On January 16, 2019, the Argentine Data Protection Agency (the “Agency”) enacted Regulation No. 4/2019 (the “Regulation”) which established new guidelines to be applied to the Personal Data Protection Law No. 25,326 (the “Data Protection Act”), in order to enhance its implementation.

In this sense, the main relevant provisions implemented by the Agency are as follow:

  • personal data owners may access to their data acquired through video surveillance, provided that, their identity is duly certified. If their request were rejected, they shall be noticed about the possibility to file a claim with the National Direction for the Personal Data Protection;
  • if the recorded image identifies any other third party, the data holder shall apply a decoupling technic in order to assure that only the data owner will be identifiable;
  • the data owner shall have the right to request a disclosure regarding the applicable logic in those cases in which negative legal effects, or if any other significative negative consequence, may emerge from decisions based on automatic treatment of personal data;
  • biometric data identifying a person shall be deemed sensible only if it may result discriminatory to the data owner;
  • data holder shall implement valid and effective identification mechanisms;
  • in relation to the assignment of personal data among public offices, certain scenarios were defined in which prior consent of the data owner shall not be necessary; and
  • underage may consent the treatment of their personal data, under certain conditions.

Any further information, please do not hesitate to contact Juan Pablo Bove, Federico Otero, Julián Razumny, or corporate@trsym.com.