A historic ruling of the Brazilian Supreme Court from May 07, 2020 describes the right to data protection as an autonomous right stemming from the Brazilian Constitution. By a significant majority, 10 votes to 1, the Court halted the effectiveness of the Presidential Executive Order (MP[1] 954/2020) that mandated telecom companies to share subscribers’ data (e.g., name, telephone number, address) of more than 200 hundred million individuals with the Brazilian Institute of Geography and Statistics (IBGE), the country’s agency responsible for performing census research. More important than the decision itself was its reasoning, which paves the way for recognizing the protection of personal data as a fundamental right, independent of the right to privacy, that already receives such recognition, in a similar fashion to the Charter of Fundamental Rights of the European Union. This article summarizes the main findings of the ruling. First, (1) it will provide background on the role of the Brazilian Supreme Court and the legal effects of the ruling. It will then look into (2) the facts of the case, (3) the main findings of the Court, to conclude with (4) an analysis of what comes next for the Brazilian data protection and privacy law. The role of the Supreme Court and its rulings in the Brazilian legal systemOne particular type of proceeding, known as Direct Action of Unconstitutionality (ADI), can be filed directly to the Supreme Court without the need to be discussed on lower-level courts or any other court in cases in which laws or norms directly violate the constitution. Rulings from this particular type of proceedings have nationwide binding effects for all entities of the three branches of the government and for private organizations. This was the type of proceeding filed at STF to discuss data protection as an autonomous fundamental right. Its ruling, therefore, will have overall binding effects. Facts of the case and proceedingsThe trial in front of the eleven Justices started on May 6, with the participation of the parties’ lawyers and of amici curiae, including Data Privacy Brasil. The organisation filed an amicus brief and it was represented for the oral statement by its Director Bruno Ricardo Bioni (a co-author of this article), who spoke at length about the singular position of the right to protection of personal data, its status as an autonomous fundamental right, the many vices of the executive order and the current data protection landscape in Brazil, including the fact that the Brazilian General Data Protection Law (LGPD) is still in vacatio legis. He also reminded the Court that the national data protection authority, which will provide guidance and enforcement, is yet to be established. The English translation of the oral statement is available online. Main findings of the CourtOn top of that there are superior courts also with specific scope, such as specific violations of federal laws.