The National Institute of Industrial Property Can No Longer Publish Certain Personal Data from Its Files

A complaint was filed before the Agency of Access to Public Information against the National Institute of Industrial Property (“INPI”) alleging a breach of the duty of security and confidentiality of personal data.

The complaint stated that, when making a query through INPI’s website, any person could access the digital grid of a file, which contains personal information of a trademark applicant, such as its name and surname, CUIT, address, e-mail address, and telephone number, without the data subject’s prior consent and without applying any exception provided by the Data Protection Law No. 25,326. With that information any third party could create a database, exceeding the purpose for which they were originally displayed, i. e., to comply with the public registry of the trademark applications.

In response to the complaint, the INPI expressed its inability to intervene in the administration of the Electronic Document Management system, used by the entire national public administration of Argentina, which replicates the complete file. Consequently, it stated that it would proceed to delete the cover page of all digital files accessible through its website.