Latin America

Subscribe to Latin America

The General Data Protection Regulation (GDPR) has prompted a series of legislative proposals in Latin American countries to update data protection regulations, many of which reflect the higher standards of the GDPR. With a large number of European and U.S. companies operating in the region, we look at some of the latest developments below.

Argentina

Argentina was the first Latin American country to implement data protection laws and the first non-European country to be recognised by the European Commission as having adequate levels of data protection. The need to revisit the current legislation is a result of technological advances and the changed international landscape with the introduction of the GDPR since the Argentinian Personal Data Protection Act 2000 came into force.

Argentina’s new draft data protection bill proposes further changes to bring the country’s data protection law in line with the GDPR. The bill acknowledges the right to be forgotten and the right to data portability. Other changes include stricter provisions in the area of cross-border transfers to countries with inadequate levels of data protection, new legal bases for data processing other than data subject consent, including legitimate interests, and new definitions of biometric and genetic data.Continue Reading Latin America to bolster data protection in a legal overhaul

The six executive committee members of the Ibero-American Data Protection Network (Network) attended the First Latin American Congress on Data Protection. The Network brings together 22 Data Protection Authorities (DPAs) from Spain, Portugal, Mexico, and a number of countries in Central and South America and the Caribbean. During the 10 years of its existence, the

This post was written by Cynthia O’Donoghue.

Costa Rica’s 2011 data protection law came into force March 5, 2013, and Peru’s laws took effect April 22, 30 days after it published regulations. While this imposes new obligations on businesses operating or looking to do business in these countries, as with other data protection laws

MEXICO: New Privacy Notice Guidelines were introduced April 17, 2013, specifying the format and contents of privacy notices required for the direct or automated collection of personal data.

The Guidelines seek to enable data subjects to make free and informed choices, by ensuring that they are given information and an opportunity to consent and