August 1, 2021 is the enforcement deadline for Brazil’s new federal data privacy law, Lei Geral de Proteção de Dados (LGPD).
What is the LGPD? Similar to the EU’s General Data Protection Regulation (GDPR), LGPD is designed to protect end-user privacy. The LGPD is the country’s first law providing a comprehensive framework regulating the use and processing of all personal data. Importantly, this privacy law requires organizations to comply with the LGPD when handling personal data within Brazil. The law was originally passed in August of 2018 and went into effect in August of 2020. Though there has been much uncertainty throughout the industry in regards to this topic, LGPD has been heavily influenced by the GDPR. As a result, LGPD will be familiar to those who have previously worked with the GDPR, and as they will be integrated in similar ways.
With an enforcement deadline of August 1, 2021, LGPD compliance is of utmost importance to Smaato and our partners. The Interactive Advertising Bureau (IAB) has not yet provided specific guidance for how to manage consent. Until they do so, Smaato will be relying on our publishers to manage consent in the form of LGPD consent flags.
At Smaato, we process end-user data provided to us by our publishers, giving our publishers the controls to manage consent. To ensure compliance with LGPD, we are requesting additional flags from our publishers in the form of boolean consent, to support compliance with the consent requirements of the LGPD.
For any questions or concerns, please contact your Smaato account manager or send us a note at privacy(at)smaato.com.