The CPC grants the possibility of disclosure of specific documents, provided that the party requesting disclosure produces evidence of its right to do so. However, the opposing party may argue that the document is confidential and may refuse to present it before court, as provided by Article 404, IV, of the CPC. See Section IV.
On 14 August 2018, the then President Michel Temer enacted the Brazilian General Data Protection Law (LGPD), Law No. 13,709 of 2018, which is very similar to the European Union General Data Protection Regulation. Following the 18 months of vacatio legis, the LGPD will become effective in February 2020.
As a result of the LGPD provisions concerning the collection, use, processing and storage of personal data, companies will have to revisit their policies to ensure that employees are aware that information contained in corporate devices is subject to internal monitoring. Consequently, the use of personal devices for the exchange of corporate emails or business communications should be prohibited.
As a result, information governance programmes will have to be revisited in view of the LGPD; a well-maintained programme and a retention policy are key tools for companies to ensure preservation of ESI.