On 1 June 2024, Resolution 126/2024 adopted by the Agency for Access to Public Information (AAIP), enters into force. The resolution establishes the classification of violations and the regime for grading sanctions for violations of Law No. 25,326. Additionally, it creates the national "Do Not Call" Registry, its management system, the procedure for the registration, cancellation, and change of ownership of telephone lines, and the form for requesting consultation of those registered in the Registry. Furthermore, the "Registry of Offenders" is created. In regards to violations, the resolution distinguishes between minor, serious and very serious violations. Minor violations include processing personal data without registration, failing to report updates or cancellations to the National Registry, among others and face a penalty of ARS 1’000 to 80’000. Serious violations, such as failing to register personal data databases, declaring false data, processing data without a legal basis, and collecting data without informing owners, face a penalty of ARS 80’001 to 90’000 and suspension of up to 30 days. Very Serious violations include not registering personal data databases when required, processing inadequate data, breaching confidentiality and security duties, maintaining insecure databases, retaining data beyond legal limits, exceeding permissible data processing, failing to remove data for advertising upon request, contacting individuals on the 'Do Not Call' list. In cases of serious violations, the AAIP can impose penalties ranging from ARS 90’001 to 100’000, suspend processing for 31 to 365 days and close the register or database.
Original source