Description: Data are the most valuable asset in the world and the BRICS (Brazil, Russia, India, China and South Africa) are home to more than 40% of the world’s population and almost 40% of existing Internet users, who are data producers, innovators and consumers. In terms of data value generation, the BRICS represent an incredibly thriving emerging market and this is one of the main reasons why BRICS are developing or enacting data protection frameworks that will soon affect the 3.2 billion individuals living in the BRICS as well as on the rest of the world’s population. This proposal refers to the attitudes of BRICS countries for the regulation and governance of the Internet from the perspective of data protection. The goal of this workshop is to explore the most recent evolutions in terms of data protection in the BRICS and the impact such policy and institutional (r)evolutions are going to deploy on a global scale. Although little attention has been given by the international community, BRICS countries have undergone extraordinary policy and institutional changes with regard to data governance in the past couple of years. This session will analyse the advancements and challenges regarding how BRICS consider value generation and taxation with regard to personal data as well as the data protection frameworks that all BRICS countries have recently adopted or are elaborating. Particularly, panellists will discuss the relevant changes brought by: The approval of a new "General Data Protection Law" and the upcoming establishment of a new Data Protection Authority, in Brazil; The enactment of data protection and data localisation provisions, with particular regard to the new Internet Sovereignty law, in Russia; The recognition of privacy as a fundamental right by the Indian Supreme Court and the current elaboration of a new Indian Data Protection Law; The adoption of a Data Protection Standard and consultation process on the new “Internet Personal Information Security Protection Guidelines”, in China; The upcoming enactment of the "Protection of Personal Information Act", in South Africa This session will discuss recently enacted and upcoming regulatory provisions and institutional frameworks, as well as their elaboration process and the impact such national legislation is likely to deploy on a global level. Furthermore, panellists will scrutinise elements of convergence and divergence with other established data protection frameworks such as the European one and will focus on how existing frameworks consider the value of personal data. The workshop will have the following agenda 1. Theme introduction and session opening (Luca Belli, FGV) 2. Data Protection debate in Brazil (Achilles Zaluar, Brazilian Ministry of Foreign Affairs) 3. Data Protection debate in Russia (Andrey Shcherbovich, Higher School of Economics, Moscow) 4. Data Protection debate in India (Anja Kovacs, Internet Democracy project) 5. First round of questions and remarks from participants 7. Data Protection debate in China (Min Jiang, UNC Charlotte) 8. Data Protection debate in South Africa (Dirk del Martino, Naspers Group) 9. Comparison with the European framework (Sophie Kwasny, Council of Europe) 10. Questions and Answers Session.
Expected Outcomes: The workshop aims at putting forward concrete proposals aimed at enhancing compatibility of BRICS country national frameworks with regard to data protection. Such proposals will be enshrined into concrete policy messages to be included in the workshop reports. To support the policy messages discussed by stakeholders, before the workshop the results of the CyberBRICS project with regard to the protection of the personal data in the BRICS countries will be shared with the workshop panellists. The CyberBRICS project aims at mapping existing regulations, identifying best practices and developing policy suggestions regarding personal data protection and cybersecurity governance in the BRICS. The findings of the project - which is currently ongoing - will be used to support the workshop debates.