Argentina is on its way to modernise its data protection law. The President sent the data protection bill to Argentine’s Congress on 19 September. Argentina was declared as ‘adequate’ by the EU Commission under the EU DP Directive 1995, but Argentina’s current data protection law of 2000 is not fully aligned with the EU General Data Protection Regulation (GDPR). ‘The current Bill is 99,9 % GDPR’, says Pablo Palazzi, Partner at law firm Allende & Brea.
The bill defines international transfers of personal data as lawful when, for example:
- there is express consent by the data subject,
- the receiving country provides an adequate level of protection,
- the transfer is necessary for the maintenance or fulfilment of a legal relationship between the data controller and the owner of the data,
- the transfer is necessary under a contract concluded, or legally required for the safeguarding of a public interest, or for the administration of justice.
The bill also recognises contractual clauses, and other binding self-regulatory mechanisms as suitable for transfers.
Click here for the Bill in Spanish.
Read more about developments regarding the Bill in a future issue of Privacy Laws & Business International Report.