By: Leonardo Neri

As is well known, the General Data Protection Law (“LGPD”) was introduced in 2018, with the purpose of protecting the fundamental rights of freedom and privacy, with the aim of safeguarding the personality of each individual.

However, considering that this is a very recent and new issue for society, many companies were not complying with or seeking to comply with the rules. Therefore, administrative sanctions began to be applied in 2021, as provided for in Chapter VIII of Law 13,709/2018, forcing companies to comply with the rules, given that fines of up to R$50 (fifty) million could be applied.

In view of this, it is clear that many began to research more about the LGPD, in an attempt to avoid violating the aforementioned rule, so that the issue began to be heavily discussed, mainly in the judicial sphere, since the case law is still clearly sparse on the subject, given that it is a completely new subject in society.

It is worth noting that the number of court decisions addressing the LGPD has practically tripled compared to last year. It is worth noting that one of the most frequently addressed issues is related to civil liability for security incidents and data leaks, digital evidence and geolocation, review of automated data processing, among other points.

Thus, it is noted that the areas that have most encompassed the LGPD are related to consumer law, civil law and labor law. Legal actions on the subject are concentrated mostly in the Courts of Justice of the States of São Paulo, Bahia, Rio Grande do Sul and the Federal District.

In view of this, it is clear that the LGPD will be increasingly on the agenda in the judicial sphere, so that it can establish a settled case law on each topic that is being addressed. For more information on the topic, as well as on compliance with the LGPD, contact the partner responsible for the data protection team, Leonardo Neri.

With the collaboration of Barbara Gomes