Argentina is taking significant steps to modernize its data protection laws in response to the rapid growth of Artificial Intelligence (AI) technologies. The country, which was the first in Latin America to enact comprehensive data protection legislation with the Personal Data Protection Act (Law 25,326) in 2000, is now facing challenges that have prompted a reassessment of its framework to ensure personal privacy rights are upheld in an AI-dominated landscape.
Over the years, Argentina’s pioneering legislation laid the groundwork for data privacy by establishing principles surrounding consent, data usage limitations, and security safeguards. Initially recognized by the European Union in 2003 for providing “adequate” data protection, the framework has struggled to keep pace with advancements in technology, particularly with the emergence of Generative Artificial Intelligence (GAI) platforms and algorithmic decision-making.
Modernizing the Legislative Framework
In light of these challenges, Argentine authorities are actively revising the existing legal framework. The National Data Protection Authority, known as AAIP, is spearheading this initiative, having initiated a public comment period and drafted a new Personal Data Protection Bill that was submitted to Congress in 2022-2023. By 2025, multiple bills are under consideration aimed at amending or replacing Law 25,326.
These proposed changes seek to align Argentina’s data protection measures with international standards, such as the General Data Protection Regulation (GDPR) from the EU. Innovations like anonymization, biometric data regulations, and explicit rules for automated decision-making are set to be incorporated into the new framework. The AAIP’s authority has also expanded to address the complexities of AI-related data protection issues, reflecting a commitment to safeguarding individual privacy rights.
In 2019, the AAIP issued Resolution 4/2019, enhancing transparency by granting individuals the right to understand the logic behind decisions made solely by automated processing. Despite these advancements, enforcement remains a challenge, with the AAIP often acting more as a guide rather than a strict enforcement agency.
Challenges Presented by Generative AI
The rise of GAI tools poses new risks to privacy and data protection. These advanced systems often process vast amounts of personal data, frequently repurposing information in ways that exceed the consent individuals have provided. This situation raises critical questions about compliance with core data protection principles, including consent and purpose limitation.
Concerns surrounding bias and discrimination are also prominent, as GAI systems may perpetuate existing biases within the data they process, leading to unfair outcomes. Furthermore, the “black box” nature of many GAI algorithms complicates transparency, making it difficult for individuals to grasp how their data is utilized or to exercise their rights effectively.
Argentina’s existing laws impose obligations for data transparency and quality, requiring organizations using GAI to adhere to the principles established in Law 25,326. Companies must obtain consent for data collection, ensure data accuracy, and allow individuals to access or rectify their data. Yet, the practical enforcement of these principles remains a complex challenge.
Recent legal cases highlight the urgent need for regulatory clarity. In a notable ruling from 2023, the Court of Administrative, Tax and Consumer Relations in Buenos Aires declared the municipality’s use of a facial recognition system unconstitutional, citing significant privacy risks and inadequate safeguards. This decision underscores the necessity for established legal rights to address the deployment of unregulated GAI technologies.
Initiatives to Enhance Transparency and Compliance
In response to the growing concerns surrounding GAI, Argentine authorities have launched specific initiatives aimed at promoting data protection while addressing ethical challenges. In September 2023, the AAIP introduced the “Program for Transparency and Personal Data Protection in the Use of Artificial Intelligence” through Resolution 161/2023. This program aims to promote analysis and regulation of AI development while ensuring the effective exercise of citizens’ rights.
Key components of the program include the establishment of an AI Observatory to track AI developments, the creation of guidelines for transparency in AI systems, and the formation of a multidisciplinary advisory council to foster interdisciplinary dialogue on AI policy. These efforts are complemented by a focus on capacity building within government agencies and the private sector, aimed at enhancing understanding of transparency obligations related to AI.
Moreover, the Argentine government has organized an Interministerial Roundtable on AI through Administrative Decision 750/2023, facilitating collaboration among various ministries to address the opportunities and risks associated with GAI technologies.
Argentina is navigating the balance between innovation and personal rights as it revises its data protection framework. Although the current landscape relies on soft-law measures, the cumulative efforts represent a commitment to guiding the development of GAI tools while safeguarding fundamental rights. The ongoing discussions around reforming the Personal Data Protection Act, alongside a proactive judiciary, signal a robust framework evolving to meet the challenges of AI.
As Argentina moves forward, it is likely to adopt a new data protection law or enact regulations specifically targeting AI. The combination of its privacy framework, recent oversight initiatives, and transparency measures serves as a crucial safeguard for privacy rights in an era of rapid technological advancement. As noted by Beatriz Anchorena, Director of the AAIP, it is vital for society to understand how AI-based decisions are made, ensuring that technological progress aligns with democratic principles.
