Brazil’s Vivo asked to provide GDPR-inspired processing report

A Brazilian public prosecutor has asked telecoms company Vivo to clarify data protection practices used in its targeted advertising services ahead of national data protection legislation (LGPD) entering into force next year, Global Data Review (GDR) reports.

According to partner Marcela Mattiuzzo, the request’s lack of any reference to legislation is interesting. “The DPIA requirements are very much based on the GDPR, because even though we have a Brazilian version in the LGPD, that it’s not yet enforced – all we currently have is a very broad article [in the LGPD] that just allows the authority to require such reports without going into detail of what the report will consist of”, Marcela told GDR.

VMCA partner also said that this approach was “odd,” particularly given that Brazil’s Congress is currently discussing how former president Michael Temer’s December executive order, which created a specialised data protection authority in a last-minute pivot on policy, will operate in practice.

Read more.