New Director of the DPA of Argentina

Eduardo Bertoni was appointed yesterday as the new Director of the Data Protection Agency of Argentina.

Bertoni was  the Director of the Center for Studies on Freedom of Expression and Access to Information (CELE) at Palermo University School of Law, Argentina.  Previously, he was the Special Rapporteur for Freedom of Expression of the Inter-American Commission of Human Rights at the Organization of American States (2002-2005), Teaching Fellow at the Human Rights Institute at Columbia University School of Law (2001), and a Member of the advisory boards of the Human Rights Initiative (Open Society Foundations), the Media Legal Defence Initiative, and the Freedom of Information Advocates Network (FOIAnet), among others.

He is an Argentinean lawyer and holds a Masters in International Policy and Practice from the Elliot School of International Affairs, George Washington University. Prof. Bertoni currently teaches at Palermo University School of Law, Buenos Aires University School of Law and New York University School of Law (Global Clinical Professor).

I know personally Eduardo and I am sure he will be a great director of the DPA!

Revenge porn law in Argentina

The issue is becoming more and more important. There are already two criminal cases in Argentina from 2015. The fact-scenario of both cases was  defendant posting without authorization videos of intimate images of ex girlfriend. Both cases were considered under the criminal felony of extortion because respondent requested a payment to stop publishing. But there are cases were no payment was requested and there is a gap in the criminal code, unless the judge considers the image personal data and the website a database and decides to apply section 157 bis of the Criminal Code (a provision inserted by the Data Protection Act intro the criminal code).

I have authored two law review articles about this matter and a working paper for our Internet Law program in the University of San Andres. In the last article I proposed to amend the Criminal Code following the changes introduced into  the Criminal Code of Spain of 2015.

My papers about revenge porn:

  1. Introducción al revenge porn, Working Paper DITC n. 1, Abril de 2016.
  2. Protección penal de la difusión no autorizada de la imagen íntima captada con consentimiento de su titular y el problema del “revenge porn, en Revista de Derecho Penal y Procesal Penal, Abeledo, Agosto 2015, pp. 1587-1598.
  3. Difusión no autorizada de imágenes íntimas (revenge porn), El Derecho marzo de 2016.


Next UK Information Commissioner announced

The PL&B blog reports that UK government announced this morning that Elizabeth Denham, Information and Privacy Commissioner, British Columbia, Canada, is the preferred candidate to be the UK’s next Information Commissioner. She is well known for her work internationally in the privacy and open government fields and was a speaker at several international conferences.

Privacy litigation in Argentina 1994- 2015

The Argentine Constitution provides a special judicial remedy for the protection of personal data known as “habeas data”. This is a judicial action for the protection of constitutional rights and therefore upgrades the protection of personal data to the category of fundamental right. The action of habeas data can be initiated to request the access, update or deletion of personal data that is inaccurate or false.

A report from the University of San Andres surveyed over 350 cases filed in Argentina.

Most of the cases filed in Argentina in the last decade (67%) are against credit reporting companies. 

On the other hand, cases initiated against the State include the rest 33%,  those initiated against the Federal Administration of Public Revenues (AFIP), the city and the province government, the army, the Central Bank of the Argentine Republic, the Argentine Federal Police, the National Customs Administration, the Argentine Naval Prefecture, the National Migration Office, the Ministry of the Interior, the Registry of Civil Status and Capacity of Persons, the National Registry of Reoffend, the National Social Security Administration, the Intelligence Service, the Ministry of Justice, the Ministry of National Defense and the National Registry of Motor Vehicles and Chattel Mortgages among others.

This is the link

CIPL, TRUSTe, IAF, IIS Workshop in Lima (Peru)

CIPL, TRUSTe, IAF, IIS Workshop: Building a Dependable Framework for Privacy, Innovation and Cross-Border Data Flows in the Asia-Pacific Region (22 February 2016, Lima, Peru).

CIPL, TRUSTe, IAF, and IIS are holding a one day workshop on 22 February 2016 in Lima, Peru, on the margins of the APEC meetings to be held that week. This interactive workshop will focus on the APEC Cross-Broder Privacy Rules.

Link to the invitation.

Description from the Hunton & Williams privacy blog.

Data Protection in Argentina during the year 2015

by Pablo A. Palazzi

It has been a busy year in Argentina for Privacy and Data Protection practitioners.

On February 2015  the Data Protection Agency (DPA) of Argentina enacted a new regulation for sanctions (DNPDP n. 9/2015). This new regulation aimed at including new sanctions for the do not call registry regulation.

Also on February 2015 the DPA issued a regulation (DNPDP n. 10/2015) for CCTV surveillance for security purposes.

On April 2015, Allende & Brea hosted the first Knowledgnet Meeting of the Argentine chapter in Buenos Aires.

On April the DPA also started to send Enforcement Notices of the Do not call law to local companies.

On April the DPA also issued a Regulation (DNPDP n. 18/2015) about mobile Apps, the first of its kind in Latin America. It is a long list of recommendations for app producers, including privacy by design and privacay by default rules.

On May 2015 the DPA issued a new regulation (DNPDP n. 20/2015) on Drones and Data protection. As far as I know it is the first of its kind in the world. The WP29 issued its opinion on drones in June 2015.

During 2015 the DPA also finished implementing the Do not Call law enacted in the year 2014, and started to impose some sanctions. The number of individuals registered and complaints are escalating fast. Also the number of companies with fines.

On September 2015 a labour court issued a ruling declaring illegal the use of geolocation tools included in the app of the mobile phones provided to the workers by a company.

With Paula Vargas three more meetings were organized during the year with IAPP sponsorship with a huge assistance of practitioners. We did an event for the Schrems case, another event for the Mobile apps regulation.

Finally at the end of the year the former commisioner Juan Cruz Gonzalez Allonca step out and the new government is looking to name a new director of data protection for Argentina. We will have news soon in this blog.

Pablo Palazzi is a partner in Allende & Brea specialized in IT and IP law. He is co chair of the IAPP Knowledge Net Buenos Aires and founder of the Latin America Data Protection Law Review.

DP law courses in Latin American Universities

A sign that data protection law is growing in the region is the proliferation of DP law courses in Latin American Universities.

This year there are already two important courses in schools of law of two leading universities:

Nelson Remolina data protection course in Universidad de los Andes, Bogotá, Colombia (3rd edition in 2016).

María Veronica Perez Asinari and Pablo Palazzi, Data Protection Course in Universidad de San Andrés, Buenos Aires, Argentina (2nd edition in 2016).