The National Data Protection Authority (ANPD) approved, on October 8, 2022, its regulatory agenda for the biennium 2023/2024. The schedule foresees 20 actions to be initiated, structured in four phases:

  • 1st Phase:

    Actions toward completing the processes already started by 2021-2022, including sanctioning matters, data owners’ rights, incident communication, international data transfer, and Personal Data Protection Impact Report (RIPD).

  • 2nd Phase:

    With processes expected to start within a year, it contemplates actions aimed at the treatment of the data sharing by public authorities, the treatment of personal data of children and adolescents, the regulation of criteria for recognition and disclosure of rules of good practice and governance, and the Guidelines for the National Policy on the Protection of Personal Data and Privacy.

  • 3rd Phase:

    Actions expected to begin in up to a year and a half, with particular attention to Artificial Intelligence, Biometric Data Collection, and Minimum Technical Standards of Security.

  • 4th Phase:

    Actions expected to start within two years, aiming at the definition of rules for Conduct Adjustment Terms (TAC) with the ANPD.

To access the full regulatory agenda, click HERE.

❮ Back to the newsletter LGDP Express 01/23