Insights

  • Home
  • Insights
  • Brazil Amps Up Enforcement of Data Protection Law

Share

BrazilAmpsUpEnforcementofDataProtectionLaw

Brazil Amps Up Enforcement of Data Protection Law

September 2024 White Paper

Actions in the last six months of the Brazilian National Data Protection Authority ("ANPD") suggest that it intends to aggressively enforce the Brazilian Data Protection Law ("LGPD"). The LGPD applies to any entity that processes personal data of individuals in Brazil regardless of whether the entity has operations in the country. Such entities must, therefore, actively implement data privacy compliance policies.  

Notable recent actions taken by the ANPD include: (i) promulgation of a regulation on the appointment of a data protection officer ("DPO") by data controllers, detailing a DPO's roles and responsibilities under the LGPD; (ii) enjoining the use by Meta Platforms Inc. of personal data from social media platforms for training artificial intelligence systems; (iii) promulgation of a regulation requiring disclosure of security incidents to affected individuals and the ANPD and a related order requiring public disclosure of data breaches by the National Social Security Institute; and (iv) promulgation of a regulation on international transfer of personal data, under the LGPD, and standard contractual clauses that can be implemented in connection with such transfers.

Read the White Paper.

Insights by Jones Day should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without the prior written consent of the Firm, to be given or withheld at our discretion. To request permission to reprint or reuse any of our Insights, please use our “Contact Us” form, which can be found on our website at www.jonesday.com. This Insight is not intended to create, and neither publication nor receipt of it constitutes, an attorney-client relationship. The views set forth herein are the personal views of the authors and do not necessarily reflect those of the Firm.
You May Also Be Interested In

August 2024 Newsletters

EU Geopolitical Risk Update - Key Policy & Regulatory Developments No. 116

September 2024 Alert

New FAA Regulations Target Cybersecurity Vulnerabilities in Aircraft Design

June 2024 Newsletters

EU Emergency Response Update – Key Policy & Regulatory Developments No. 115

July 2024 Alert

U.S. District Court Invalidates HHS Guidance Overreading HIPAA's Application to Online Technologies

Before sending, please note:

Information on www.jonesday.com is for general use and is not legal advice. The mailing of this email is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.