Authors: Maria Badillo and Momina Imran
Today, the Future of Privacy Forum (FPF) published an Issue Brief analyzing the regulatory strategies and priorities of data protection authorities (DPAs) in Latin America. Titled Regulatory Strategies and Priorities of Data Protection Authorities in Latin America: 2024 and Beyond, the Issue Brief outlines an overview of the various strategies, activity reports, and other announcements made by the DPAs of various Latin American countries in order to understand their strategic priorities for 2024 and coming years.
Most governments in Latin America recognize privacy and personal data protection as two separate fundamental rights in their constitutional and legal frameworks. Some of these countries have also issued specific data protection laws and created regulatory authorities to ensure compliance with such laws. For example, Argentina, Uruguay, Mexico, Peru, and Colombia have all created authorities that are actively monitoring and regulating the data protection space.
Advancing technology and increased digitalization have made the need for updated data protection frameworks to govern organizations’ processing of personal data more essential than ever.
The objective of this Issue Brief is to provide an overview of the current work and future objectives of data protection authorities in Latin America. This brief highlights areas of convergence among the different DPAs and showcases the diverse set of strategies LatAm DPAs have indicated they plan to deploy in coming years. As a result, this Issue Brief is limited to jurisdictions where there is (i) a designated data protection authority and (ii) such authority has issued a strategic or planning document outlining its current and future work.
The Issue Brief expands upon the following categories:
- Regulatory Priorities
- Enforcement Priorities
- Advocacy and Public Participation
- Strengthening Institutional Capabilities
Review of DPAs regulatory strategies shows that most authorities seek to increase their investigatory and sanctioning powers as part of their enforcement priorities. Authorities also recognize a need for greater awareness of data protection across the board, which they can facilitate via enhanced advocacy and public participation through education and supplemental guidance. Another common priority is to build institutional capabilities by training government and DPA personnel and continue increasing collaboration with other sectoral agencies and DPAs in the region.
For a more detailed discussion of the regulatory strategies of Latin American DPAs and an in-depth analysis of the strategic and planning documents, download the Issue Brief here.
For inquiries about this Issue Brief, please contact Maria Badillo, Policy Counsel of Global Privacy, at mbadillo@fpf.org.