A close-up of Argentina’s regulatory approach to data governance, content moderation, competition, artificial intelligence, and more.
The “DPA Digital Digest” series provides concise summaries of each G20 nation’s digital policy. Based on the Digital Policy Alert database, we outline rules and enforcement cases in data governance, content moderation, competition, artificial intelligence, and domestic points of emphasis.
Argentina’s economy, the third-largest in Latin America, is digitalising. According to the International Chamber of Commerce, Over 75% of Argentina’s micro-, small-, and medium-sized enterprises (MSMEs) started to buy or sell products and services online during the pandemic. Online sales grew over 50% since 2019 for MSMEs. At the start of 2024, Argentina boasted 31.3 million social media users and internet penetration of 88.4%. Mobile payment applications are used by 95% of Argentines, according to Ipsos.
Aiming to close the digital divide in Argentina, the World Bank approved a USD 200 million loan to expand connectivity, build data centers and train digital skills in 2022. By 2030, policies enabling digital technology use could contribute a potential annual economic impact of up to USD 149 billion, according to Access Partnership.
But what do Argentina’s domestic digital policies stand for? Our DPA Digital Digest provides a succinct overview of the latest policy and enforcement developments in major policy areas and Argentina-specific points of emphasis.
Data governance: Argentina is deliberating amendments to its data protection law and adopted several guidelines specifying data protection obligations.
Content moderation: Argentina introduced several laws regulating content dissemination and removal on social media platforms.
Competition policy: Argentina is considering an amendment to the Act on the Defence of Competition to strengthen competition rules.
Artificial Intelligence: Argentina introduced two comprehensive bills regulating AI, as well as various narrower proposals, and partakes in several international developments.
Argentina’s points of emphasis include age verification, the taxation of the digital economy, and crypto assets.
Jump directly to the section that interests you most:
Discover the details of Argentina's regulatory approach on our dedicated country page.
Remain up-to-date on new and upcoming developments with our free notification service.
Written by Tommaso Giardini, Saskia von Mutius, and Maria Buza. Edited by Johannes Fritz.
The protection of personal data in Argentina is governed by the 2000 Law on Personal Data Protection. To collect and process personal data in Argentina, data controllers must obtain data subjects’ informed consent and uphold principles, including lawfulness and purpose limitation. Data subjects have the rights to access, rectify and update their data, among others, and cannot be compelled to provide sensitive personal data. Regarding cybersecurity, data controllers must implement technical and organisational measures to ensure data security and confidentiality. Currently, the Congress is deliberating on amendments concerning minor data processing, data minimisation and data protection by design, as well as data breach reporting (within 72 hours).
Recently, several resolutions have specified the provisions of the Law on Personal Data Protection. In June 2024, the AAIP specified the registration system, procedure, and cancellation for the National Registry of Personal Databases. In December 2022, Argentina expanded the definition of sensitive data to align with the Convention for the Protection of Individuals with Regard to Automatic Processing of Personal, ratified shortly before. The AAIP also increased fines for violations, reaching up to ARS 100’000 (approx. USD 94) and distinguishing between “minor”, “serious”, and “very serious” offences.
Argentina mandates sectoral data localisation. Since February 2019, financial entities outsourcing information technology services must store the original accounting records and relevant files within Argentina. A proposal requiring providers of cloud services to the government to store the data locally failed to pass (repeatedly).
The Law on Personal Data Protection allows data transfers to jurisdictions providing an adequate level of data protection, with exceptions including international judicial cooperation and banking transfers. The government published a whitelist of accepted recipient jurisdictions. Furthermore, it approved both national standard contractual clauses and the Ibero-American Data Protection Network’s standard contractual clauses to enable transfers to other jurisdictions. The Agency of Access to Public Information’s Binding Corporate Rules enable intra-group data transfers to such jurisdictions. The currently proposed amendments to the Law would expand data transfer mechanisms, including through legally binding and enforceable instruments between public authorities, international agreements, contractual clauses, and data protection certification.
In 2017, Argentina established the Agency for Access to Public Information (AAIP), which oversees data protection. The AAIP regularly publishes guidance on data protection requirements, most recently on minor protection and responsible AI. Previously, the AAIP issued recommendations for video calling platforms and a guide on data protection impact assessments. The AAIP also coordinates with international data protection agencies and recently signed the international declaration on data scraping and privacy as well as the Ibero-American Data Protection Network’s memorandum of understanding on data protection cooperation.
Data protection rules are rigorously enforced, especially concerning large digital providers:
In August 2023, the AAIP opened an investigation into WorldCoin concerning the alleged practice of scanning faces and irises in exchange for crypto assets. As of January 2024, the AAIP is analysing additional documentation. In connection with these practices, a resolution requested information from the Ministry of National Security on preventive measures.
Since May 2023, as part of the Ibero-American Network for the Protection of Personal Data, Argentina has been investigating the data processing practices of OpenAI's ChatGPT.
In May 2021, the AAIP opened an investigation into the update of WhatsApp’s privacy policy, which was suspended due to competition concerns (see below).
