19 JULY 2018
The Ministry of Telecommunications and Information Society (‘MINTEL’) announced, on 9 July 2018, that it had released the White Book on the Information and Knowledge Society 2018 (‘the White Book’), which sets out the Government’s strategy on the same. In particular, the White Book outlines the current state of the information society, and establishes the Government’s plans and objectives in a number of key areas, including information security and data protection, in order to promote its development.
Mario Alejandro Flor, Partner at Flor & Hurtado Law Firm, told DataGuidance, “Ecuador is one of five countries in the Latin America region that does not have a data protection act currently in force, despite it having an estimated 128 million interoperability transactions. With this in mind, the White Book seeks to technically demonstrate the urgent need to have a data protection act in force in the following months.”
The Dinardap is working on a bill that will be officially submitted to the National Assembly by the end of this year
With regard to data protection, the White Book notes that further development of the regulatory framework in this area is needed in order to guarantee and effectively enforce the fundamental right to data protection established under the Constitution. In this respect, the White Book outlines promoting a data protection culture and training the commercial, industrial and business sectors on the adequate management of citizens’ personal data as key objectives.
Flor noted, “The White Book does not recommend any specific measures to achieve the necessary legal framework for data protection. However, the National Directorate of the Public Data Registry (‘Dinardap’) is working on a bill that will be officially submitted to the National Assembly by the end of this year. Therefore, it will be Dinardap’s responsibility to include the White Book’s recommendations in the bill. [Although], the White Book does not give any specific role or responsibility to Dinardap to achieve the data protection goals, there is a high possibility that it will become the data protection authority in the bill.”
In addition, the White Book highlights that information security management within companies must be improved, and that Ecuador should work towards developing a national cybersecurity strategy, as well as take measures to improve security in the digital sphere.
Flor concluded, “In Ecuador, the importance of information security, data protection and the risks related to these are still not fully understood by the majority of the population. Therefore, we find it will be difficult to improve the legal framework and to achieve the goals set out in the White Book in the short term. In addition, the current public officers and entities have certain constraints related to their budget as a result of the austerity policy that was established by the President. This means that even when the legal framework is established, the public officers may not be able to comply with the monitoring and control activities because of budget limitations. But the major issue to be resolved, is to train and empower the people on the real need of having a data protection and information security culture.”
PASCALE ARGUINARENA Privacy Analyst