Mattos Filho has established a strong reputation in data protection and cybersecurity in Brazil, offering clients a ‘holistic view‘, with ‘excellent service and quality’. The team covers the gamut of privacy and security matters across a number of industries, including healthcare, insurance, technology, financial services, retail, education and telecoms. While the Brazilian Data Protection Law (LGPD) is key for a lot of clients, the team also advises on regional compliance strategies, undertakes risk assessments, assesses cloud computing issues, and provides counselling on major data incidents and litigation. Within the team, Fabio Ferreira Kujawski is well known for his expertise in the technology space in Brazil, particularly in his transactional and consulting work. Paulo Brancher is also a technology, telecoms and intellectual property expert. Thiago Luís Sombra is also of note within the team, especially in data privacy and cybersecurity matters from a regulatory, liability and contractual perspective and before the courts. The team also boasts strength at the associate level, with Jaqueline Simas de Oliveira praised by clients for her ‘excellent technical knowledge’. Isabela Fernandes is also noted.

Pinheiro Neto Advogados’ cybersecurity and data protection group is a popular choice for multinational and domestic clients in the financial services, healthcare and insurance industries. The full-service firm advises and consults on all manner of aspects related to the LGPD with a multidisciplinary approach. Outside of compliance programmes, the team also advises on increasingly complex cybersecurity challenges, assisting clients in managing risk and data breach remediation actions. In particular, social media clients trust the team to advise them in breakthrough matters, such as open banking technology in Brazil. Litigation is another area in which the team shines, representing companies in a number of high-profile cases involving free speech, privacy, and liability for third-party content and disclosure of user data in the Supreme Federal Court. André Zonaro Giacchetta and José Mauro Decoussau Machado are go-to individuals in the team for litigation matters. Larissa Galimberti is a technology transaction and data protection expert, with extensive experience in structuring new products, services and platforms for e-commerce. Ciro Torres Freitas is also highly specialised within the field, and advises some of the top global technology clients. In broader developments, the firm opened a Tokyo office in 2019, which is a strategic advantage for Asia-based clients.

The cybersecurity and data privacy practice at TozziniFreire Advogados covers contentious and non-contentious data protection issues related to LGPD compliance, data breaches, and administrative and judicial proceedings. The litigation side of the practice regularly handles emblematic issues within the LGDP and internet law space, such as artificial intelligence, and intermediary liability for personal data in instances of illegality online. Marcela Waksman Ejnisman focuses her practice on contracts and advisory work related to data compliance programmes and training. Patricia Helena Marta Martins is a key contact within the team for litigation and administrative proceedings before the courts and regulators. Carla Do Couto Hellu Battilana is also a technology expert, regularly advising on data sharing agreements, data licensing and internal policies for clients. Luiza Sato joined the team from ASBZ Advogados in July 2022, bringing with her expertise across IP, technology and digital law.

Azevedo Sette Advogados’ cybersecurity and data protection practice sits within the firm’s wider TMT practice group. LGDP compliance programmes, impact assessments and data transfer projects are within the team's purview. The team also advises on internet law, assisting in issues involving provider civil liability, net neutrality, and virtual currency and e-payments related to data privacy and cybersecurity. In addition, the practice group has a civil litigation team, which advises Brazilian and foreign clients in judicial and arbitration contexts. Ricardo Barretto Ferreira Da Silva leads the practice and has extensive experience in the areas of IT, internet and TMT. Lorena Pretti Serraglio is also of note within the team, particularly for compliance programmes and digital law.

Clients turn to BFBM – Barroso Fontelles, Barcellos, Mendonça & Associados’ ‘excellent’ privacy and data department for advice on privacy maters, including LGPD compliance, privacy-related class actions, user privacy, and third-party liability related to data. Eduardo Mendonça has over 15 years of experience in constitutional and digital law, and co-leads the practice alongside André Zanatta and Felipe Monnerat, who are both well versed in regulatory matters and litigation, including data breaches.

