Data, Public Sector and Data Protection – Brazilian DPA Training

The Brazilian public administration structure is based on the idea of maintaining a high-quality public service for its citizens. This role is primarily described in the constitution and by administrative law regulations. The execution of public interest has been enhanced through digitalization, which simplifies access to and the provision of public services. Initiatives such as Meu SUS Digital (digital public health services) and the Celular Seguro program (public security program for cellphones) already indicate the importance of using personal data to simplify public services in the areas of security and public health.

In an increasingly data-driven world, information about citizens is an opportunity to improve the efficiency of public services and enhance public policies. With the enactment of the Lei Geral de Proteção de Dados (LGPD) (General Data Protection Law) , there is now a greater opportunity to optimize and increase the efficiency of public resources. This is because the law describes the requirements and procedures through which the public sector can leverage personal data it collects.

For example, in 2022, the Instituto Nacional de Estudos e Pesquisas Educacionais Anísio Teixeira (INEP) (institution responsible for public educational research) determined that the publication of data from the Censo Escolar (data about schools) and ENEM (National College Exam) could endanger thousands of children and adolescents. As a result, it removed the data from public access. After a compliance procedure conducted in conjunction with the Autoridade Nacional de Proteção de Dados (ANPD), the information was made available again with several adjustments.

In addition to protecting students, the new form of data publication by INEP focuses on providing specific information for researchers in the field. This small change represents an important step in how personal information can improve public services without compromising citizens.

This is the kind of transformation that Data Privacy Brasil aims to promote. With its history of action and learning, Data is in a prime position to address the opportunities and challenges of implementing data protection in the public sector. All of this is done through technically qualified debates. Our achievements in recent years reflect this commitment.

In 2024 alone, we conducted a series of specialized courses, training over 150 students and providing more than 300 hours of education on topics such as data protection, information security, and artificial intelligence. 

• Training for the National Data Protection Authority

One of the main training sessions held was the training course for the Brazilian National Data Protection Authority (ANPD) which took place in the first half of 2024. The course aimed to provide comprehensive training on the topic of data protection.

During this occasion, we conducted classes for approximately 100 staff members over two months, including directors of the authority, coordinators of technical areas, and technical-administrative staff. This allowed us to engage with a group of professionals with basic, intermediate, and advanced levels of data protection knowledge.

In a 70-hour training program, we covered all aspects of data protection and explored frontier discussions on the subject. The course was divided into three main topics with the following classes:

Module 1: Data Protection – Fundamental Concepts

• Data protection in the online environment
• Legitimate interest
• Other legal bases
• Data Protection in the Public Sector
• Data subject rights and Consumer Relations
• Sensitive data
• Data protection for children and adolescents
• Civil liability and data processing agents
• Information security
• Data Protection Impact Assessment and Risk

Module 2: Data Protection – Advanced Concepts and Intersections

• International Data Transfers
• Accountability, from theory to practice
• International trends – relevant cases
• Data Protection and regulation of new technologies – Artificial Intelligence Regulation
• Data Protection and regulation of new technologies – Platform Regulation

Module 3: Data Protection and Marketing

• Data Protection and Marketing: Context and Fundamental Elements
• Advertising Ecosystem: Future Trends and Pathways
• Strategic Management at the Intersection of Marketing and Data Protection

More than understanding the law, we focused on developing the ability to think deeply about data protection with the Brazilian National Data Protection Authority (ANPD). For this reason, we tailored several of the classes to meet the needs of the Authority in monitoring and overseeing data processing activities at the national level, contextualizing different topics based on the national scenario.

As part of our practice of assessing the performance of our courses, we always collect feedback from our students. During the ANPD training course, we received excellent approval from the public officials, achieving an NPS score of 75.8.

Review from our students:

“In the Data Privacy course, I had an experience marked by qualified debates with the necessary legal and methodological rigor. The instructors’ approach, in understanding and addressing the numerous questions, was fundamental to the success of the course. This process not only resolved issues but also encouraged the pursuit of answers to unresolved questions, allowing for the sharing of different perspectives in favor of building knowledge that is constantly evolving.”

“The service at Data is excellent, and the course covered the topic well.”

“The classes were outstanding: very didactic; knowledge was built gradually; the bibliographic references were very useful, and the instructors were highly approachable.”