No, sharing passwords in Brazil violates the Marco Civil da Internet (Law No. 12.965/2014) and the General Data Protection Law (LGPD, Law No. 13.709/2018), exposing parties to civil and criminal liability under Articles 154-A of the Penal Code. The Agência Nacional de Telecomunicações (Anatel) and Autoridade Nacional de Proteção de Dados (ANPD) enforce these rules, with 2026 audits targeting unauthorized access cases.
Key Regulations for Sharing Passwords in Brazil
- Marco Civil da Internet (2014): Prohibits unauthorized access to digital accounts under Article 21, classifying password sharing as a breach of net neutrality principles and user privacy rights.
- LGPD (2018): Mandates strict confidentiality of personal data (Article 6), requiring explicit consent for any access delegation; non-compliance risks fines up to 2% of global revenue.
- Penal Code (Article 154-A): Criminalizes password sharing as invasion of electronic device, punishable by 3 months to 1 year imprisonment or fines, particularly if data misuse occurs.
Corporate policies must align with ANPD’s 2025 guidelines, which emphasize data minimization and access logging. Exceptions exist for legitimate interest (e.g., IT support with documented authorization), but these require prior written consent and audit trails. Failure to comply may trigger ANPD investigations, as seen in 2024’s Operação Senha crackdown on corporate credential leaks.