Since its popularization in the 1990s, the Internet has been contributing to the Globalization process. The shortening of distances between people around the world meant that not only did communication become infinitely more dynamic, transcending the barriers that previously made it impossible to instantaneously exchange information internationally, but also that companies that do not actually have physical units established in a country could start to provide services to that country.
These companies offer services that, as a rule, do not require interaction between employees and customers at any time. Services are contracted through membership contracts, and there is no need to repair the products that are offered in any way – as these are not tangible.
Application providers – as these companies have been called – have been the subject of countless discussions in the legal environment for some years. There was no consensus among Law enforcers on how to deal with this new reality.
One of the points of greatest friction in the discussions was the one regarding the application of Brazilian laws to the application providers – there were, basically, two argumentative currents. The first one claimed that it was impossible to apply our laws in cases involving application providers. According to those who supported this thesis, because they were based in third countries, it was impossible to enforce Brazilian Law for these companies, since they were already subject to another legal system that, like ours, is sovereign within the territory of the country in question, and is composed of its own rules. Another problem would be the implementation of national Law applied abroad, since it would not be possible for the Brazilian authorities to adopt coercive measures in relation to an application provider located in another country.
On the other hand, there was also the ideological current according to which an application provider that offered its services in the national territory, regardless of whether it was based in a different country, and regardless of whether or not it had branches in Brazil, should conform to our Law, since acting here is a voluntary choice made by companies, and they should obey the regulations of the places where they carry out their activities. In addition, proponents of this thesis also argued that, if domestic Law was not valid for such application providers, there would be complete impunity for such companies within our country, and it would not be possible to hold them accountable for any emerging situations, something obviously dangerous.
In the midst of all this discussion, we went through a time when judicial decisions favorable to both understandings were applied in Brazil, which resulted in legal uncertainty – always a bad trait for any legal system, as we all know.
In the year 2014, however, the definitive text of the Brazilian Internet Bill of Rights was approved. Among other provisions, referring to the most diverse topics that concern the Internet, the Internet Bill of Rights has tried to regulate the performance of application providers in our country. In this case, the second mentioned understanding was adopted, and, therefore, said Law, in its article 11, states that:
“Article 11. In any operation of collection, storage, custody and treatment of records, personal data or communications by connection providers and Internet applications in which at least one of these acts occurs in the national territory, Brazilian Law must be observed, as well as rights to privacy, to the protection of personal data and to the confidentiality of private communications and registrations.
- 1. The provisions of the caput apply to the data collected in the national territory and to the content of the communications, provided that at least one of the terminals is located in Brazil.
- 2. The provisions of the caput apply even if the activities are performed by a legal entity headquartered abroad, provided that it offers service to the Brazilian public or at least one member of the same economic group has an establishment in Brazil.
- 3. Internet connection and application providers must provide, in accordance with the regulations, information that allows verification of compliance with Brazilian legislation regarding data collection, storage, storage or processing, as well as respect for privacy and the secrecy of communications.
- 4. Decree shall regulate the procedure for determining violations of the provisions of this article.”
This understanding of our legislators seems to have been right. After all, the non-applicability of the Brazilian laws to international companies that act here not only seems illogical from the country’s management point of view, but would also generate a disparity of treatment between the latter and the application providers that have their headquarters in Brazil.
Despite the aforementioned legal determination, there are still allegations by Internet application providers that it is not possible to comply with our laws, precisely because of this element of internationality in the provision of services. This is even alleged by companies that have branches in our country, such as Facebook and Google, for example, who argue that certain data, because is stored on servers located in other countries, and under the tutelage of other companies – even if they are members of the same economic group – can not be supplied or submitted to the other judicial orders of our law enforcers. An example of this is the Interlocutory Appeal 2090657-54.2017.8.26.0000 of the Court of Justice of the State of São Paulo, in which Google Brasil claims that the responsibility for the subject of the lawsuit is entitled to Google Inc., based in Germany, which would make the Brazilian jurisdiction inapt for the case.
However, since the entry into force of the Internet Bill of Rights, a jurisprudential tendency of compliance with the legal determination of Art. 11 seems to have been consolidated, that is, judicial decisions favorable to the applicability of our laws to foreign application providers have arisen in numbers in comparison to those who decide otherwise. This is what can be seen in the decision of the case cited as an example above, in which Google Brasil’s claim was dismissed, and it was determined that the company should collaborate with the Brazilian courts.
In this way, it can be seen that the Internet Bill of Rights fulfilled the important function of remedying the legal gap that existed in our Legislation regarding the possibility of civil liability of foreign companies that provide some kind of online service to the Brazilian public. As a consequence, greater legal certainty can be expected from judicial decisions regarding this matter, with the reduction of uncertainty regarding the probable outcome of such claims. There are those who disagree with the consolidated position in the Internet Bill of Rights, for thinking that the ideal would be not to apply Brazilian laws to Internet application providers, but, regardless of this, it may be considered that the mere existence of a legal mechanism regarding this issue already represents a considerable advance for our legal system, in which, at least, there will be less inconsistency in jurisprudence on this matter.