The proliferation of data protection regulations around the region, including most recently in Brazil, demonstrate that Latin America is keen to take a firm stance when it comes to regulating data usage – but enforcement to date has been more patchy. How should companies approach a realistic risk-based approach to compliance within that reality? Moreover, while there are significant opportunities for data-savvy businesses in the digital economy in Latin America – where internet usage is large and where the cultural approach to personal data is quite open – however, navigating the regulatory and enforcement landscape to make sure you can maximise those opportunities is a challenge.
Latin Lawyer, LACCA and Global Data Review are launching a major new event for Latin America examining the emerging framework of data laws, encompassing data protection, cybersecurity, and more, to help companies and their counsel maximise value from their data assets while complying with the law.
8.30: Welcome coffee and registration
9.00: Chairs’ opening remarks
9.15: Privacy in Latin America: from evolution to harmonisation?
As more countries around the region introduce or strengthen data privacy regulations, what trends can be seen across Latin America? Are legislative developments bringing us towards greater harmonisation, or divergence? Which international regulatory models are more influential in Latin America, and how does that help to future-proof compliance?
10.30: Coffee break
11.00: Presentation – digital transformation: a practical guide
11.30: Buying and selling data as an asset
Doing meaningful due diligence on the datasets within a target company has become essential within any M&A; but increasingly, the ability of those data assets to affect the valuation of a deal, and indeed become part of the rationale for the transaction, is becoming more common. What issues do companies and their counsel need to be aware of in deals, and how can lawyers help to ensure that businesses extract maximum value from their data assets before, during and after an M&A?
12.45: Networking Lunch
14.00: Keynote address
14.30: Understanding risk and requirements in data security
As Latin American nations lean towards a data breach ‘notification to authority’ model, how should companies around the region manage their data security compliance programmes to both ensure readiness for notification and to be able to demonstrate compliance if needed? What breach trends are we seeing in the region, which can inform and update compliance programmes? How much can any one compliance programme or security system protect a company, and how should CPOs and their counsel get comfortable with that?
15.45: Coffee break
16.15: The direction of travel in enforcement priorities
While in the EU, attention-grabbing fines have started to appear under the GDPR, enforcement levels in Latin America are still comparatively nascent. Can that last, and if so, for how long? Where will regulators – particularly new ones – focus to achieve the greatest value for their enforcement efforts? And how do major cases elsewhere, such as at the FTC, drive enforcement trends in the region?
17.30: Chairs’ closing remarks
17.45: All attendees are invited to attend a drinks reception kindly hosted by Pinheiro Neto