After a number of postponements and many discussions about further delay, the Brazilian Lei Geral de Protecção de Dados Pessoais (General Data Protection Law, LGPD) is on the verge of entering into force. In a surprise move, the Brazilian Senate on Wednesday 26 August decided not to agree to a further postponement, but to let the law enter into application immediately. Enforcement of the law will start in August 2021.
While waiting for the official start sign of the law, this seems to be the right moment to take another look at what the LGPD requires from organizations doing business in Brazil. When looking at the new Brazilian law, it is immediately clear that there is a fair amount of overlap between the LGPD and the GDPR. This is no surprise - the LGPD is an omnibus data protection law as well, modeled after the GDPR. It explicitly recognises that data protection is linked to the respect for privacy, to informed self-determination and human rights, but also to free enterprise and free competition.
Listen to this on-demand webinar to learn about LGPD requirements and what is required from organizations doing business in Brazil.
