What do you do?
I help companies leverage privacy and data protection as a competitive advantage and face privacy laws, such as the LGPD and the GDPR, as opportunities – not problems. It is all about creating real value to organisations on their approach towards compliance with data protection regulations.
I always wanted to work with something that had a global impact, and there is hardly an area of law as international as data protection. On a daily basis, I have the opportunity to assist international clients that have to deal with several different privacy laws at the same time, and this challenge moves me.
What’s keeping you busy?
Data breaches. Recently we have been engaged by a number of clients facing difficult situations involving security incidents throughout the world.
What mentors or other influential figures have helped you get where you are today?
I owe a great debt of gratitude to Robert Bond (Bristows), Paula Barrett (Eversheds Sutherland), and Ruth Boardman and Gabriel Voisin (Bird & Bird). They have extended me many opportunities for which I will always be grateful. And I could not forget Ira Rubinstein, who was my professor of Information Privacy Law during my LLM at NYU. Finally, I would like to pay tribute to [former Covington & Burling privacy head] Kurt Wimmer, who sadly passed away recently. Kurt was a brilliant privacy professional and a kind and generous person who was always available to help and to give advice to others. A truly inspirational leader. He will be deeply missed.
If you could change one data-related law, how and why would you change it?
The LGPD requires a lot of changes in my view (or at least further regulations). Things like the 15-days deadline to respond to data subjects’ access requests and the obligation of every data controller to appoint a DPO regardless of any criteria should be reviewed.
How has covid-19 affected what you do?
It has made data protection even more important for a lot of companies. The sudden need to move the workplace to our homes raised concerns regarding how to better protect the data that companies process, and how to ensure information security from home offices. Over the last year, there has been a surge of data protection work due to this new challenging scenario.
What’s the next big thing – what data opportunities are companies now looking at?
IOT, artificial intelligence and autonomous vehicles technology are some of the things that companies are strongly looking at right now that have intrinsic connections with data processing.
What’s keeping companies worried at the moment?
Compliance with the LGPD has been a daunting task. The law became effective last year and many companies are still struggling to align their practices with the LGPD. International data transfers is one of the topics that carry relevant risks at this time considering the lack of any adequacy decisions from the Brazilian National Data Protection Authority so far.
What do you do to relax?
I enjoy playing guitar, cooking and spending time with my family.