Argentina: Amended Personal Data Protection Bill including cybersecurity measures

On 24 February 2023, the Argentinian data protection agency (AAIP) amended its proposal for a Personal Data Protection Bill amending the current Personal Data Protection Act No. 25,326, which it presented to the Argentinian Congress. The Bill includes a series of proposals derived from the previous public consultation. The Bill would require entities processing personal data to conduct risk assessments and implement preventive, detective, and responsive security measures to protect the personal data they store. The Bill specifies that entities operating within the country will have to appoint a legal representative. Furthermore, the entities storing and processing personal data will have to notify the authorities of data breaches within 72 hours of their detection.