, ensure its resumption in a timely manner, if necessary.

 

Finally, it should be noted that those responsible for the processing of personal data undertake to guarantee the information security provided for by the LGPD in relation to personal data, so that if the law is not complied with, such agents are liable to suffer administrative sanctions by the Brazilian National Data Protection Authority (“ANPD”), including a fine of up to 50 million reais.

 

For more information on how to keep your company in compliance with the LGPD, contact Peduti Advogados.

Author: Caroline Muniz, Junior Associate at Peduti Advogados.

Source: Mais da metade das empresas globais enfrentam exposição ao risco cibernético; Why global organisations are struggling to manage cyber risk; Artigo; GDPR.

“If you want to learn more about this topic, contact the author or the managing partner, Dr. Cesar Peduti Filho.”

“Se quiser saber mais sobre este tema, contate o autor ou o Dr. Cesar Peduti Filho.”

Brazilian Congress approves Data Protection Law

On a session held on July, 10th, the Brazilian Congress approved the Project 53/2018, that stablish several rights and regulations regarding the use, and protection, of data. The law is inspired in the earlier versions of the European Union, being, in this sense, a little more lax than the GDPR, however, it represents an important landmark in Brazilian history, since it was a theme without any regulamentation in Brazil.
That being said, several concepts and dispositions of the law are open to different interpretation and could lead to a judicial discussion of those dispositions, nevertheless, the existence of a regulamentation is important to prevent any judicial interference outside of the scope of the legislation, or any instance of judicial activism, which ensures a higher degree of legal certainty.

Lawyer Comment Author: Luciano Del Monaco

Headline: Projeto de lei geral de proteção de dados pessoais é aprovado no Senado

Source (link)

“If you want to learn more about this topic, contact the author or the managing partner, Dr. Cesar Peduti Filho.”

“Se quiser saber mais sobre este tema, contate o autor ou o Dr. Cesar Peduti Filho.”