Inspired by the European regulation’s General Data Protection Regulation (GDPR), Brazil passed a comprehensive data protection legislation in August 2018. This new legislation, the Brazilian General Data Protection Act or Lei Geral de Proteção de Dados (LGPD), will come into effect on August 15, 2020. 

The LGPD applies to individuals and organizations that process personal data of users located in Brazil. This includes any personal data collected in Brazil as well as global organizations providing goods or services in Brazil. Like the GDPR, the LGPD aims to improve the global data management practices that involve the data of users in Brazil.

This means that organizations will be required to implement a new strategic approach to handling the personal data collected in Brazil, adding to the long list of regulatory compliance that organizations must abide by. 

Article 18 of the LGPD lists the nine fundamental rights that data subjects have, including:

• The right to confirmation of the existence of the processing;

• The right to access the data;

• The right to correct incomplete, inaccurate or out-of-date data;

• The right to anonymize, block, or delete unnecessary or excessive data or data that is not being processed in compliance with the LGPD;

• The right to the portability of data to another service or product provider, by means of an express request

• The right to delete personal data processed with the consent of the data subject;

• The right to information about public and private entities with which the controller has shared data;

• The right to information about the possibility of denying consent and the consequences of such denial; and

• The right to revoke consent. 

Fortunately, with Auraya’s voice biometric technology, organizations can implement secure and seamless user identification and verification capabilities while staying compliant with regulatory requirements such as the GDPR and LGPD. Auraya’s voice biometric engine, ArmorVox, and voice biometric extension for Amazon Connect, EVA, enables organizations to verify the identity of their callers by simply using their voice. This replaces outdated and insecure security methods such as PINs and passwords and security questions. This means that users do not need to provide personal information to someone such as an agent to verify their identity.

Auraya’s voice biometric technology allows any collected personally identifiable information to be stored securely and separately from the encrypted biometric voiceprints that are sent to ArmorVox for verification purposes. Auraya’s voice biometric technology can also be easily configured so that organizations can provide users the option to opt out, revoke consent or request to have their voiceprints deleted.

With ArmorVox and EVA, organizations operating or collecting personal data in Brazil can improve the security and user experience of their Brazilian customers whilst staying compliant to the new LGPD.