We encourage companies and firms to monitor data privacy and data protection regulations in Latin America. Various jurisdictions in Latin American are starting to adopt similar approaches to the European Data Protection Regulation (GDPR), including some with existing data protection laws. For instance, the Standards for Data Protection for the Ibero-American States by the Red Iberoamericana is modeled under the GDPR. These were published on June 2017, and are recommended for use by Ibero-American member countries. More recently, Brazil passed its General Data Protection Law on 10 July 2018, and Uruguay passed its Data Protection and Habeas Data Law on 11 August 2018, both use the GDPR as a base. Other countries, such as Argentina or Costa Rica, used the EU model to continue developing their data protection regulations. Chile is about to pass a data protection bill and make data privacy a constitutional right.
Besides data protection, the increasing threat and frequency of cyber-attacks have renewed focus on the importance of developing and implementing adequate security measures and incident-response plans. Such evens could potentially result in mandatory breach notification in countries such as Mexico, Chile and Peru. These notices may be mandatory to individuals when data breaches occur, and countries such as Colombia (and potentially Mexico) require notifications to a relevant authority. Argentina, Costa Rica, Paraguay and Chile recently joined the Budapest Convention on cybercrime, and other countries such as Mexico and Colombia are in the course of evaluating adherence thereto. We anticipate increased regulatory focus on cybersecurity risks and management throughout the region, with critical infrastructure, government procurement, financial services, electronic commerce, and healthcare being key sectors of concern.
In a world where regulations fight to keep up with new technologies, countries such as Mexico and Brazil lead the development of Financial Technology Institutions (Fintech). The new Fintech Law in Mexico is an example of the importance new technologies are acquiring in the region and there are calls for it to become a precedent for other neighbouring countries that stay observant of technology changes and its applications, and rising legislation. Brazil shows a strong fintech sector driven by innovation; the new regulation on Cybersecurity Policies and Requirements for Data Processing and Storage issued by Brazil’s National Monetary Council will bring more certainty but heavy obligations on financial institutions.