The General Data Protection Regulation (GDPR) has prompted a series of legislative proposals in Latin American countries to update data protection regulations, many of which reflect the higher standards of the GDPR. With a large number of European and U.S. companies operating in the region, we look at some of the latest developments below.
Argentina was the first Latin American country to implement data protection laws and the first non-European country to be recognised by the European Commission as having adequate levels of data protection. The need to revisit the current legislation is a result of technological advances and the changed international landscape with the introduction of the GDPR since the Argentinian Personal Data Protection Act 2000 came into force.
Argentina’s new draft data protection bill proposes further changes to bring the country’s data protection law in line with the GDPR. The bill acknowledges the right to be forgotten and the right to data portability. Other changes include stricter provisions in the area of cross-border transfers to countries with inadequate levels of data protection, new legal bases for data processing other than data subject consent, including legitimate interests, and new definitions of biometric and genetic data.