CPDP LatAm 2023

Data Governance School LatAm

The Data Governance School LatAm (DGSL) aims at developing a learning platform, facilitating the exchange of best practices regarding the governance of personal data at the Latin American level. The DGSL is an international course developed by the Center for Technology and Society (CTS) at Fundação Getulio Vargas (FGV) Law School, Rio de Janeiro. The DGSL acts as an academic branch of the Computers, Privacy and Data Protection in Latin America (CPDP LatAm) conference, continuously facilitating an exchange of knowledge and ideas between DGSL and CPDP LatAm participants.

The DGSL will take place from 26 to 28 April 2023 at Fundação Getulio Vargas (FGV) Law School, on the picturesque Botafogo bay, in Rio de Janeiro.

The goal of the DGSL is to bring together data protection regulators and other stakeholders for an intensive three-day-long course, where each participant will have a dual role, being both a student and a lecturer. DGSL stakeholders encompass public servants from Latin American Data Protection Authorities, data governance practitioners, governmental and intergovernmental officials, start-up and business representatives, activists, and researchers.


Target audience and grants

The DGSL target audience are individuals who already have a good understanding of data governance issues and are interested in expanding and sharing their knowledge, studying global and Latin American issues related to data governance.

While the aim of this initiative is to discuss the global dimensions of data governance, the DGSL will target especially the Latin American region. Participants will come from Latin American countries and lectures will be taught in Spanish, Portuguese, and English. Simultaneous translation will be available to facilitate interactions between participants.

Each DGSL class will be composed of approximately 35 participants. The DGSL Direction will make its best effort to promote gender, geographical and stakeholder balance when selecting students, to ensure diversity and promote inclusion. To this end, up to fifteen grants will be available.


The DGS will have a tripartite structure. The first module (Day 1) will explore the Latin American data governance frameworks to identify convergence and divergence. In this first module, students will be asked to deliver short presentations of their national frameworks to their fellow participants and will jointly analyse case studies, to foster a mutual understanding of shared issues. This first module will carefully blend theoretical and empirical analyses, to make sure that all participants continuously focus and actively engage in the discussions.

The second module (Day 2) will focus on the most recent data protection evolutions at the regional level, regarding policymaking and technology, and their impact. This module will feature renown experts from academia as well as from technical and business communities. This model will stimulate multidisciplinary and engaging discussions of the identified issues through the analysis of practical experiences. Instances of themes to be explored during lectures, case studies and practical exercises include issues as diverse as the functioning and regulation of Artificial Intelligence (AI) systems; how data transfers are regulated at the Latin American level; the ways in which Application Programming Interfaces (APIs) exchange data; the implementation of Privacy Enhancing Technologies (PETs) to comply with legal requirements of multiple jurisdictions, etc.

The third module (Day 3) will focus on the most recent governance and regulatory evolutions at the global level, and the impact they can have on Latin American countries. Issues will include the analysis of the intersection between data protection and competition law, the convergence between cybersecurity, data protection and cybercrime, the analysis of new data governance models in leading emerging economies (BRICS countries) including the new data governance framework of China and India.

To successfully complete the DGSL and obtain a diploma released by FGV Law School, each student will be required to draft short a paper presenting the national framework of choice utilising the metodology developed by the organisers to contribute to CPDP LatAm and CTS-FGV ongoing reseach on data governance in Latin America. A model structure for student papers will be provided to students to facilitate the draft of their final papers, indicating the required sections (e.g. introduction to the national legal framework, presentation of the national Data Protection Authority, regulation of international data transfers, etc.).

The best papers will be published in volume to be presented in the context of CPDP LatAm. A selection of the best DGSL students will be awarded a travel grant to participate to CPDP LatAm.

Dates and Format

The DSGL will take place in an in-person format and will last a total of three days, from 26 to 28 April. Each student will have one month to deliver the final paper according to the predefined guidelines. The deadline for paper delivery is 30 May 2023. Students will receive a certificate issued by FGV Law School upon completion of the course.


Day 1 (26 April) Participatory overview of LatAm frameworks: understanding commonalities and differences

10:00 – 10:20 Presentation of the Data Governance School LatAm (DGSL)

    • Luca Belli (CTS-FGV)

10:20 – 11:00 Keynote speaker

    • Ana Brian (UN Special Rapporteur)

11:00 – 12:30 Three presentations on LatAm frameworks (30 minutes each).

    • Main features of the regulatory and institutional framework (rights, obligations, structure of the regulator, etc);

    • Presentation of a key case that represents national peculiarities, led by Miriam Wimmer (ANPD).

12:30 – 14:00 lunch and networking

14:00 – 15:30 Three presentations on LatAm frameworks (30 minutes each).

    • Main features of the regulatory and institutional framework (rights, obligations, structure of the regulator, etc);

    • Presentation of a key case that represents national peculiarities, led by Jonathan Mendoza (INAI) (TBC).

15:30 – 16:15 Identifying convergence and divergence: How do Latam frameworks regulate data transfers and automated decision making? Matias Jackson (Universidad de la Republica, Uruguay) (TBC)

16:15 – 16:35: coffee break and networking

16:35 – 18:15 Three presentations on LatAm frameworks (30 minutes each).

    • Main features of the regulatory and institutional framework (rights, obligations, structure of the regulator, etc);

    • Presentation of a key case that represents national peculiarities, led by Gonzalo Sosa (AGESIG).

Day 2 (27 April) Emerging LatAm issues and case studies

10:00 – 11:00 AI Regulation

    • Laura Schertel Mendes (IDP)

11:00 –  11:45 Case study: Algoritmic bias and discrimination

    • Bianca Kremer (IDP and CTS-FGV)

11:45 – 12:30 Case study: How the Facebook API works

    • Rob Sherman (Meta)

12:45 – 14:00 lunch and networking 

14:00 – 15:30 Data transfers in Latin America

    • Pablo Palazzi (CeTyS)

15:30 – 16:30 Case study: Regulatory sandbox in Rio de Janeiro

    • Carina de Castro Quirino (Undersecretary for Regulation and Business Environment, Rio de Janeiro City Hall)

16:30 – 16:50: coffee break and networking

16:50 – 17:50 Case study: How does Mercado Livre deal with multiple-jurisdiction compliance

    • Samantha Oliveira (Mercado Livre)

Day 3 (28 April) Emerging global approaches and solutions

10:00 – 11:15 Data Protection and Competition Law

    • Nicolo Zingales (CTS-FGV)

11:15 – 12:30 Innovative Data Protection practices from the BRICS

    • Luca Belli (CTS-FGV)

12:30 – 14:00 lunch and networking 

14:00 – 15:15 The Indian Model and the Data Empowerment and Protection Architecture

    • Smriti Parsheera (CyberBRICS)

15:15 – 16:15 Data Protection and Cybercrime Convergence

    • Sizwe Snail (Nelson Mandela University & CTS-FGV, Former DPA of South Africa)

16:15 – 16:30: coffee break and networking

16:30 – 17:45: The Chinese Model

    • Wei Wang (CyberBRICS)

17:45 – 18:00: Wrap-up and takeaways

18:00 – 19:30 Cocktail reception