On January 15th, 2024, the European Commission confirmed that Argentina continues to provide an adequate level of protection for personal data transferred from the European Union (EU). This confirmation was made through the first review of the functioning of the adequacy decisions adopted pursuant to Article 25(6) of Directive 95/46/EC.
Before the GDPR (General Data Protection Regulation) came into effect, the Commission had established that Argentina, along with 10 other countries (Andorra, Canada, Faroe Islands, Guernsey, Isle of Man, Israel, Jersey, New Zealand, Switzerland, and Uruguay), ensured an adequate level of protection for personal data transferred from the EU. Consequently, data transfers from the EU to these countries can currently be carried out without additional requirements.
With the implementation of the GDPR, the Commission established that it must review adequacy decisions at least every four years to verify if the countries included in them continue to provide an adequate level of protection for personal data.
To confirm Argentina’s adequacy decision, the Commission assessed the independence of Argentina’s data protection supervisory authority (Agency of Access to Public Information – AAIP), the regulations and binding opinions issued by this authority, and our country’s international commitments by adhering to the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data and its Additional Protocol (Convention 108), and likewise ratifying Convention 108+.
Authorities in our country considered that this decision would have a very positive impact on commercial relations with the EU, which is Argentina’s third-largest trading partner.
For inquiries related to the personal data protection regime in Argentina, contact us.