In April 2020, the AAIP fined Google ARS 280.000 (approx. USD 262) for refusing to provide a data subject access to its personal data.
Argentina does not currently mandate content moderation at the federal level, but is deliberating various proposals.
A bill introduced in August 2024 would regulate influencers, specifically their content dissemination practices through the use of digital platforms, social networks or media.
A bill introduced in July 2024 would require online social networks and search engines to remove content in cases of judicial orders, evident criminal activity, or third-party claims.
A bill introduced in July 2024 would protect “digital identity” and prohibit the unauthorised dissemination of intimate images, digital harassment, and identity impersonation
A bill introduced in March 2023 would require online platforms, including search engines, to remove content if: 1) a court order demands it, 2) the content is "evidently and indisputably" illegal, 3) the content publication would constitute a crime, or 4) a third party requests the removal with evidence that its rights are violated.
A bill introduced in June 2022 would require online platforms with over one million users to remove or block access to "fake news" within 7 days and "hate speech" within 24 hours.
Previous proposals aimed to prevent online fake news and hate speech, and establish Ombudsmen for social networks and for audiovisual communication technologies.
In 2024, Argentina introduced two bills addressing online gambling advertisements. The Law for Preventing Gambling Addiction would require websites to publish a health warning message regarding negative consequences of gambling. The Law Regulating Gambling through Digital Platforms would oblige digital gambling service providers to register.
Also in 2024, a bill to amend the Audiovisual Communication Services Bill was introduced, aiming to address modern digital broadcasting and streaming services. Specifically, it would mandate a local content requirement of at least 20% and the establishment of a content rating system by age.
In July 2022, Argentina implemented a law to protect minors online (“Mina Ortega” Law) by decree. Providers of devices with internet access and interactive digital platforms must incorporate awareness messages against the grooming and cyberbullying of children. In addition, providers must publish information on dangers, including overexposure and cybercrimes, as well as ways to prevent and report violations.
While Argentina does not require providers to moderate online content (at the federal level), courts can issue orders blocking websites, to uphold copyright and privacy. The National Authority for Communications maintains a list of blocked websites.
Regarding intermediary liability, the Supreme Court ruled in 2014 that platforms do not have an obligation to monitor the content they display or link to. Platforms are, however, liable if they fail to remove illegal content after acquiring “actual knowledge” of third-party violations. In June 2022, the ruling was upheld and clarified regarding its application to public figures, in a case in which freedom of expression prevailed the right to be forgotten.
Argentina does not apply specific competition rules to the digital economy and instead relies on the Act on the Defence of Competition. In December 2023, an amendment to the Act was introduced, proposing a clemency program for firms to self-report anti-competitive agreements. Furthermore, it would amend merger control rules by increasing the notification threshold for economic concentrations. Finally, it would create a new oversight framework, specifically a “Market and Competition Agency” and a “Competition Defense Court.”
In August 2020, a proposal imposing competition and consumer protection requirements on online digital intermediation services was introduced. The proposal would prohibit digital intermediation services from charging differential prices for identical services and arbitrarily limiting access to their platform to users and suppliers. In addition, the Bill would demand ranking systems to be transparent and based on objective criteria.
In February 2024, the National Commission for the Defense of Competition (CNDC) authorised the acquisition of the digital payment provider Bizland by Los Lapachos. Previously, the main digital competition enforcement development concerned the update to WhatsApp’s privacy policy. The update was originally scheduled for 15 May 2021 but was precautionarily suspended two days before, for 180 days, by the Secretariat of Inner Trade of the Ministry of Productive Development. The suspension was meant to enable the CNDC to investigate detrimental effects to competition resulting from the update, especially regarding excessive data processing and sharing. Subsequently, the CNDC fined Meta ARS 5 million (approx. USD 4,692) for including abusive terms in the privacy policy. The Ministry prolonged the suspension until the CNDC concludes its investigation.
Argentina has introduced two comprehensive bills for the regulation of AI:
Introduced in June 2024, the comprehensive framework regarding the responsible use of Artificial Intelligence (AI) would apply to entities offering and individuals using AI systems in Argentina. It prohibits AI systems posing unacceptable risks and prohibited practices, including actions that threaten individual rights, distort a person's behaviour, hinder informed decision-making, or coerce decisions. High-risk systems must also be registered and evaluated. The bill further defines the duties and responsibilities of AI providers, including the implementation of technical measures and development of a failure detection and response system. The National Institute of Industrial Technology is designated as the enforcing authority and is required to conduct a Human Rights Impact Assessment.
In June 2023, another legal framework for AI was introduced. The bill would require AI developers to register, follow fundamental ethical principles, and implement adequate security measures. It would establish a risk-based approach, differentiating between unacceptable, high, limited and insignificant risk. Additionally, the bill would establish the AI Supervisory Authority, tasked with overseeing compliance, issuing risk-based requirements and specifying systems to be banned.
Several legislative proposals focus on content generated or manipulated through AI.
