Share

Latest sanctions of the Agency for Access to Public Information

Latest sanctions of the Agency for Access to Public Information

By Mariano Peruzzotti and Belen Sorrentino.

During the last weeks the Agency for Access to Public Information (“Agency”) has imposed sanctions to different organizations for violations to the Personal Data Protection Law No. 25.326 (“PDPL”) as follows:

  • Football club associations
    • In the context of three different inspection proceedings conducted by the Agency, three Football club associations were required to report on their compliance with different obligations of the PDPL within the term of 15 administrative working days.
    • As a consequence of not receiving the proper answers, the following violations were charged to these associations:
      • Failure to submit in due time the documents required in the framework of an inspection procedure.
      • Processing personal data without being registered with the National Registry of Databases in violation of the provisions of article 3 of the PDPL.
      • In two of these cases, the violation of obstructing the exercise of the inspection proceeding.
    • Two of the associations were fined Argentine Pesos 51,002 each (USD 500,08 at the current exchange rate) while the remaining one was fined Argentine Pesos 26,001 (USD 255,34).
  • Financial entity
    • The claimant requested a bank to allow access to his personal data as a customer considering that the home banking account stated an unpaid debt that was not recognized by the client. As no response was received, the claimant filed a claim with the Agency.
    • The Agency requested the company to provide the relevant information about the case. Although the bank answered the request, the Agency considered that the response issued by the bank failed to comply with the claimant’s request.
    • Consequently, the company was sanctioned for not responding in due time to the request for access, rectification or removal of the personal data when legally appropriate.
    • The fine applied was of Argentine Pesos 80,000 (USD 785,63).
  • Loan office
    • The claimant requested a loan office to remove her personal data since this company reported a debt to the Central Bank. This debt was not recognized by the claimant. As no positive reply was received, the claimant filed a complaint with the Agency.
    • The Agency initiated an investigation for the following violations:
      • Failure to provide with the information requested by the Agency in due time.
      • Failure to comply with the request for access, rectification or removal of personal data in due time.
      • Failure to register the database with the corresponding National Registry.
    • The Agency dismissed the last charge because the company had registered the database with the relevant Registry but imposed a fine of Argentine Pesos 30,001 (USD 294,62) for breaching the other provisions of the PDPL.
  • Religious institution
    • The claimant requested a religious institution to remove his personal data due to the fact that he was no longer involved with the same religious believes. The institution refused the petition on the grounds that they had an obligation to keep the data pursuant to Canon Law.
    • The affected individual filed a claim with the Agency, which initiated an investigation on the basis of a presumed violation of the provisions of the PDPL, basically to keep inaccurate personal data or not proceed with the legally required correction, updates or removal thereof when the rights of individuals are affected.
    • The Agency considered that the reasons given by the institution do not justify the data protection rights violations; thus, it applied a fine of Argentine Pesos 80,001 (USD 785,64).

For further information contact: mperuzzotti@ojambf.com.

Share post: