On April 3, 2020, the Brazilian Senate approved Bill of Law (“PL 1179/2020”), which includes a number of emergency measures intended to address the COVID-19 pandemic. Importantly, one provision delays the effective date of the Brazilian Data Protection Law (Lei Geral de Proteção de Dados Pessoais, “LGPD”) until January 2021. Fines and sanctions for companies that fail to comply with the LGPD are now scheduled to become effective August 2021.

PL 1179/2020 indicated that the law would be postponed “so as not to burden companies in the face of enormous technical economic difficulties arising from the pandemic.” As we previously reported, the LGPD is a comprehensive data protection law that contains a number of detailed rules regarding the collection, use, processing and storage of personal data, both electronic and physical.