INTRODUCTION
International data transfers are currently regulated by frameworks that vary considerably among countries The lack of harmonisation, even between countries that have very considerable exchanges of personal data, has been the cause of intense debate In this matter, however, Brazil emerges as a jurisdiction which has approached the issue of regulating international data transfers in a mostly empirical frame, and references to some resources and instruments found, for example, in European data protection legislation, have been introduced in the country's debates only recently.
THE SITUATION IN BRAZIL AND LATIN AMERICA
International data transfers are not directly addressed in Brazilian legislation In fact, despite some vivid debate that has taken place in Brazil in recent years regarding similar subjects, such as jurisdiction over personal data and data localisation, the first proposition which aimed to focus the discussion in the general terms of international data transfer has been the Data Protection Bill draft ed by the Federal Government and submitted to the National Congress in May 2016.
Brazil does not have a general data protection law as yet, although a rough legal framework for privacy and data protection has developed over recent decades, from constitutional to specific legal measures, based on constitutional grounds, the Consumer Protection Code and other sources, none of them having any particular international transfer provisions The Brazilian Constitution identifies privacy as a fundamental right but does not extend this attribute to data, so it can be said that, besides not having enacted a data protection framework, Brazilian law does not consider data protection a fundamental right However, more recent legislation such as the Internet Civil Rights Framework (Marco Civil da Internet) identifies data protection, along with privacy protection, as two of the core principles of Internet usage.
The international data transfers rules found today in Europe as well as in other countries developed at a time when global data-sharing was noticeably less intense than today Concepts such as cloud computing basically did not exist back then, and furthermore personal data has become more and more an essential component in international commerce.