Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Brazil’s new General Data Protection Law
Journal of Data Protection & Privacy,
2
(2),
107-115
(2018)
Abstract
In July 2018, the Brazilian Federal Senate approved a Data Protection Bill of Law (the ‘Bill’). The Bill is inspired by the EU General Data Protection Regulation (‘GDPR’). While the costs of compliance with the GDPR are high, the benefits are extensive, including for Brazilians. The text guarantees greater control by the citizens of their personal information, while linking to Article 5 of the Brazilian constitution and requires explicit consent for the collection and use of data, both by the public power and private initiative, and requires the offer of options for the user to view, correct and delete this data. This paper discusses the immense amount of work to be done before the Bill, which takes effect in early 2020, and constitutes a bold move into the realms of data protection for a country wishing to compete in the modern world. Work, such as the setting up of a regulatory body and the production of guidance documents to ensure the Brazilian judicial system can understand them, is essential if the Bill is to be effective.
Keywords: Brazil; new data protection legislation
The full article is available to subscribers to the journal.
Author's Biography
Steve Wilkinson is a DPO EMEA and APAC for Thomson Reuters and an associate lecturer for both the General Data Protection Regulation (GDPR) and leadership programmes at Henley Business School. He has over 20 years’ industry experience and has applied a risk-based approach to data security systems coupled with a deep data privacy knowledge. Since 2013, Steve has helped bring privacy awareness into the 21st century. Steve worked on the draft Data Protection Act 2018 providing suggested amendments to governmental policy makers.
