Access Alert | Ecuador: A New Data Privacy Law Soon to be Called its Own

Access Alert | Ecuador: A New Data Privacy Law Soon to be Called its Own

After the unanimous approval by the Ecuadorian National Assembly on May 10, the now former President Moreno signed the Ecuadorian Data Protection Bill on the 21st May.

Inspired by the European regulation (General Data Protection Regulation – GDPR), the new law will directly impose legal compliance obligations on controllers and processors, such as the obligation to provide a privacy notice when personal information of a data subject is obtained and the right for individuals to have inaccurate personal data rectified or completed where necessary.

The law also establishes the Superintendency of Protection of Personal Data, which will regulate cross-border data transfers and can impose fines that could amount to up to 17% of the business volume corresponding to the financial year immediately prior to the imposition of the fine.

Considering the law has an extraterritorial reach, a clear understanding of the new legislation is necessary for any business with physical presence in Ecuador along with businesses that offer services or have operations involving data handling in the country. Companies will have a period of two years to adjust to the new rules.

For any additional information about the Ecuadorian Organic Law on Data Protection and any other Personal Data Protection Regulation in Latin America, please contact Paula Rabacov.

Related Articles

Access Alert | Canada’s Public Consultation on a Modern Regulatory Framework for Space

Access Alert | Canada’s Public Consultation on a Modern Regulatory Framework for Space

The Canadian Space Agency (CSA) has launched a public consultation on various aspects of the Canadian national space regulatory framework....

1 Feb 2023 Opinion
Brazil and the Future of Democracy in the Age of Disinformation

Brazil and the Future of Democracy in the Age of Disinformation

Fake news is far from new. That said, digital tools such as social media and online bots have changed the...

25 Jan 2023 Opinion
GDPR: Is it still fit for purpose? 

GDPR: Is it still fit for purpose? 

The EU’s landmark General Data Protection Regulation (GDPR) has fundamentally changed how personal privacy is respected and protected. However, cracks...

25 Jan 2023 Opinion
Access Alert | Environmental Footprint and Data Collection by ARCEP

Access Alert | Environmental Footprint and Data Collection by ARCEP

The impact of the deployment of electronic communications networks, mass production of terminals, operation of data centres, and ever-expanding data...

23 Jan 2023 Opinion