In May 2018, the General Data Protection Regulation (GDPR) entered into force in the European Union. As is widely recognized, its impact goes beyond the borders of the old continent, permeating through the regulatory processes of countries all over the world. Nowhere is this more evident than in Latin America, where governments have long emulated European data protection standards. Professor Anu Bradford has famously characterized this phenomenon as a prominent example of ‘the Brussels Effect,’ defined as Europe’s unilateral power to regulate global markets. Other scholars see a more complex dynamic at play. This is especially true in the data privacy context in which the EU has benefited from a highly transplantable legal model and normative innovations that have proved successful in a global marketplace of ideas. This Article joins the debate around the EU’s transnational influence on the regulation of personal data by evaluating the de jure impact that the GDPR has had in Latin America to date. To this end, the Article addresses three main questions. First, what is the panorama of data privacy legislation across Latin America since the 2016 adoption of the GDPR? Second, how have those countries in the region that have moved first to reform or enact data privacy legislation in light of the GDPR’s key innovations done so? And finally, what lessons can be learned from the Latin American experience based on the responses to these questions? In responding, the Article looks first at which countries in the region have introduced or proposed changes to their legislation in the wake of the GDPR’s enactment in 2016. It then evaluates the experience of key jurisdictions in greater detail, namely Brazil, Mexico, Chile and Uruguay, to determine what lessons can be drawn from their efforts. By pursuing these inquiries, the authors shed new light on the debate surrounding the nature of the de jure dimension of ‘the Brussels Effect’ in the region.