A bill introduced in July 2024 would prohibit the use of AI to create or manipulate audiovisual content that could harm a person’s reputation without consent.
Another bill introduced in July 2024 would require all digitally retouched advertising to include a visible disclaimer stating that the image has been modified.
A bill introduced in May 2024 would task the National Communications Entity with drafting guidelines for detecting and controlling the use of AI and issuing an annual report.
The “Turing bill,” introduced in March 2024, would amend the penal code to criminalise the non-consensual creation or distribution of AI-generated explicit content. The bill would further amend the data protection law regarding personal data collection for AI systems.
Another set of legislative proposals focused on establishing oversight frameworks:
A bill introduced in July 2024 would establish the Federal Observatory on AI to oversee and guide AI development and use.
A bill introduced in March 2024 would establish the AI Advisory Council to oversee AI, draft rules to address risks, and promote responsible and transparent algorithmic practices.
A bill introduced in July 2024 would create regulatory sandboxes, aiming to foster innovation by creating controlled environments for testing new technologies, including AI.
Previously, a bill had proposed the establishment of a Federal AI Council to promote AI awareness and research.
In the international context, Argentina is part of the Hiroshima AI Process Friends Group, which extends the G7’s Hiroshima Process, including a Code of Conduct and Guiding Principles on AI. Further, Argentina signed the Cartagena de Indias Declaration, promoting the safe, inclusive, and ethical development of AI. Finally, as a United Nations (UN) member state, Argentina is involved in the UN AI Resolution, the UN Advisory Body on AI, the OECD-UN enhanced collaboration on AI.
Beyond legislative proposals, different government entities have advanced non-binding rules on AI, especially the Agency of Access to Public Information (AAIP). In September 2024, the AAIP issued a Guide for public and private entities on transparency and personal data protection for responsible AI, outlining the principles of lawfulness, consent, and transparency. In August 2023, the AAIP launched a program for AI transparency and data protection, focusing on the development of AI and safeguarding citizens' rights. In June 2023, the Department for Information Technologies adopted recommendations for AI developers, including ensuring the quality and adequacy of the data used, as well as the safety and transparency of AI systems.
In June 2023, a Bill aiming to protect minors on digital platforms through age verification was introduced. The Bill would require platforms that can be used by minors to verify users’ age with a “reasonable level of certainty”. In the absence of a verification mechanism, platforms would have to extend safeguards for minors to all users. Beyond age verification, the Bill covers several policy areas, introducing rules for minors regarding data protection, harmful content, algorithmic impact and platform design. A previous proposal required internet service providers and intermediaries to verify users that generate content (upon request) and label whether users are verified or unverified.
On the international sphere, the AAIP partakes in several initiatives related to age assurance.
In October 2024, the International Age Assurance Working Group, comprising several data protection authorities, issued a joint statement on international age verification standards.
In September 2024, the AAIP signed a joint statement with other data protection authorities regarding privacy principles in age assurance, such as lawfulness and accountability.
Also in September 2024, the AAIP and other data protection authorities issued a statement on a common international approach to age assurance. The statement identified shared principles for age verification in online services, with an emphasis on data protection.
Since April 2023, digital platforms that operate more than 10 transactions of over ARS 200’000 (approx. USD 188) per month must withhold value-added-tax on product sales. Registered digital platforms must withhold a tax rate of 1%, while unregistered platforms must withhold 8%. In 2020, a proposed 5% tax on the “price of digital services”, specifically online intermediation services and online advertising services, failed to pass.
In June 2022, the government increased the tax rate for online betting services by decree, executing its right under a 2017 law. The tax rate, applied to the gross value of each bet, is set at 5% but can rise to 7.5% for providers that fail to register.
On the international sphere, Argentina participates in the OECD/G20 Global Anti-Base Erosion Model Rules. It sets up a framework for a global 15% minimum tax for certain multinational companies.
Argentina has adopted rules regarding crypto assets in different policy areas.
Since March 2024, Argentina requires Virtual Asset Service Providers to register, providing information about their identity and activities.
In December 2023, Argentina implemented a regime requiring taxpayers to declare crypto assets and pay a flat tax of 5-15% on capital gains and cross-border crypto transfers.
Since May 2023, Argentina’s Central Bank prohibits payment service providers from carrying out transactions of unauthorised digital assets, including crypto assets. Previously, in May 2022, the Central Bank issued a warning discouraging financial entities from providing services involving unauthorised crypto assets.
At the subnational level, however, the province of Mendoza launched a service allowing citizens to pay government fees and taxes in crypto assets, in August 2022. Currently, the province accepts only stablecoins, e.g. Tether.
On the international sphere, several G20 initiatives regarding crypto assets advanced. In October 2023, the roadmap on crypto assets was adopted as part of the G20 Morocco Communique, aiming to implement a comprehensive policy framework for crypto assets. In September 2023, the G20 New Delhi Leaders’ Declaration was adopted, including commitments to foster crypto asset regulation, central bank digital currencies, and digital ecosystems in general.