Table of Contents
Argentina
- Argentine Personal Data Protection Law No. 25,326
- Argentine Personal Data Protection Regulatory Decree No. 1558/2001
- Argentine International Personal Data Transfer Disposition No. E-60/2016
- Argentine Data Protection Agency Resolution No. 47/2018: Recommended security measures for the processing and retention of personal data in computerized and non-computerized media
Recently, Bill No. MEN-2018-147-APN-PTE has been placed aiming to replace the Act in lines with the GDPR
Bolivia
- Bolivian Political Constitution, 7 February 2009
- the Supreme Decree No. 1793, 13 November 2013
- Telecommunications Law No 164, 8 August 2011
- Bolivian Criminal Code, 3 November 1834
- Supreme Decree 28168, 18 May 2005
- Code for Children and Adolescents, 27 October 1999 Law 018, 16 June 2010
- Draft law No.185/2019-2020- the Citizen Law of Privacy and Data Protection in Bolivia currently pending consideration in the Legislative Assembly
Brazil
- Brazilian Federal Constitution
- Brazilian Civil Code – Law No. 10,406/02
- Brazilian Consumer Protection Code (“CDC”) – Law No. 8,078/90
- Internet Legal Framework – Law No. 12,965/14
- Brazilian Criminal Code – as amended by Law No. 12,737/12
- Interception of Telephone Communication Law – Federal Law 9,296/96
- Complementary Law No. 105/01
- Brazilian Information Access Law– Federal Law No 12,527/11
- Good Payer’s Registry Law – Federal Law No 12,414/11, amended by Complimentary Law No. 166/2019
- General Data Protection Law (LGPD)
Canada
- Federal — Personal Information Protection and Electronic Documents Act, SC 2000, c 5 (“PIPEDA”)
- Alberta — Personal Information Protection Act, SA 2003, c P-6.5 (“Alberta PIPA”)
- British Columbia — Personal Information Protection Act, SBC 2003, c 63 (“BC PIPA”)
- Quebec — Act respecting the protection of personal information in the private sector, CQLR c P-39.1 (“Quebec Act”)
- Digital Charter Implementation Act, 2020 (C-11 Bill)
Chile
- Act on the Protection of Personal Data, 1998
- Law 19,628/1999– ‘On the protection of private life’, commonly referred to as ‘Personal Data Protection Law’ (hereinafter, the ‘PDPL’)
Dominican Rebublic
- Section 44 of the Dominican Constitution recognizes citizens’ right to access their personal data stored in public or private databases, as well as their right to information concerning the purpose and use of the same.
- Protection of Personal Data Law No. 172-13
- Sending of Commercial Unsolicited Messages (SPAM)Law No. 310-14
Honduras
- Article 182 of the National Commission
- Article 109, Decree 62-2004 of Law of the Civil Registry
- Article 3.5, Decree 170-2006 of Law for Transparency and for Access to Public Information
- Article 42, Accord 001-2008 of Rulings on the Law for Transparency and for Access to Public Information.
Mexico
- The Federal Law for the Protection of Personal Data
- The Constitution of the United Mexican States
- The Federal Law on the Protection of Personal Data held by Private Parties (“FDPL”) and its Implementing Regulations
- The Privacy Notice Guidelines
- Minimum Guidelines for contracting cloud services
- Guidelines for Processing Biometric Personal Data
- Data Incidents’ (breaches) recommendations
- Binding Corporate Rules Guidelines
- Federal Consumer Protection Law
Paraguay
- National Constitution
- Law No. 6534 Personal Credit Data Protection Law
- Law No. 5543 of 2015 (‘the Private Information Law’) – 2nd Amendment of the Data Privacy Law
Panama
- Law 51 of July 22, 2008, as amended by Law 82 of November 9, 2012 (“Law 51”)
- Executive Decree No. 40 of May 19, 2009 (“Decree 40”)
- Executive Decree No. 684 of October 18, 2013 (“Decree 684”)
- Law 81 of March 26th 2019
- Executive Decree No. 285 of May 28th, 2021
Peru
- Law 29733 – Data Protection Law
- Supreme Decree 003-2013-JUS, which approves Regulation of Law 29733
- Directive on the Security of Information Managed by Personal Data Banks
- Legislative Decree 1353, which creates the National Authority for Transparency and Access to Public Information, and amends Data Protection Law
- Supreme Decree 019-2017-JUS, which amends the Regulation of the Data Protection Law
- Emergency Decree No. 007-2020 which approves the Digital Trust Framework
- Directorial Resolution No. 02-2020-JUS/DGTAIPD the Directive for the Processing of Personal Data by Video Surveillance Systems was published, in order to establish obligations regarding the collection, processing, and storage of personal data obtained through video surveillance systems, as well as security measures related to the implementation of user identification and authentication procedures.
Trinidad and Tobago
United States
- The FTC (Federal Trade Commission) regulates business privacy laws.
- US Privacy Act of 1974 which deals with data in government agencies
- Health Insurance Portability and Accountability Act of 1996 (HIPPA), which deals with health-related information
- Children’s Online Privacy Protection Rule (COPPA), which applies to websites that collect data from children under the age of 13.
- GLBA (The Gramm-Leach-Bliley Act) deals with financial institutions to document what information is shared and how it is protected.
- The various states in the US have also formulated their own laws for data protection.
- California Online Privacy Protection Act (CalOPPA), which is the first law in the United States that specifically requires websites to post a Privacy Policy
- California Consumer Privacy Act (CCPA)
- Washington Privacy Act (WPA).
- California Privacy Rights Act (CPRA)
- The Internet of Things (IoT) Cybersecurity Improvement Act of 2020
- Colorado Privacy Act
- Code of Virginia – Chapter 53. Consumer Data Protection Act
- Oklahoma Computer Data Privacy Act of 2022
- Utah Consumer Privacy Act
- 2021 Wisconsin Act 73
Venezuela
- August 4, 2011, the Constitutional Chamber of the Supreme Court issued Decision N° 1318 May 8, 2012, the Constitutional Chamber of the Supreme Court issued decision No 568
- Decision No. 1318 of the Constitutional Chamber of the Supreme Court issued on August 4, 2011.
- Decision No. 568 of the Constitutional Chamber of the Supreme Court issued on May 8, 2012.
- The Constitution of the Bolivarian Republic of Venezuela published in the Extraordinary Official Gazette No 5.908 dated February 19, 2009
- Law of Informatic Crimes published in the Official Gazette No 37.313 dated October 30, 2001
- Law Protecting the Privacy of Communications published in Official Gazette N° 34.863 dated December 16, 1991
- Law on Data Messages and Electronic Signatures published in the Official Gazette No 37.148 dated February 28, 2001
- Law of Credit, Debit, Prepaid and any other Financial Card or Electronic Payment published in the Official Gazette No 39.021 dated September 22, 2008
- Law for the Protection of Children and Adolescents, published in the Official Gazette No 5.859 dated December 10, 2007
- Law on Banking Sector Institutions published in the Official Gazette No 40.557 dated December 8, 2014
- The InfoLaw, published in the Official Gazette No 40.274 dated October 17, 2013
- The Organic Labor Law published in the Extraordinary Official Gazette No 6.076 dated May 12,2012
- Regulation for the Protection of the Rights of Users in the Provision of Telecommunications Services published in the Official Gazette No 41.533 dated November 27, 2018
*Disclaimer: This general information is provided for reference purpose only. It is informed that laws are subject to frequent updation and each jurisdiction may have additional civil laws and policies in place. Also link to laws provided for certain countries are of unofficial english translation therefore readers are advised to cross-check/ validate the information provided from official sources.
