A close-up of Argentina’s regulatory approach to data governance, content moderation, competition and more.
This is the nineteenth issue of the “DPA Digital Digest” series based on the Digital Policy Alert database. This series provides concise summaries of each G20 nation’s recent policy changes in data governance, content moderation, competition and further domestic focal points.
Tommaso Giardini, Maria Buza
11 Aug 2023
Argentina, Latin America’s third-largest economy, is prioritising its digital transformation. To pursue economic development, Argentina has published national strategies, including the Digital Agenda 2030, and engaged in international cooperation. Aiming to close the digital divide in Argentina, the World Bank approved a USD 200 million loan to expand connectivity, build data centers and train digital skills. By 2030, policies enabling digital technology use could contribute a potential annual economic impact of up to USD 149 billion, according to Access Partnership.
But what do Argentina’s domestic digital policies stand for? The nineteenth DPA Digital Digest provides a succinct overview of the latest policy and enforcement developments in major policy areas and Argentina-specific points of emphasis.
In data governance, Argentina is deliberating amendments to its data protection law, including on data transfers, and investigating providers of novel technologies.
In content moderation, Argentina adopted a law to protect minors online and is currently considering proposals to combat fake news and hate speech.
Argentina’s points of emphasis include artificial intelligence, age verification, the taxation of the digital economy, and cryptocurrencies.
Jump directly to the section that interests you most:
Discover the details of Argentina's regulatory approach on our dedicated country page.
Remain up-to-date on new and upcoming developments with our free notification service.
Written by Tommaso Giardini and Maria Buza. Edited by Johannes Fritz.
The protection of personal data in Argentina is governed by the 2000 Law on Personal Data Protection. To collect and process personal data in Argentina, data controllers must obtain data subjects’ informed consent, register with the National Registry of Personal Databases, and uphold principles, including lawfulness and purpose limitation. Data subjects have the rights to access, rectify and update their data, among others and cannot be compelled to provide sensitive personal data. In December 2022, Argentina expanded the definition of sensitive data to align with the Convention for the Protection of Individuals with Regard to Automatic Processing of Personal, ratified shortly before. Regarding cybersecurity, data controllers must implement technical and organisational measures to ensure data security and confidentiality. Currently, the Congress is deliberating on amendments concerning minor data processing, data minimisation and data protection by design, as well as data breach reporting (within 72 hours).
Argentina mandates sectoral data localisation. Since February 2019, financial entities outsourcing information technology services must store the original accounting records and relevant files within Argentina. A proposal requiring providers of cloud services to the government to store the data locally failed to pass (repeatedly).
The Law on Personal Data Protection allows data transfers, which include cloud storage abroad, only to jurisdictions providing an adequate level of data protection (with exceptions, e.g. international judicial cooperation and banking transfers). The government published a whitelist of accepted recipient countries, and approved Standard Contractual Clauses to enable transfers to other jurisdictions as well as Binding Corporate Rules for intra-group transfers. The currently proposed amendments to the Law would expand data transfer mechanisms, including through legally binding and enforceable instruments between public authorities, international agreements, contractual clauses, and data protection certification.
In 2017, Argentina established the Agency for Access to Public Information (AAIP), which oversees data protection. The AAIP has since established increased fines for violations and issued several pieces of secondary legislation, including recommendations for video calling platforms and a guide on data protection impact assessments. In addition, the Central Bank adopted guidelines for cyber incident response and recovery, governance programs, and cybersecurity requirements for financial entities of systemic importance.
Argentina currently does not mandate content moderation (at the federal level), but is deliberating various proposals. Introduced in March 2023, the Bill on Freedom and Equality on Online Social Networks requires online platforms, including search engines, to remove content if: 1) a court order demands it, 2) the content is "evidently and indisputably" illegal, 3) the content publication would constitute a crime, or 4) a third party requests the removal and presents evidence of its rights being violated. Platforms must further inform users and grant them an appeal. Another proposal, introduced in June 2022, requires online platforms with over one million users to remove or block access to "fake news" within 7 days and "hate speech" within 24 hours. Previously, Argentina rejected proposals to prevent online fake news and hate speech, and establish Ombudsmen for internet users and social networks and for audiovisual communication technologies.
