Maria Victoria Mota on Brazil’s AI Legislation [Podcast]


By Adam Turteltaub

While many of the world’s governments are struggling to determine what to do about AI, Brazil already has a track history in this area. As Maria Victoria Mota, Corporate Attorney at Viapol (a subsidiary of RPM), explains in this podcast, the roots of government action in Brazil go back to 2018 with data protection regulations that are similar to the European General Data Protection Regulation (GDPR).

This initial legislation was followed by a second in 2020 created to develop the rules of how the government, companies and individuals may use AI. It was followed by more legislation, most recently in 2023.

The latest came after a committee of jurists was created to help frame the bill. Working with scientists and experts in technology, they examined how AI should be used and AI laws of 31 different countries. The goal was to creation legislation specific for the needs of Brazil.

Privacy is a central pillar of the bill, which is also based in human rights and sound data protection practices. It is designed to ensure accountability, and organizations seeking to comply need to follow eight steps, Maria explains:

  1. Create a multidisciplinary work group.
  2. Empower the group with knowledge so they can bring learning to company.
  3. Map AI in the company.  Understand what departments are using it and how much.
  4. Create a policy and procedures around AI and document them.
  5. Train employees on the policies and procedures created so they can understand how important they are.
  6. Apply the policy and procedures.
  7. Stay current with changing laws and regulations.
  8. Audit compliance regularly

Listen in to learn more about both Brazilian AI law and what makes for effective internal controls around the use of AI.