Through Decree No. 780/2024, published in the Official Gazette on 2 September 2024 (“Decree”), Regulatory Decree No. 206/2017 and its subsequent modifications (“Regulatory Decree”) of Law on Access to Public Information No. 27275 (“Law”) have been amended. The Decree introduces the following amendments to the Regulatory Decree of the Law, among others:
• The Decree delimits the scope of the definitions of (i) public information, which does not include private data or data that is not of public interest; and (ii) document, which is limited to any record generated, controlled or held within the framework of the state activity and excludes preparatory deliberations and working papers.
• The Decree regulates the formal requirements for information requests.

By means of Resolution No. 12/2024, published in the Official Gazette on 24 April 2024 (“Resolution”), the Secretariat of Industry and Commerce amended the regime of advertising of goods and services involving an offer to an undetermined audience; it also repealed Resolution No. 915/2017. The Resolution’s main purpose is to modify the regulations governing advertisements so that they are clearer, more understandable, and useful for consumers. The aim is to simplify the current regime and prevent consumers from being “over-informed,” which could make it difficult for them to make appropriate purchasing decisions.

By means of Decree No. 302/2024, published in the Official Gazette on 10 April 2024 (“Decree”), the National Executive Branch (PEN for its acronym in Spanish) has amended Argentine Digital Law No. 27,078 and repealed Decree No. 690/2020.
The Decree’s main purpose is to free the market and to develop Information and Communication Technology Services, allowing licensees to freely set prices, which shall be fair and reasonable; cover the operation costs; and aim at efficient provision and a reasonable operating margin.

In the context of the International Data Protection Day, on 26 January 2024, the Agency of Access to Public Information (AAIP, its acronym in Spanish) published their “Recommendations to protect personal data on the internet”. The AAIP provided five recommendations to users of any digital platform that entails the assignment of personal data.

The European Commission concluded that personal data transferred from the European Union (EU) to Argentina are adequately protected and, therefore, can continue to flow freely from the EU to Argentina. On 15 January 2024, the Commission published its conclusions regarding the first review of the adequacy decisions adopted — pursuant to Article 25(6) of Directive 95/46/EC — in 1995. In these decisions, the Commission had determined that 11 countries or territories, including Argentina, guaranteed an adequate level of protection of personal data. This allowed data transfers from the EU to these countries.

Following Administrative Decision No. 641/2021 on “Minimum information security requirements for the national public sector,” the AAIP approved its information security policy. The purposes of the policy are to protect the information resources of the AAIP and the technological tools used for their processing; ensure the confidentiality, integrity, availability, legality and reliability of information, and strengthen the adequate implementation of security measures, identifying available resources.

On 16 December 2022, the Data Protection Authority issued Resolution No. 255/2022 (“Resolution”). The Resolution approves the guiding criterion on the processing of genetic data, which is mandatory for those who are subject to the Personal Data Protection Law No. 25,326.

On 5 and 6 December 2022, Resolutions 240/2022 and 244/2022 were published in the Official Gazette. By means of these resolutions, the Access to Public Information Agency contemplates a new classification of infringements and sanctions applicable to conduct in breach of Law 25,326 and its related regulations.