Brazil Update: Senate approves President-appointed ANPD Board of Directors

Since 18 September 2020, the main provisions of the Brazilian Data Protection Law “LGPD” are in effect. At the same time, Brazilian businesses have been facing legal uncertainty because Brazil’s national Data Protection Authority (“ANPD”) is still not fully functional (we reported). The ANPD shall provide businesses with vital guidance, inter alia, by assessing foreign countries’ level of data protection for international data transfers, Art. 34 LGPD.

On 15 October 2020, the President of Brazil appointed the five members for the ANPD Board of Directors. Following the formal approval process of President appointees in Brazil (“Sabatina”), the Infrastructure and Services Commission of Brazil’s Senate approved of the President’s appointees on 19 October 2020.

Finally, on 20 October 2020, the Senate’s plenary approved of the five appointees. This marks another major step in the ANPD becoming fully operational. The serving terms of the Board of Directors will be staggered:

• Serving a six-year term: Waldemar Ortunho, current president of Telebras, a state-owned telecommunications company
• Serving a five-year term: Arthur Pereira Sabbat, currently the Director of the Institutional Security Office (GSI) for the Government’s cybersecurity
• Serving a four-year term: Joacil Basilio Rael, currently advisor at Telebras
• Serving a three-year term: Nairane Farias Rabelo, currently Partner at a law firm specialized in Tax Law and Data Protection Law
• Serving a two-year term: Miriam Wimmer, currently a Director of Telecommunications Services at the Brazilian Ministry of Science, Technology, Innovation and Communications

However, Annex II to the Presidential Decree 10.474 establishing the ANPD sets forth that many more yet vacant positions of the ANPD will have to be filled before it may be fully functional. Until then, Brazilian businesses remain waiting on guidance from the ANPD.