Brooklyn Journal of International Law

First Page



In the wake of the adoption of the European Union’s General Data Protection Regulation (GDPR) in May 2018, other countries and jurisdictions have contemplated personal data privacy legislation. In August 2018, the former president of Brazil, Michel Temer, signed the country’s comprehensive data privacy regulation, Lei Geral de Proteção de Dados Pessoais (LGPD), into law. Temer, however, vetoed many of the enforcement provisions. Shortly before leaving office, Temer signed an executive order creating a regulatory agency as the bill initially called for, but situated the agency under executive control instead of creating a wholly independent agency. This Note provides a brief history of the evolution of data privacy protections in both the European Union and Brazil and compares the GDPR and LGPD. This Note argues that the agency created by Temer is not enough to insure compliance with Brazil’s new law and proposes adoption of the GDPR’s enforcement mechanisms to compel compliance in Brazil.