THE LEGAL NATURE OF CORPORATE LIABILITY FOR SECURITY FAILURES IN THE PROTECTION OF PERSONAL DATA: AN ANALYSIS IN LIGHT OF THE GENERAL DATA PROTECTION LAW (LGPD)

Abstract

This final course project aims to analyze the responsibility of companies for security failures in the protection of personal data, based on the General Data Protection Law (LGPD). The methodology employed consisted of bibliographic and documentary research, exploring the relevant legislation, case studies of data breaches, and Brazilian jurisprudence. The justification for this study lies in the growing importance of data protection in a scenario of increasing cybercrime and the need to understand the implications of the LGPD for companies and consumers. The research results indicate that the LGPD establishes clear accountability mechanisms, requiring companies to implement security and transparency measures in data processing.The discussion points out that the LGPD directly impacts public trust and business success, making data protection a competitive differentiator. The Brazilian judiciary, although in a consolidation phase, has sought to hold data processing agents accountable for security incidents, with jurisprudence evolving to define the contours of civil liability in this context.