Insights from the ANPD's new technical note on automated decisions

On 15 May, Brazil's data protection authority, Autoridade Nacional de Proteção de Dados, published Technical Note No. 12/2025, summarizing the results of a public call for contributions on the use of artificial intelligence and automated decision-making.

The document supports ongoing regulatory efforts under the ANPD's 2025–26 Regulatory Agenda and reflects the growing impact of algorithmic systems on data protection and individual rights in Brazil.

At the heart of this discussion is Article 20 of Brazil's General Data Protection Law, which guarantees individuals the right to request a review of decisions made solely through automated processing of personal data. While this right is already in force, its implementation in real-world AI scenarios remains unclear. The technical note helps move the conversation forward, offering insights into how this right might be interpreted and applied as AI technologies evolve.

The document draws from 124 contributions submitted by companies, civil society organizations, academic experts and public institutions. A shared concern is that automated decisions — especially those involving credit, employment or digital profiling — can have serious implications for individual autonomy, equality and privacy.

In this context, many contributors emphasized the importance of transparency, human oversight and algorithmic explainability. Human review, when required, should be meaningful, not merely symbolic, they noted. Several responses pointed out that a person must be able to actually understand and, if necessary, reverse the logic of the automated decision.