Argentina

Summary

Law: Personal Data Protection Act, Act No. 25.326 of 2000 (only available in Spanish here) (the Act) and Decree No. 1558/2001 Regulating Law No. 25.326 (only available in Spanish here) (the Decree), amended by Decree No. 1160/10 (only available in Spanish here)

Regulator: Argentinian data protection authority (AAIP)

Summary: The Personal Data Protection Act, Act No. 24,326 of 2000 (only available in Spanish here) (the Act) governs data protection in Argentina. The Act is accompanied by Decree No. 1558/2001 Regulating Law No. 25.326 (only available in Spanish here) (the Decree), amended by Decree No. 1160/10 (only available in Spanish here) which provides the implementation rules of the Act. On June 30, 2003, Argentina was recognized by the European Commission as providing an adequate level of protection for personal data.

The Act and the Decrees apply to both public and private organizations and apply to the processing activities in the territory of Argentina. The Act provides for legal bases for processing, including consent and contracts with data subjects, but does not recognize legitimate interests or public interest as legal bases. Additionally, the Act provides for controller and processor obligations, including breach notification obligations and the requirement to register databases with the National Registry of Personal Databases maintained by the Argentinian data protection authority (AAIP).

The AAIP is the supervisory authority under the Act and is fairly active. It regularly issues resolutions that interpret the Act and guide compliance. These resolutions have defined 'security measures' and provided guidance on Binding Corporate Rules (BCRs) for international data transfers. Notably, on October 18, 2023, the AAIP adopted Standard Contractual Clauses (SCCs) for international data transfers.

On June 29, 2023, the Personal Data Protection Bill (only available in Spanish here) was sent to the National Congress of Argentina. The proposed bill aims to update the Act and foster a framework that balances technological innovation, economic growth, and the protection of personal data and informational self-determination.

On the international front, Argentina is a party to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108) and has ratified the Protocol amending Convention 108 (Convention 108+).

Browse more content in Argentina

All Guidance Notes

All News

All Insights

News

28 October 2024

Argentina: AAIP announces joint statement on age assurance

18 September 2024

Argentina: AAIP publishes guide on transparency and personal data protection in AI

31 July 2024

Argentina: Bill on digital identity introduced to Senate and Chamber

31 July 2024

Argentina: Bill establishing federal observatory on AI introduced to Senate and Chamber

06 June 2024

Argentina: AAIP provides guidance on National Do Not Call Registry

06 June 2024

Argentina: AAIP resolution on sanctions and national Do Not Call registry enters into force

03 June 2024

Argentina: Resolution on WorldCoin Foundation and Tools for Humanity introduced to Chamber of Deputies

03 June 2024

Argentina: Bill amending law on rights of consumers of ICT services introduced to Chamber of Deputies

29 February 2024

Argentina: AAIP publishes guidelines for the formulation of Personal Data Protection Plans of the CFT

13 February 2024

Argentina: AAIP publishes Resolution on poster to be placed in places with video surveillance

12 February 2024

Argentina: AAIP announces revalidation of adequacy status by EU

12 January 2024

Argentina: AAIP provides updates on investigation into handling of personal data by Worldcoin Foundation

Insights

October 2024

Argentina: Evolution of AI regulations and the Argentine situation

In this Insight article, Gustavo Bethular and Sofia Grassi, from RCTZZ, explore the evolution of artificial intelligence (AI) regulations and Argentina's role in shaping them. As AI technology advances rapidly, Argentina has actively participated in international initiatives while facing challenges in adapting its domestic legal framework. The article highlights Argentina's efforts to balance innovation, public safety, and ethical considerations in AI regulation.

August 2024

Argentina: Regulatory requirements for financial entities and third-party service providers

In this Insight article, Gustavo Bethular, Hernán Camarero, Eduardo Bellocq, and Sofia Grassi, from RCTZZ, discuss the critical role of cybersecurity in Argentina's financial sector, emphasizing the importance of adhering to the Central Bank of Argentina's (CBA) stringent regulations to ensure operational resilience and maintain customer trust.

December 2023

Argentina: Cryptocurrency regulation - a fragmented landscape

In this Insight article, Gustavo Bethular and Sofía Grassi, from Richards, Cardinal, Tützer, Zabala & Zaefferer (RCTZZ),^[1] provide an overview of the cryptocurrency up-to-date situation in Argentina. Argentina is one of the leading countries in Latin America in terms of cryptocurrency adoption, but its regulatory framework is still in its early stages of development. This lack of regulatory uniformity has created a fragmented landscape, with different government agencies and regulatory bodies issuing their own guidelines and interpretations.

June 2023

Argentina: Cybersecurity incidents landscape

In the following Insight article, Gustavo Bethular and Sofia Grassi, from RCTZZ, examine the cybersecurity situation in Argentina, focusing on the rise in cybercrime. They highlight the impact of COVID-19, measures taken by companies and the public sector, prevalent cyberattacks trends, existing regulations, challenges in reporting and investigating cybercrimes, and the need for enhanced cybersecurity measures.

June 2023

Argentina: New data protection bill - what you need to know

Whilst the Personal Data Protection Act, Act No. 25.326 (the Act) continues to be the main data protection legislation in Argentina, the Argentinian Government begun proposals for a new draft bill (the New Bill) on the protection of personal data in September 2022. In this Insight article, Florencia Rosati and Martín Beccar Varela, from Estudio Beccar Varela, provide an overview of the key provisions and considerations for organizations to ensure compliance if the bill is approved.

July 2022

Argentina: Online behavioural advertising and the protection of minors' personal data

As almost everyone around the world uses the internet, online behavioural advertising ('OBA') has a substantial importance in any marketing effort, and targeted behavioural marketing has become central to the internet business model. Mariano Peruzzotti, Partner at Ojam Bullrich Flanzbaum, provides an analysis of the current regulatory landscape in Argentina, specifically in regards to OBA and the protection of minors' personal data.

March 2022

International: Understanding data residency - Part one: Americas perspective

Many jurisdictions are increasingly enacting laws and regulations governing how and where data must be stored either within their respective borders or abroad. What has resulted is a constantly evolving network of rules and restrictions for the location of data. In this three-part series, OneTrust DataGuidance provides an overview of key trends in data localisation and data residency, outlining underlining approaches to the same, as well as common trends associated with sector and categories of data.

Argentina

Summary

Browse more content in Argentina

News

Insights

Get the Latest News

Thanks for signing up!

Company

Our Policies

Your Rights

Follow us