On the 10th of July, 2018, the Brazilian Senate approved the country’s first ever Data Protection Law. Both the name of the LGPD and its content are inspired by the European Data Protection Law (GDPR), which came into force on May 25, 2018.
The new Bill, which has been in the works for 8 years now and amassed almost over 2500 contributions, is awaiting to be sanctioned by President Michel Temer. It provides that ‘the LGPD will have transversal, multisectoral application to all sectors of the economy, both public and private, online and offline. With few exceptions, any practice that process personal data will be subject to the law’. Moreover, any foreign company that has at least a branch in Brazil or offers services to the Brazilian market and collects and treat personal data of data subjects located in the country, will be subject to the new law. Furthermore, “any company that gathers and processes personal data obtained by electronic or physical means, will require the consent of the owner of such information”. Once the Bill is sanctioned, companies will have 18 months to comply with the new law.
In today’s data-driven world, it has become imperative, almost a duty, to protect consumers both online and offline. As advocates of the GDPR and of complete transparency as well as the respect for privacy, we’re overjoyed that Brazil has made moves to bring data protection in the spotlight. In addition, the LGPD can be interpreted as a competitive advantage; in a time of uncertainty and data breaching scandals, adhering to clear, transparent, unifying rules can restore and maybe even increase consumer confidence on the marketplace.
While the LGPD may not be as precise or sophisticated as the GDPR, it marks a huge step in the right direction for the country and we look forward to the Bill to come into effect.
You can find more on the Bill here.
If you have any queries please contact firstname.lastname@example.org