Therefore, there is also great concern about the misuse of data
Posted: Thu Feb 20, 2025 5:42 am
However, in general terms, there are no clear standards for data protection and security, or even for the minimum security requirements that a private or public organization must follow to use its facial database. For those in favor of regulation, it is necessary to establish limits regarding the monitoring of individuals and even the identification of their consumption habits.
Although the General Data Protection Law (LGPD) , in force since 2020, establishes detailed rules for the collection, use, processing and storage of any information related to an identified or identifiable individual – as well as specifications regarding data considered sensitive –, there is still no guidance from the National Data Protection Authority (ANPD) , the body responsible for “monitoring, implementing and monitoring compliance with the LGPD throughout the national territory”, regarding the use of facial recognition technologies based on biometric data.
An example of this can be seen in a case that occurred in 2019, in venezuela mobile database which a large clothing retailer was notified by the Brazilian Institute for Consumer Protection (IDEC) to explain the use of the data that the company was collecting.
In its stores, facial recognition features captured customers' reactions to the items displayed on the racks while sensors identified their preferences in order to create a profile of its visitors. For not having the consent of individuals, the organization was fined by the National Consumer Secretariat (Senacon) for violating the Consumer Defense Code (CDC).
On another occasion, IDEC also filed a lawsuit against the concessionaire of Line 4 of the São Paulo Metro because the company responsible had implemented cameras with facial recognition in interactive doors to identify users' reactions to advertisements, also without the passengers' consent.
Although the General Data Protection Law (LGPD) , in force since 2020, establishes detailed rules for the collection, use, processing and storage of any information related to an identified or identifiable individual – as well as specifications regarding data considered sensitive –, there is still no guidance from the National Data Protection Authority (ANPD) , the body responsible for “monitoring, implementing and monitoring compliance with the LGPD throughout the national territory”, regarding the use of facial recognition technologies based on biometric data.
An example of this can be seen in a case that occurred in 2019, in venezuela mobile database which a large clothing retailer was notified by the Brazilian Institute for Consumer Protection (IDEC) to explain the use of the data that the company was collecting.
In its stores, facial recognition features captured customers' reactions to the items displayed on the racks while sensors identified their preferences in order to create a profile of its visitors. For not having the consent of individuals, the organization was fined by the National Consumer Secretariat (Senacon) for violating the Consumer Defense Code (CDC).
On another occasion, IDEC also filed a lawsuit against the concessionaire of Line 4 of the São Paulo Metro because the company responsible had implemented cameras with facial recognition in interactive doors to identify users' reactions to advertisements, also without the passengers' consent.