On May 19th the Brazilian Senate approved the anticipation of the validity of the General Data Protection Law (LGPD) from May 2021 to August 2020. The vote took place within the scope of Bill 1.179/20, which deals with specific legal arrangements during the Covid-19 pandemic period.
On April 29th the federal government had postponed the LGPD until May 2021 – as stated in Provisional Measure 959. The anticipation of the law for this year is due to a highlight by Senator Weverton Rocha (PDT-MA) and becomes part of the final version of Bill 1.179/2020, submitted to the sanction of President Jair Bolsonaro. The text, however, provides that the fines for those who break the rules will only start to be applied in August 2021. “The non-application of sanctions does not replace the necessary predictability of citizens and companies about rules, especially in a fundamental theme at a time when our data flows with even greater speed”, comments Cláudio Barbosa, co-coordinator of ABPI’s Software, Computing and Internet Study Committee.
“This movement generates uncertainty about the term”, comments Dirceu Santa Rosa, co-coordinator of ABPI’s Software, Computing and Internet Study Committee. After all, the extension of the LGPD (General Data Protection Law) to May 3rd, 2021 remains in force only because of MP (Provisional Measure) 959/2020 and is therefore temporary and pending the approval of the same MP in the plenary sessions of the Chamber of Deputies and the Senate. If MP 959/2020 is rejected, loses effectiveness, or if articles related to the extension of the LGPD are vetoed from the text by Congress, the current wording of the LGPD will be valid and effective on August 15th, according to Bill 1179/2020.
The LGPD regulates the personal data protection and privacy policy, modifies some of the articles in the ‘Marco Civil da Internet’ (Brazilian Civil Rights Framework for the Internet), and establishes new milestones for the way companies and public agencies treat the privacy and security of user and customer information.
