The Brazilian General Data Protection Law (the “LGPD”—Lei Geral de Proteção de Dados) came into effect in September 2020. Given the LGPD’s relatively recent adoption, there has been uncertainty surrounding how public authorities and courts in Brazil will interpret and apply the law. On February 27, 2023, the Brazilian national data protection authority (the “ANPD” Autoridade Nacional de Proteção de Dados) addressed some of this uncertainty when it issued sanctioning guidelines for the LGPD (the “Sanctioning Guidelines”). The Sanctioning Guidelines offer insight into the types of sanctions companies may face and the factors the ANDP will consider when imposing such sanctions.
Continue Reading Recent Developments In Data Privacy Enforcement In Brazil And A Comparison With The U.S. Regime