In Episode 2 of Lewis Silkin's International Privacy Series, Bryony Long is joined by Vanessa Ribeiro (Gusmão & Labrunie) to unpack what UK and EU businesses really need to know about data protection in Brazil before launching in one of Latin America's most dynamic digital markets.
They cover:
- GDPR familiarity, with a Brazilian twist. Brazil's LGPD shares much of the GDPR's DNA but goes further in places with ten processing principles, a broader set of legal bases, tighter 15-day deadlines for data subject access requests, and wider DPO obligations.
- Big moves on transfers and children's data. The new EU–Brazil mutual adequacy decision creates the world's largest area of free data flows (over 670 million people) though UK businesses are not covered. Meanwhile, the landmark Digital ECA introduces some of the world's most comprehensive online child protection rules.
- An increasingly assertive regulator. The ANPD is now a fully autonomous federal agency taking action against major tech players, with children's data and AI-driven processing firmly in its enforcement sights.
Listen now for practical insight on bridging the gap between GDPR readiness and genuine Brazilian compliance, and don't forget to subscribe for the next instalment in our International Privacy Series.
