Brazilian general data protection act
: consolidation of a global privacy protection standard

  • Estêvão Nascimento Orcini (Student)

Student thesis: Master's Thesis


Since the European Union has enacted the Regulation No. 679/2016, the GDPR, the debate over data protection have been acquiring enormous relevance and is currently on the global agenda from east to west. The compilation of individuals’ information is far from being new and it has been practiced for some decades, even for-profit purposes. The GDPR is not the first law framework committed to look after data protection either. Yet it seems that only in the last five years the debate reached other states than the ones hosting the giant tech companies’headquarters, like US and a few European countries, and a new era has been emerging for personal data protection. Besides, the discussion nowadays developed beyond the privacy and transparency debate, being rather focused on deeper issues, such as the maintenance flow of innovation and the not so hard to imagine ending of the liberal democracy at least as we know it today. To deal with this new panorama, many governments are creating or amending their country regulations. Among the ten wealthiest economies worldwide, only China have not published a binding data protection draft bill, at the same time as Brazil is the last country to regulate data protection by means of a single comprehensive. Supposed to be enacted alongside with the Brazilian Civil Framework of the Internet in 2014, Brazil postponed its General Data Protection Act up till August 14th, 2018, when Law No. 13.709/2018 was finally approved. This new law, which will come into effect on August 2020, already represents a radical change in the way such matter is treated in Brazil, yet, on a first glance, it seems it does not innovate much and gives a sign of consolidation of what has been considered the global privacy protection standards. The purpose of this paper is to verify whether and to what degree the Brazilian General Data Protection Act follows the matrix of the main lawmakers worldwide, those who have influence power, namely, the GDPR, current considered the most relevant personal data protection law in force, and the US correlated law. This analysis will be conducted through a closer look to the main concepts and values that permeate the most relevant discussions and by performing comparison between the main aspects considered in both the EU and US approach,to finally dwell on the most important points of the Brazilian law.
Date of Award29 Mar 2021
Original languageEnglish
Awarding Institution
  • Universidade Católica Portuguesa
SupervisorPedro Garcia Marques (Supervisor)


  • Data privacy
  • Transnational data protection
  • GDPR
  • LGPD


  • Mestrado em Direito Transnacional

Cite this