Thiago Sombra
Brazil
  • PositionPartner
  • FirmMattos Filho
  • Age37
Abstract Shape Background
Thiago Sombra

Thiago Sombra

Brazil
  • Position: Partner
  • Firm: Mattos Filho
  • Age: 37

Professional history

I was a state attorney at the General Attorney’s Office for 10 years, and in 2016 decided to leave the office to open my data protection and anti-corruption law firm. In 2017, I joined Mattos Filho as a data protection, cybersecurity and anti-corruption partner.

What do you do?

My activities are concentrated in tech regulation, data protection and cybersecurity. In our practice, our main advice relates to the struggles that clients face with regulators when introducing a new technology, or when they need advice concerning how to comply with data protection regulation or fulfil specific requirements under a law enforcement authority.

What drew you to your area of practice?

Innovation and the desire to work in a field that is always changing drew me career to data protection and tech regulation.

Influences and mentors?

The most insightful influences were [Hogan Lovells London partner] Eduardo Ustaran and my data protection law professor at the London School of Economics, Andrew Murray. Both are genuinely talented professionals who helped create a data protection culture and interest in many countries.

Advice for young lawyers?

You must be disciplined in what you do, and always be ahead of the information and trends.

If you hadn’t been a lawyer...

Mechanical engineer.

What’s everyone talking about?

In Brazil, the data protection bill under Congressional analysis is the hot topic of the moment, since it is about to be voted. [Brazil’s congress passed the legislation in July 2018. Brazil’s president Michel Temer signed most of the bill into law in August.]

What will data lawyers be advising on in 10 years?

In 10 years from now, lawyers will be focused on the internet of things, and how AI will be regulated by specific bodies.

Most significant current trend in your jurisdiction?

The impact of the GDPR on Brazilian companies, and how they will implement tools to allow cross-border data transfers. Data breaches in the financial industry are also a very relevant matter at the moment, since Brazil’s Central Bank has issued a resolution focusing on cybersecurity.