CIPL Publishes Paper Highlighting the Need for a Brazilian Data Protection Authority

2 Minute Read

April 24, 2020

Categories: Centre for Information Policy Leadership, International

On April 16, 2020, the Centre for Information Policy Leadership (“CIPL”), in collaboration with the Centro de Estudos de Direito, Internet e Sociedade of Instituto Brasiliense de Direito Público (“CEDIS-IDP”), published a White Paper (the “White Paper”) on the Role of the Brazilian Data Protection Authority (“ANPD”) under Brazil’s New Data Protection Law (“LGPD”). The White Paper is accompanied by two infographics: 1) the priorities of the Agência Nacional de Proteção de Dados, and 2) the case for an effective Brazil DPA - the ANPD.

The White Paper highlights the need for the Brazilian government to establish the ANPD immediately, regardless of the applicability date of the LGPD. It also outlines and describes what should be the ANPD’s priorities once it is established, in order for it to make the best possible use of its initial resources, and have the most effective results in protecting Brazilians’ personal data and ensuring the success of the LGPD. According to the White Paper, the ANPD’s priorities should be:

Preparing the National Policy for the Protection of Personal Data and Privacy;
Recognizing good practices and best-in-class examples of accountable privacy programs;
Establishing rules, procedures and guidance for organizations as required by the LGPD;
Clarifying LGPD provisions;
Encouraging the adoption of industry technical standards and providing technical standards to organizations;
Enabling international transfers of personal data;
Raising awareness of data protection, and educating individuals and organizations; and
Preparing to take enforcement measures.

The White Paper is part of a wider project by CIPL and CEDIS-IDP on effective implementation and regulation under the LGPD. The main goal of this project is to foster smart thinking and discussion around data protection in Brazil, while promoting information sharing, industry best practices and effective regulation, and facilitating consistent LGPD implementation.

Read the White Paper on the the Role of the Brazilian Data Protection Authority under Brazil’s LGPD. A Portuguese version of this White Paper is also available.

Tags: Brazil, Data Protection Authority, Data Transfer, Personal Data

You May Also Be Interested In

3 Minute Read

March 30, 2026

Connecticut AG Clarifies AI Compliance Obligations Under CTDPA

The Connecticut Attorney General recently issued a legal memorandum regarding the application of existing Connecticut laws, such as the Connecticut Data Privacy Act, to the use of artificial intelligence.

2 Minute Read

February 23, 2026

Data Protection Authorities Globally Highlight Privacy Issues in AI Image Generation

On February 23, 2026, a Joint Statement on AI-Generated Imagery was published by 61 data protection authorities. The Joint Statement addresses concerns regarding AI systems capable of generating realistic images and videos depicting identifiable individuals without their knowledge or consent.

6 Minute Read

February 20, 2026

NetChoice Files Suit Challenging South Carolina Age-Appropriate Code Design

On February 9, 2026, trade association NetChoice filed a lawsuit challenging South Carolina’s newly passed Age-Appropriate Code Design (“SC AACD”) on First and Fourteenth Amendment grounds. The SC AACD was signed into law on February 5, 2026, making South Carolina the fifth U.S. state to enact such a law, following California, Maryland, Nebraska and Vermont.

2 Minute Read

February 12, 2026

Congress Extends Cybersecurity Information Sharing Act of 2015 through September 2026

Congress has extended the Cybersecurity Information Sharing Act of 2015 through September 30, 2026 as part of the Consolidated Appropriations Act, a government funding package enacted in early February 2026.

Privacy & Cybersecurity Law Blog

You May Also Be Interested In

Search

Recent Posts

Categories

Tags

Archives