According to Art. 1 of Law 10.703, it is the responsibility of prepaid telecommunications service providers operating in the national territory to have an updated register of users. The registration, in addition to the full name and address, must contain, in the case of natural persons, the identity card number or registration number in the registry of the Ministry of Finance.

In February 2025, the Supreme Court ordered the blocking of the social media platform Rumble, citing the platform’s failure to appoint a local representative and its refusal to restrict certain accounts.

Brazil generally prohibits the importation of used consumer goods, including information and communications technology (ICT) products. However, Ordinance No. 23/2011 of the Secretariat of Foreign Trade (SECEX) provides a list of exceptions, covering more than 25 categories of used goods that may be authorised for importation under specific conditions.

According to Arts. 41 and No. 42 of Ordinance 23 of July 2011 of the Secretary of Foreign Trade, the importation of used machinery, equipment, devices, instruments, moulds, and containers are prohibited unless these used goods are not produced in the country or are irreplaceable by other similar products manufactured in the country.

It is reported that the National Telecommunications Agency (Anatel), the executive body tasked with supervising and regulating services within the telecommunications sector, operates independently of the government in its decision‑making processes. Anatel is administratively and financially autonomous and is not hierarchically subordinate to any governmental authority. Its decisions are subject only to judicial review by the national courts.

According to Section 5.3 of Ordinance No. 9/2018, data, metadata, information and knowledge produced or stored by Federal Public Administration (FPA) bodies and its backups shall reside in the Brazilian territory. In addition, Section 5.4 stipulates that the data, metadata, information and knowledge generated or held by a FPA entity or body relating to personal data (relating to intimacy, privacy, honour and image), information with restricted access under current legislation and preparatory documents may be processed in a cloud computing environment at the discretion of the FPA entity or body, taking into account current legislation, but must reside exclusively on Brazilian territory.

Art. 12 of Resolution CMN No. 4.893 and Art. 12 of Resolution BCB No. 85 state that institutions authorised to operate by the Central Bank of Brazil (Banco Central do Brasil, BCB) may contract cloud and data processing services in Brazil or abroad as long as they adopt corporate governance practices proportionate to the service hired and the risks to which they are exposed to, and verify the capability of the potential service to ensure compliance with the current legislation, institution's access to data, the confidentiality and integrity of data, adherence to certification patterns required by the institution, access to auditing reports, provision of information and management resources appropriate to the monitoring of services provided, identification of the institution's customer data and quality of access controls aimed at protecting customers data. In addition, Art. 15 of both Resolutions establishes that the companies should notify BCB of the countries where financial data is processed. Also, Art. 16 of both Resolutions provides that the contracting of data processing, data storage and cloud computing relevant services provided abroad must fulfil the following requisites:
- The existence of an agreement for the exchange of information between the BCB and the supervisory authorities of the countries where the services may be provided;
- The contracting institution must ensure that the provision of the services does not cause damage to its own functioning, neither do they deter the action of the BCB;
- The contracting institution must define, previously to the contracting, the countries and the regions in each country where the services can be provided and the data can be stored, processed and managed;
- The contracting institution must anticipate alternatives for business continuity, either in the case of the impossibility of continuing the contract or terminating it.
The BCB's prior approval must be obtained if the institution retains a cloud service provider in countries where there is no agreement to exchange information between the BCB and the competent authorities. The institutions must request such approval from the BCB at least 60 days before retaining the cloud services in question.

Under Art. 33 of the General Personal Data Protection Law (LGPD), the international transfer of personal data is permitted only in specific situations: when directed to countries or international organisations recognised as providing an adequate level of protection; where the controller demonstrates compliance with LGPD principles through safeguards such as standard contractual clauses (SCCs), binding corporate rules (BCRs), or approved codes of conduct; when required for international legal cooperation between public authorities; to protect the life or physical integrity of the data subject or a third party; when authorised by the National Data Protection Authority (ANPD); when arising from international cooperation agreements; when necessary for implementing public policies or fulfilling legal mandates of public administration; when the data subject provides explicit and informed consent, clearly distinguished from other purposes; when required to comply with legal or regulatory obligations; when necessary for the performance of a contract or pre-contractual measures requested by the data subject; or when essential for the exercise of rights in judicial, administrative, or arbitral proceedings.
Resolution No. 19/2024 of the ANPD governs transfers based on adequacy decisions and appropriate safeguards. The ANPD may designate jurisdictions as adequate following an assessment of their legal frameworks, enforcement mechanisms, and redress options. The Resolution introduces ANPD-approved SCCs, which must be adopted without modification, and permits BCRs for intra-group transfers subject to prior approval. In exceptional cases where SCCs cannot be applied, controllers may seek ANPD authorisation for specific contractual clauses, provided these ensure an equivalent level of protection.

It is reported that data from the National Institute of Industrial Property (INPI) indicate that the average patent examination backlog is approximately 4.3 years, while certain sectors, including the telecommunications industry, experience average delays approaching six years. These delays are particularly significant given that Art. 40 of the Law on Industrial Property stipulates that an invention patent remains in force for a period of twenty years counted from the filing date, meaning that prolonged examination can markedly reduce the effective period of exclusive protection available to applicants.

Brazil is a party to the Patent Cooperation Treaty (PCT).

Brazil has a copyright regime under Law 9.610. However, the exceptions do not follow the fair use or fair dealing model, therefore limiting the lawful use of copyrighted works by third parties. Sections 46-48 list the exceptions, which include: the reproduction of news or informative articles published in newspapers or periodicals, mentioning the author's name; speeches delivered at public meetings of any nature; portraits, or any other form of representation of the image, made on commission, when made by the owner of the object ordered, without opposition from the person represented in them or his/her heirs; among others.

It is reported that piracy of copyrighted material continues to pose a significant barrier to the adoption of legitimate content distribution channels, with stakeholders noting persistent levels of infringement facilitated through illicit streaming devices (ISDs) and unlawful Internet Protocol television (IPTV) applications.

Brazil has not adopted the World Intellectual Property Organization (WIPO) Copyright Treaty.

Brazil has not adopted the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.

Law 9.279 provides a framework for effective protection of trade secrets. Art. 195 (XI, XII, and XIV) of the Law protects confidential, classified or undisclosed information. In addition, Art. 206 safeguards industrial secrets revealed in the context of judicial proceedings by ensuring special confidentiality.