GENERAL LAW ON PROTECTION OF PERSONAL DATA

Lei Geral de Proteção de Dados Pessoais

Start date :2020
End date :
Name of responsible governmental body :
  • Federal Government of Brazil (;Governo Federal do Brasil)
Description :
  • The Brazilian data protection law includes information on the protection of personal data as well as a section on database ownership and database rights.
Brazil flag
Objectives:
  • To unify the over 40 different statutes that currently govern personal data, both online and offline, by replacing certain regulations and supplementing others.
OECD AI principle adressed:
  • Human-centred values and fairness
  • Transparency and explainability
  • Robustness, security and safety
  • Accountability
Relevant policy area covered:
  • Public governance
Related to a theme:
Direct beneficiaries:
Estimated budget expenditure (range per year):
  • Not applicable
Background including shifts in the policy initiative:
  • The General Law on Protection of Personal Data (Law n. 13,709, of August 14, 2018) regulates the treatment of personal data by natural person or corporation, both public and private, including but not restricted to digital data. Its objective is to protect the fundamental rights of freedom and privacy and the unbound development of the natural person's own personality.

    In order to apply the law and protect fundamental rights related to personal data, LGPD creates the National Data Protection Authority (Autoridade Nacional de Proteção de Dados - ANDP), as established by the Decree n. 10,474 of August 26, 2020.

    Originally, LGDP would come into force on February 2020. However, under provision by the Provisional Measure 869 (Medida Provisórira 869 - a presidencial bylaw effective immediately and then subject to Congressional scrutiny), on December 27, 2018, LGPD would come into effect on August 2020. On April 3, 2020, the Senate approved a bill with several measures relative to the COVID-19 pandemic, including a specific ruling for the LGPD coming into force on January 2021.
Policy initiative is a structural reform:
  • Yes
Evaluated:
  • No
Link to evaluation or reports:
  • N.A
Public access URL:
  • N.A
Funding from the private sector:
  • No
Type of evaluation:
  • N.A
Evaluation provides input to:
  • N.A
Evaluation performed by:
  • N.A
Policy instruments :

Emerging AI-related regulation

  • Type : Emerging AI-related regulation
  • Name in English :
  • Country : Brazil
  • Role of government : Risk mitigation (e.g. consumer and social protection)
  • Challenge(s) addressed : Data protection and right to privacy
  • Type(s) of regulation : Formal domestic law or regulation
  • Regulatory approach : Technology-based regulation (e.g. moratoria, bans, standards of use)
  • Level of governance : National
  • Approach to monitor compliance : The regulator develops and maintains technologies for data collection, transmission and/or analytics to monitor compliance
Last updated : Sep 6, 2022
OECD and European Commission Logo