Data privacy laws have become more prominent in recent years. As the amount of personal information available online has grown substantially, there has been an enhanced focus on the processing of personal data, as well as the enforcement of such laws.
The General Data Privacy Law (LGPD) (13,709/2018), which went into effect August 2020, modified the Internet Law and is Brazil’s first official data privacy framework. The LGPD impacts personal data processing in Brazil and shares some similarities to the European Union’s General Data Protection Regulation.
In addition to the LGPD, Brazil has other rules and laws relating to employee data privacy, including the:
The Brazilian Consumer Protection Code (8078/1990), the Law on Public and Private Archives, the Bank Secrecy Act (Complementary Law 105/2001) and the Civil Code (10,406/2002) also include references to privacy and data protection.
_____________________________________
The national data protection authority (ANPD), which became operationally effective in 2021, is responsible for enforcing data protection regulations and laws in Brazil.