The case of the data leak of Facebook’s platform, in the episode with the company Cambridge Analytica, with global impact in several countries, including Brazil, poses interesting questions in the context of comparative law, from an economic (the company’s economic value), political (elections), and legal (applicable regulation) perspective, examined below.

From an economic perspective, there is the impact on Facebook’s market value, which lost billions of dollars (through the devaluation of their shares) due to the illegal capture of data from users and non-users of the internet application. This fact also reflects on their business model, as well as the privacy policy and the degree to which the platform is open to application developers (Apps). In other words, the access to personal data on the Facebook platform by third-party companies that collect data through internet applications.

In the electoral realm, the case is related to the influence of Facebook’s digital platform on the elections in several countries, especially in the United States. The core issue is the possibility of manipulating public opinion, as well as the electorate’s vote, through social media campaign’s, including by spreading fake news. Thus, the matter is directly related to the risks of democracy, through campaigns to mislead the public’s opinion, as well as taking the truth out of context.

From a legal perspective, the case has implications on the regulatory model most appropriate to internet applications, such as Facebook, which is controlled by a technology company. The discussion revolves around the extent of state regulation, along with self-regulatory measures by the internet application provider itself.
Another legal aspect relates to the domestic laws of each country, examined below. In particular, the sectoral regulatory model for internet applications, as well as self-regulatory measures.

Thus, it is important to consider the greater context of the current regulations around the world on the protection of personal data, as well as the right of access to personal information by national authorities and foreign governments, in the cases allowed by law.

In February 2018, the United States passed the Cloud Act, which holds rules for the use of data collected overseas.

The United Kingdom, in its turn, passed the Data Protection Bill in January past, which legislates on the protection of personal data, with rules on the international transfer of data to other countries, as well as rules on data access by intelligence services.

This upcoming May, in the European Union, the Regulation of the European Parliament and Council on the protection of people and treatment of personal data will come into effect.

In Brazil, the Public Prosecutor’s Office of the Federal District has opened an investigation to verify if the personal data of Brazilians was unduly captured in the Facebook and Cambridge Analytica episode.

Brazil, however, unlike other countries, does not have a specific law on the protection of personal data; there is not even an agency to regulate this matter.

We will now examine the Facebook case (illegal collection of personal data), as well as it repercussion in different countries.

Artigo publicado no portal jurídico Migalhas Internacional em 11/04/2018.
Acesso ao artigo, clique aqui.