Pablo Palazzi, partner at the law firm Allende & Brea in Buenos Aires, Argentina, says that under the new regulation the DPA has approved a model form for international transfers to a data controller and also another form for transfer to a data processor for rendering services. ‘The model is partly based on the EU model with some changes. If the data controller is using a different model, then he needs to file its agreement with the DPA for approval within 30 days. The new regulation list countries that are considered adequate (those recognized as adequate by the European Union), Palazzi writes.
In order to make the process transparent, Argentina’s Data Protection Authority (DNPDP) has issued a summary of the responses submitted during the consultation process on the amendment of Argentina’s Data Protection Act. The DPA issued a letter on 19 December 2016, saying that the document reflects the opinions and recommendations provided by all who participated in the consultation process driven by the DNPDP and ‘aims to constitute an important tool for a future discussion on the need to reform our current regulations for an improvement of the protection of data in Argentina’
The regulation is available (in Spanish) at http://servicios.infoleg.gob.ar/infolegInternet/anexos/265000-269999/267922/norma.htm
Source: Privacy Laws UK