Camila Tobon has written a good overview about Data Privacy Laws in Latin America. The article from the ABA International Law News, vol. 44, n.2 covers the status of latin american developments in the field of data protection.
On July 27 2015 the Peruvian Government issue the legislative decree n. 1182 creating a series of duties to telecoms and internet providers. The decree:
– grants the police warrantless access to real time user location data on a 24/7 basis,
– compels telecom providers to retain, for one year, data on who communicates with whom, for how long, and from where,
– allows the authorities access to the data in real time and online after seven days of the delivery of the court order,
– compels telecom providers to continue to retain the data for 24 more months in electronic storage.
– the decree expressly states that location data is excluded from the privacy of communication guaranteed by the Peruvian Constitution (while it is clear that geolocation data is personal data ser W29 opinion here).
From the point of view of public policy the Peruvian regulation goes against the trend on invalidating data retention regulations (Digital Rights Ireland last year ECJ decision, Halabi case in Argentina).
More information here:
The DPA of Colombia issued its Accountability Guidelines. There is an excellent note in the IAPP Privacy Advisor (the IAPP blog) by Angelique Carson. This regulation is a departure in Latin America from the EU trend of legislating rigig data protection rights. It is still something new and we need to see what other DPAs will decide in the future.
Former Colombian DPA José Alejandro Bermúdez to lead Nymity’s Latin American business unit.
The decision was adopted on May 2015 in a case against the newspaper El Tiempo. Search engines were not a party to the litigation.
The final decision states that the defendant has to adopt technological measures to limit indexations of the news.
Note by Carolina Botero in El Espectador.
Santiago La Rotta, in El Espectador.
Copy of the decision in PDF
Tribunal Superior de Justicia de la Provincia de Córdoba, sala penal
Partes: Carnero, Luis Alberto s/ ejecución de pena privativa de libertad-Recurso de Inconstitucionalidad
The WSJ published on May 27 a complete article about the RTBF in Mexico.
The article below:
MEXICO CITY—Free-speech advocates are challenging a ruling against Google Mexico that they say would allow politicians and business moguls to abuse the so-called right to be forgotten by wiping out Internet links that cast them in a negative light.
The Google Inc. unit and local digital-rights activists are fighting in court to overturn a recent ruling by Mexico’s Federal Institute for the Access to Information, or IFAI. In late January, the institute came down on the side of a transportation scion who wants three links removed that contain negative comments about his family’s business dealings—including a government bailout of bad loans.
The ruling follows a precedent set in Europe one year ago known as “the right to be forgotten.” Proponents say the European model allows people to regain their privacy in a hyperconnected world, while critics say it encourages a whitewash of the past.
Both the European Union and Mexico have exceptions to Internet privacy rules if the information is in the public interest. The IFAI, however, didn’t apply the exception, arguing that Google didn’t make its case.
The brouhaha in Mexico shows the global spread of the Internet-privacy debate. A newCalifornia law gives minors limited rights to erase postings on Internet sites, and Hong Kong is embroiled in a tug-of-war between the right to be forgotten and its corollary “the right to know.” In Latin America, other countries that have passed or are considering digital-privacy laws include Brazil, Chile and Argentina.
As I have previously mentioned in this blog, Argentina is interested in regulating drones. Below you will find the complete text in Spanish of the Regulation enacted last week by the Data Protection Agency of Argentina concerning drones. I believe this is the first data protection regulation of drones by a DPA.
The DPA of Peru has posted online the presentations made at the Iberoamerican network meeting in Peru on May 2015.