Top-5 operational impacts of Brazil's LGPD

Last Updated: November 2020

This is a five-part series aimed at helping global privacy professionals better understand the operational impacts of Brazil's new General Data Protection Law. The series addresses the LGPD in its current form, taking into account that, once formed, the national data protection authority, the Autoridade Nacional de Proteção de Dados, is authorized under various articles of the law to issue guidance on interpretation and expand upon certain provisions.

Part 1: Processing, rights and DSARs
Published: October 23, 2020
Part one of the series addresses the types of data within the scope of the law, along with data subject rights and processing obligations.

Part 2: Security, secrecy of data, good practice and governance
Published: October 28, 2020
Part two of the series continues by considering the areas of accountability, security, secrecy of data, good practice and governance within the LGPD.

Part 3: International transfers
Published: November 5, 2020
Part three covers the conditions necessary to enable international transfers of personal data, including the mechanisms for such transfers, under the law.

Part 4: DPOs
Published: November 12, 2020
Part four investigates the obligations of personal data processing agents, including data protection officers, controllers and processors.

Part 5: Enforcement mechanisms and sanctions
Published: November 17, 2020
Part five explores the LGPD’s sanctions and enforcement mechanisms, as well as the private right of action and litigation issues within the Brazilian data protection regime more broadly.