In July 2022, Argentina implemented a law to protect minors online (“Mina Ortega” Law) by decree. Providers of devices with internet access and interactive digital platforms must incorporate awareness messages against the grooming and cyberbullying of children. In addition, providers must publish information on dangers, including overexposure and cybercrimes, as well as ways to prevent and report violations.
While Argentina does not require providers to moderate online content (at the federal level), courts can issue orders blocking websites, to uphold copyright and privacy. The National Authority for Communications maintains a list of blocked websites.
Regarding intermediary liability, the Supreme Court ruled in 2014 that platforms do not have an obligation to monitor the content they display or link to. Platforms are, however, liable if they fail to remove illegal content after acquiring “actual knowledge” of third-party violations. In June 2022, the ruling was upheld and clarified regarding its application to public figures, in a case in which freedom of expression prevailed the right to be forgotten.
Argentina does not apply specific competition rules to the digital economy and instead relies on the Act on the Defence of Competition. A proposal imposing competition and consumer protection requirements on online digital intermediation services, introduced in August 2020, failed to pass. The Bill would have prohibited digital intermediation services from charging differential prices for identical services and arbitrarily limiting access to their platform to users and suppliers. In addition, the Bill would have demanded ranking systems to be transparent and based on objective criteria.
In June 2023, a legal framework for artificial intelligence (AI) was introduced to Congress. The Bill would require AI developers to register, follow fundamental ethical principles, e.g. human dignity, privacy, transparency, responsibility and fairness, as well as implement adequate security measures. The Bill would establish a risk-based approach, demanding risk assessments to differentiate between unacceptable, high, limited and insignificant risk. In addition, the Bill would create the AI Supervisory Authority, tasked with overseeing compliance, issuing risk-based requirements and specifying systems to be banned (e.g. systems that violate human rights, engage in unfair discrimination, or pose serious security risks). Previously, Argentina failed to pass a proposal establishing a Federal AI Council to promote AI awareness and research.
Beyond legislative proposals, in June 2023, the Department for Information Technologies adopted non-binding recommendations for AI developers, e.g. ensuring the quality and adequacy of the data used, as well as the safety and transparency of AI systems.
In June 2023, a Bill aiming to protect minors on digital platforms through age verification was introduced in the Chamber of Deputies. The Bill would require platforms that can be used by minors to verify users’ age with a “reasonable level of certainty”. In the absence of a verification mechanism, platforms would have to extend safeguards for minors to all users. Beyond age verification, the Bill covers several policy areas, introducing rules for minors regarding data protection, harmful content, algorithmic impact and platform design. Previously, the Congress failed to pass a proposal Bill requiring internet service providers and intermediaries to verify users that generate content (upon request) and label whether users are verified or unverified.
Since April 2023, digital platforms that operate more than 10 transactions of over ARS 200’000 (approx. USD 706) per month must withhold value-added-tax on product sales. Registered digital platforms must withhold a tax rate of 1 per cent, while unregistered platforms must withhold 8 per cent. In 2020, a proposed 5 per cent tax on the “price of digital services”, specifically online intermediation services and online advertising services, failed to pass.
In June 2022, the government increased the tax rate for online betting services by decree, executing its right under a 2017 law. The tax rate, applied to the gross value of each bet, is set at 5 per cent but can rise to 7.5 per cent for providers that fail to register.
Since May 2023, Argentina’s Central Bank prohibits payment service providers from carrying out transactions of unauthorised digital assets, including cryptocurrencies. Previously, in May 2022, the Central Bank issued a warning discouraging financial entities from providing services involving unauthorised crypto assets. At the subnational level, however, the province of Mendoza launched a service allowing citizens to pay government fees and taxes in cryptocurrencies, in August 2022. Currently, the province accepts only stablecoins, e.g. Tether.