By means of Resolution No. 1/2023, published in the Official Gazette on 5 January 2023, the Chief of Cabinet Ministers launched the public consultation on the Second National Cybersecurity Strategy. The goal is for all parties interested in cybersecurity and the protection of the digital space to participate, contribute recommendations and share experiences.
The public consultation process will be available for 30 business days from the day following the date of the Resolution’s publication in the Official Gazette, that is, until 16 February 2023.
On 16 December 2022, the Data Protection Authority issued Resolution No. 255/2022 (“Resolution”). The Resolution approves the guiding criterion on the processing of genetic data, which is mandatory for those who are subject to the Personal Data Protection Law No. 25,326.
On 5 and 6 December 2022, Resolutions 240/2022 and 244/2022 were published in the Official Gazette. By means of these resolutions, the Access to Public Information Agency contemplates a new classification of infringements and sanctions applicable to conduct in breach of Law 25,326 and its related regulations.
On 30 November 2022, Decree No. 792/2022 enacting Law No. 27,699 that approves Convention 108+ on the Protection of Individuals with regard to Automatic Processing of Personal Data, was published in the Official Gazette.
On 29 November 2022, the Agency for Access to Public Information incorporated an online registration form to enable foreign individuals and legal entities that are not established in Argentina but that process personal data of Argentine citizens to register as “responsible for personal databases.”
On 1 November 2022, the National Ministry of Security approved the adhesion template and framework agreement template for the federal campaign “STOP. THINK. CONNECT. Argentina” — a campaign for public awareness on cybersecurity and cybercrime prevention. The Ministry has invited the provinces and the city of Buenos Aires to join the Campaign. The main goal of the initiative is to generate, disseminate and implement materials, training and good practices to raise awareness about cybersecurity and cybercrime.
In the special session of 9 November 2022, the Chamber of Deputies granted the necessary approval for Congress to pass Law 27,699 by means of which the Argentine Republic ratifies the Amending Protocol with respect to the Automated Processing of Personal Data (“Convention 108+”). To complete the ratification process, the National Executive Branch will now study the law and, if approved, it will be published in the Official Gazette.
On 27 September 2022, the Ibero-American Network for the Protection of Personal Data published the Guide for the Implementation of Standard Contractual Clauses for the International Transfer of Personal Data, which sets out certain aspects to be considered when making international transfers of personal data through the use of standard contractual clauses. The Guide includes non-binding guidance for those who make ITPD from member countries of the RIPD to non-adequate jurisdictions.
In line with the process of modernizing Personal Data Protection Law No. 25,326, the Agency for Access to Public Information presented a Draft Bill of Personal Data Protection Law.
On 25 August 2022, Personal Data Protection Law No. 149 was published in the Official Gazette of Cuba. It will enter into force in February 2023. The main purpose of the law is to guarantee the right of individuals to the protection of their personal data and to regulate the use and processing of data by public and private persons or entities. By enacting the law, Cuba joins the list of countries with specific legislation on data protection.