On 5 May, Chile’s Constitutional Convention – the body charged with drafting the country’s new constitution – adopted a provision to create the nation’s first-ever Data Protection Agency (DPA). Despite becoming the first South American country to pass a comprehensive data law in 1999, Chile has yet to establish an autonomous data protection agency in charge of its enforcement.
The proposed DPA would serve as an independent body tasked with “ensuring the promotion and protection of personal data, with the ability to investigate, regulate, supervise and sanction public and private entities.” Chileans will vote on the proposal alongside the other provisions included in the new constitution during the mandatory referendum scheduled for 4 September 2022.
The most recent push to modernize Chile’s existing data protection began in 2017 when its Congress first introduced Bill 11144-07, which would also create a DPA. However, the legislation has progressed at a glacial pace over the last five years and currently only remains at the second constitutional review stage. The Constitutional Convention’s inclusion of this provision therefore provides an alternative – and more expedient – route towards creating the new Agency.
Provided the Constitution passes next September, the country will usher in a new era of data protection legislation. Public and private entities may be subject to enhanced regulations and compliance requirements, as well as possible sanctions should they violate data privacy rights. Once approved, the DPA will still require separate legislation and supporting decrees to provide the Agency with proper structuring, budget allocation, and implementation.
Access Partnership is closely monitoring all development regarding data protection regulation in the region. For more information regarding this matter, please contact Yamel Sarquis at [email protected] or Adrian Fossaceca at [email protected].
Subscribe to our news alerts here.
