Brazil appoints its DPA board



Professor Danilo Doneda, a lawyer at Brazil’s Public Law Institute, reports that on 15 October the five members of the board of directors of the ANPD, Brazil’s Data Protection Authority (DPA), were at last nominated by the President of Republic.

On Monday 19 October, these five directors addressed a hearing at the Federal Senate. Their nomination was approved by the Senate with no further questions by the Senators. It is a very fast track procedure, rather unusual by Brazilian standards, which was mostly due to the specific procedures being followed by Congress during the pandemic.

The ANPD’s directors are:

  1. Waldemar Gonçalves Ortunho Junior (Director-President, 6-year term) is an electronics engineer (Military Engineering Institute) and is the President of Telebrás, a Brazilian state-owned telecommunications company.
  2. Arthur Pereira Sabbat (5-year term), is the Director, the information security department at the Institutional Security Cabinet (GSI) of the Presidency of Republic. GSI is the body responsible for the intelligence service.
  3. Joacil Basílio Rael (4-year term), a computer science engineer (Military Engineering Institute, 1988) and Bachelor in Military Sciences (1978); PhD in Computer Systems (UnB, 2001). He is currently assistant to the Telebrás executive directors
  4. Nairane Farias Rabelo Leitão (3-year term), lawyer, Partner at the Serur Law Firm.
  5. Miriam Wimmer (2-year term), Director of Telecommunication Services at the Ministry of Communications. PhD in communication (UnB), Master in public law (UERJ). Professor at IDP. She is a public official as well as an academic and is extremely competent and respected in the field.

Of the five directors, three have a military background and connections. If confirmed, that makes for a quite unusual board of directors in a DPA, maybe similar only to Russia’s Roscomnadzor, the Federal Service for Supervision of Communications, Information Technology and Mass Media.

No prior activity or experience related to data protection can be identified regarding Joacil Basílio Rael nor from the Director-President, Waldemar Gonçalves Ortunho Junior.

Arthur Pereira Sabbat has been present in some debates in the last two years, since his name emerged as one of the possible directors. Nevertheless, his experience is basically information security-centric.

Nairane Farias Rebelo Leitão has recently attended some data protection courses but her name was virtually unknown to professionals, official or academics before her nomination. The only director who can claim strong professional and academic data protection records is Miriam Wimmer who has the shortest term.

The 19 October Senate hearing was merely formal and data protection issues were hardly mentioned. Most of the directors’ speeches and statements centred on the technical computer and information security aspects of what they presume will be their job. The notable exception was Miriam Wimmer, who demonstrated that she is fully prepared for her new responsibilities.