The cybersecurity and data protection offering at BMA - Barbosa, Müssnich, Aragão is broad based, covering security breaches such as ransomware, LGPD compliance projects, and data transfers. Clients ranging in size from multinationals to start-ups in the financial services and digital media industries turn to the team, which offers a 24/7 hotline available in instances of critical events. Felipe Palhares heads up the practice, advising on personal data processing in cross-border and domestic transactions, data breaches, and new product and service development. Bárbara de Oliveira Iszlaji is another name to note in the team.

Campos Mello Advogados in cooperation with DLA Piper‘s privacy, data protection and cybersecurity practice covers a wide breadth of industries and clients, both domestic and multinational. The team regularly advises clients on LGPD compliance programmes, data transfer agreements, cybersecurity tool development and implementation, and M&A due diligence. Paula Mena Barreto manages the practice and regularly advises clients on privacy policy implementation, as well as data breaches and compliance issues. Also of note within the team are Ana Luisa Bastos Ramos and Vanessa Azambuja, both of whom are well versed in LGPD counselling.

Demarest Advogados’ multidisciplinary data protection, cybersecurity and technology-oriented practice advises domestic and multinational clients within and outside the technology sector on all aspects of privacy, security incident risk management and AI. The team is led by intangibles, technology, internet law and IP expert Tatiana Campello, alongside Eduardo Magrani, who focuses on data protection and AI. The team’s recent instructions include assisting clients to achieve LGDP compliance, and advising on data privacy matters related to M&A. Since research concluded, Magrani has left to become a consultant at CCA Law Firm in Lisbon, Portugal.

Dias Carneiro Advogados regularly advises financial institutions, videogame and e-sports companies, schools and public administration bodies, and AI companies in their day-to-day dealings. In addition, the team also assists clients in their LGPD compliance projects, data transfer negotiations, data breaches and data audits. Vanessa Pareja Lerner leads the practice; she has extensive experience in data collection, use and privacy. Also of note in the team is Guilherme Berti de Campos Guidi, whose practice focuses on technology, personal data protection, security matters, and digital health in the fintech, crypto-economics and education-technology industries. Since publication, Guidi has moved to Freitas Ferraz Advogados - effective as of October 2022.

Lefosse Advogados’ data protection team sits within the firm’s wider technology and IP practice, and advises clients on a day-to-day basis regarding their LGPD and cybersecurity needs. The team works in close proximity with other groups within the firm, including M&A and litigation, pooling expertise where needed by clients. The team is led by Paulo Lilla, who has extensive experience in internet law, digital platforms, IT and technology agreements. Senior associate Carla Segala is another key figure in the practice, also advising on matters related to AI, software, privacy and data protection, and outsourcing.

Madrona Fialho Advogados‘ data protection and cybersecurity practice offers its clients ‘extraordinary dedication’ and ‘innovation’ in advisory work and counselling for LGPD compliance projects. The practice is led by Lucas Spadano, who also heads the firm’s IP and international trade teams; he leverages his expertise in these fields to advise clients in the retail, energy, logistics, healthcare and technology industries. Also of note within the team is senior associate Bernardo Santos, who leads the data protection projects arm of the practice, advising Brazilian and multinational clients on coordinating multi-jurisdictional projects.

The data protection and cybersecurity offering at Mundie e Advogados sits within the firm’s wider regulatory and competition group. The team has extensive expertise in advising telecoms providers, FTA broadcasters, pay-TV providers, satellite operators and major international media conglomerates on issues related to LGPD compliance and data breaches. In addition, the team draws on expertise from the firm’s corporate and M&A, private equity and labour practices when advising clients. Elinor Cotait, Beatriz Faustino França, Enrico Romanielo and Ana Claudia Beppu jointly lead the department. Since publication, the entire team left to Veirano Advogados – effective as of January 2023.