Elections 2022: how to protect yourself from data leakage and what does the law say? | TC detective

We are one month away from the first round of Elections 2022, and one of the concerns related to the sector encompasses the leakage of voter data in this period close to the election.

Therefore, with the arrival of the most important electoral moment, one of the important points is the attention and care to preserve your sensitive information and your personal data. Detective TC details the topic below.

During this electoral period, there are several personal data that can be exposed. Among them are name, profile and voter registration. A number of other details about you, considered sensitive and of an exhaustive role, are vulnerable and can pose risks to rights and freedom – such as when it comes to your opinion or political affiliation.

According to the digital security specialist and managing partner of Athena Security, Thiago Vieira, great attention must be paid when providing your data, especially in applications and platforms.

“Understanding the need for collection and the purpose of the treatment are fundamental points, in addition to the care in the use of applications and platforms. Reading the privacy notices may provide information necessary for the holder to be aware of the security of their data.”

Thiago Vieira

Digital security specialist and managing partner at Athena Security

Care related to data handling is also relevant for political parties, coalitions and candidates. And this applies, in particular, to the exchange of messages on social networks and application groups.

If cybercriminals have access to personal data of candidates or parties, this information can be used to cause some type of discrimination – something with the potential to affect beyond the election itself.

Vieira emphasizes the importance of adopting good practices for data protection, in addition to the need to comply with legislation through rules for organizations that collect and share this information – whether in the physical or virtual environment.

“Data security laws work by defining a rule for organizations that collect, store and share personal data in physical and digital media, imposing the need to apply security, technical and organizational measures, able to protect data from possible violations.”

The General Data Protection Law (LGPD) – which governs the rules for data processing by the various institutions in the country – establishes a series of punishments if its rules are violated.

If the processing agents make any kind of misuse, the affected holder may file an administrative proceeding. The result consists of a simple fine of up to 2% of the organization’s revenue, or a daily fine with a limit of R$50 million.

In addition to the financial part, the penalties also include sanctions such as blocking, deletion and suspension of the database.

Civil Rights Framework for the Internet

Thiago Vieira adds that not only the LGPD, but also the Marco Civil da Internet can be used to apply sanctions. These range from a fine of up to 10% of the economic group’s revenue, to temporary suspension or definitive ban on the exercise of activities.

At this point, the National Data Protection Authority (ANPD) is responsible for ensuring and inspecting whether the legislation has been applied correctly. However, the agency may work with other entities to raise awareness of companies.

“We can consider the Civil Rights Framework for the Internet as a trigger for data security, which gained even more strength with the General Data Protection Law, bringing more specific guidelines, fostering a culture of privacy and data protection.”

It is important to reinforce some precautions to not have your data leaked during the election – as well as other periods. Among them is not passing your data on to strangers; not enter details on platforms other than the official TSE platforms, such as e-Título; and avoid entering sensitive information into conversations via messaging apps or social networks.

Have you been the victim of some kind of data leak during this election period? Report your experience to us!