International Transfer of Personal Data

On February 22, 2019, the Argentine Data Protection Authority (, the “AAIP”, after its Spanish acronym) issued Resolution 34/2019 by means of which it has modified the list of countries that are considered to have adequate level of personal data protection.

Originally, Rule 60 E/2016 determined that the following countries had an adequate level of personal data protection under the standards of the Argentine Data Protection Law No. 25,326 (“DPL”): member states of the European Union and the European Economic Area, Switzerland, Guernsey and Jersey, the Isle of Man, the Faeroe Islands, Canada (private sector only), Andorra, New Zealand, Uruguay and Israel (only regarding data that is automatically processed).

In these circumstances, and taking Brexit into account, the United Kingdom’s government requested the AAIP to guarantee the flow of personal data coming from Argentina.

In response to this request, the AAIP issued Resolution 34/2019 and included the United Kingdom and Northern Ireland to the list of adequate countries, acknowledging that the UK would still be considered adequate after Brexit.

This enables cross-border transfers of personal data to United Kingdom without the obligation to comply with the special requirements applicable for cases included under section 12 of DPL and its regulatory framework.