- Investigation into data use may give insight into parameters of privacy law in Brazil.
- However, suggestions of potential impropriety at the operating business cast a shadow over Vivo attempts to position itself as a data privacy champion.
Brazil’s Ministério Público do Distrito Federal e Territórios (Public Ministry of the Federal District and Territories/MPDFT) filed a civil action against Telefónica|Vivo for alleged misuse of its customers’ personal and geolocation data.
The MPDFT is seeking to prevent Telefónica|Vivo from offering the Midia Geolocalizada (“Geolocated Media”) element of the Vivo Ads mobile advertising platform, and to obtain a court order to oblige the operator to submit a Data Protection Impact Assessment.
The MPDFT launched an investigation into Telefónica|Vivo during April 2019 (Telefónicawatch, #126), after the operating business was alleged to be using the personal data of its 73 million customers for advertising purposes through the Vivo Ads platform. The complaint highlighted that Vivo Ads does not offer customers the option of opting-out of the service, which the authority says can be used to identify, locate, and profile users based on their geolocation data.
Vivo Ads was re-launched and rebranded in May 2016 (Telefónicawatch, #107).
The MPDFT’s lawsuit accuses Vivo of selling its customer data, including browsing history, profile, and geolocation information, which was said to be processed in real-time and used to track user behaviour for direct marketing purposes.
The ministry said it had gained judicial authorisation to share evidence from an investigation into the disgraced and now defunct political consulting firm Cambridge Analytica, including video testimony and emails, which are said to provide more details about the operation of the Vivo Ads platform.
In addition, the MPDFT highlighted that, of Vivo’s customer base of 73 million, 43 million had given consent for the operator to use their registration records, while 26 million had agreed to share their location data. It added that while the operator is providing a public service that is paid for by its customers, it is also selling their personal data.
Vivo reportedly responded by stating that it complies with the law, and has not yet been cited in a lawsuit.
Manifesto put to the test
Telefónica Group has consistently stressed the aggregated and anonymised nature of customer data that it uses in its products and services as it attempts to allay concerns about data use.
It is also attempting to position itself as a trusted gateway between companies and individuals and the sharing of private data, and less than a year ago the Brazilian business issued its own Manifesto for a New Digital Pact intended to put it at the forefront of social policy on data privacy (Telefónicawatch, #130). However, investigations such as the MPDFT’s enquiry clearly represent significant obstacles in achieving this objective and raise questions regarding the effectiveness of the ethics-focused strategy currently championed by Group CEO José-María Álvarez-Pallete, and global public affairs director Eduardo Navarro.