The recent resignation of Tallis Gomes from the position of CEO of G4 Educação, announced on Saturday night (21), brought to light a series of discussions about the use of the General Data Protection Law (LGPD) as a tool for the 'cancellation' of companies. Gomes's decision to leave the position is seen as an attempt to end one of the most controversial cases of statements with serious repercussions in recent times. However, the incident may have triggered an important reflection on the organizations' ability to handle an avalanche of requests related to LGPD compliance.
The alert arose after the backlash to the controversial phrase "God forbid me from women CEOs," attributed to Gomes. In response, tutorials began circulating on LinkedIn teaching users how to request the deletion of their data from G4 Educação's databases, using the rights guaranteed by the LGPD. This movement highlighted companies' preparedness to respond to a large volume of data deletion requests.
Bruna Fabiane da Silva, partner of DeServ Academy and one of the 50 Best Women in Cybersecurity in the Americas by WOMCY (LATAM Women in Cybersecurity), highlighted that, although it is not a data breach incident, the use of the LGPD to 'cancel' companies could become a new trend. "This situation serves as a warning for many businesses, especially those that are more exposed on the internet or that handle large volumes of data. If they do not have an effective governance program or adequate privacy teams, they may face serious problems," he said.
The specialist explained that data subjects can request confirmation of the existence of data processing, ask for updates or corrections to information, among other demands. If a company is not well prepared, it may not be able to respond adequately to these requests.
“For a company to be able to handle a large volume of requests and meet the rights of data subjects as determined by the LGPD, the entire privacy governance and compliance process must be well structured. Are the companies’ DPOs prepared for this? Are the privacy teams ready? And is data privacy governance effective enough to respond to all these individuals in an assertive and timely manner?”, asked Bruna Fabiane da Silva.
Tallis Gomes' resignation and the subsequent discussion about the use of the LGPD to 'cancel' companies highlight the importance of adequate preparation to deal with privacy and data protection demands, ensuring that organizations are compliant with the legislation and ready to face unexpected challenges.
