Support Centre

Latin America


In this Insight article, Crosbby Buleje, Associate at Baker & McKenzie LLP, discusses Peru's Draft Regulation of Law No. 29.733 on the Protection of Personal Data 2011, as proposed in 2023, including extraterritorial application and enhanced consent requirements.

In this Insight article, Paulina Silva, Partner at Bitlaw, explores the proposed changes to Chilean data protection laws, specifically focusing on the impending structural shift outlined in Bill No. 11144-07 Regulating the Processing and Protection of Personal Data and Creating the Personal Data Protection Authority (the Bill). The article delves into key modifications, including the introduction of new legal bases, enhanced security obligations, and the regulation of international data transfers, shedding light on the potential impact of these changes on privacy practices in Chile.

In this Insight article, Ana Costa, from FTR Advogados, explores the impact of Resolution CD/ANPD No. 04, of February 24, 2023 (Resolution No. 04) on sanctions, dosimetry, and its broader implications for data privacy compliance under the Brazilian General Personal Data Protection Law (LGPD).

In this Insight article, Gustavo Bethular and Sofía Grassi, from Richards, Cardinal, Tützer, Zabala & Zaefferer (RCTZZ),[1] provide an overview of the cryptocurrency up-to-date situation in Argentina. Argentina is one of the leading countries in Latin America in terms of cryptocurrency adoption, but its regulatory framework is still in its early stages of development. This lack of regulatory uniformity has created a fragmented landscape, with different government agencies and regulatory bodies issuing their own guidelines and interpretations.

In the following Insight article, Gustavo Bethular and Sofia Grassi, from RCTZZ, examine the cybersecurity situation in Argentina, focusing on the rise in cybercrime. They highlight the impact of COVID-19, measures taken by companies and the public sector, prevalent cyberattacks trends, existing regulations, challenges in reporting and investigating cybercrimes, and the need for enhanced cybersecurity measures.

Whilst the Personal Data Protection Act, Act No. 25.326 (the Act) continues to be the main data protection legislation in Argentina, the Argentinian Government begun proposals for a new draft bill (the New Bill) on the protection of personal data in September 2022. In this Insight article, Florencia Rosati and Martín Beccar Varela, from Estudio Beccar Varela, provide an overview of the key provisions and considerations for organizations to ensure compliance if the bill is approved.

The Brazilian Federal Senate established a commission of legal experts ('the AI Commission') who were commissioned with the task of drafting an Artificial Intelligence Legal Framework ('AI Legal Framework').

In this Insight article, Fabio Ferreira Kujawski and Ingrid Soares, from Mattos Filho Advogados, summarise the main findings of the AI Commission that shall guide the discussions in the Brazilian Congress about an upcoming federal statute for AI systems, whilst also analysing existing laws and regulations that currently impact the use and development of AI systems in Brazil.

On 3 November 2022, the Official Information Center of Uruguay published Law No. 20075 of 20 October 2022 ('Law No. 20075/2022')1, which was enacted on the same day and which reforms the Uruguayan data protection system in place. Dr. Ana Brian Nougrères, Alejandra Saiz, Ignacio Martinez, and Magdalena Quintana, from Estudio Juridico Briann y Asociados, break down the changes introduced by Law No. 20075/2022, focussing on updated information provision obligations and new powers and functions of the Uruguayan data protection authority ('URCDP').

Both Brazil and Chile have existing data protection frameworks which have, in part, been influenced by the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). Samara Schuch and Debora Batista Araújo, from Schuch & Araújo Specialized Law Firm, provide a comparison between the frameworks in both Brazil and Chile, and discuss the challenges and successes of both.

In this report, OneTrust DataGuidance and Baptista Luz Advogados provide a means of analyzing and comparing data protection requirements and recommendations under the General Data Protection Regulation (GDPR) and the Law No. 13.709 of 14 August 2018, General Personal Data Protection Law (LGPD). 

The report, which was last updated in September 2022, examines and compares the scope, main definitions, legal bases, data controller and processor obligations, data subject rights, and enforcement capacities of the LGPD with the  GDPR. 

You can access the latest version of the report here.

Artificial intelligence ('AI') is undoubtedly one of the most pertinent subjects for data protection regulation, due in part to the huge quantities of personal data such technologies require to operate. Héctor E. Guzmán Rodríguez, Partner at Bello, Gallardo, Bonequi y García, S.C., discusses this topic with reference to the National Institute for Access to Information and Protection of Personal Data's ('INAI') guidance on the same.

Brazil is currently in the process of fleshing out its approach to regulating cookies, with more extensive guidance on the way. Celina Bottino, Vinicius Padrão, and Flávia Parra Cano, from Rennó, Penteado, Sampaio Advogados, discuss current developments in this area and the relevance of approaches taken in the EU on this matter.