Chile | Personal Data Protection Law: the pillar of the regulation of artificial intelligence

Chile | Personal Data Protection Law: the pillar of the regulation of artificial intelligence

The imminent technological evolution leads us to recognize the importance of robust regulation that addresses the challenges posed by artificial intelligence (AI). At an international level, examples such as “The Artificial Intelligence Act” of the European Union and the Executive Order in the United States show the need for legislation that establishes guidelines and supervises the development of this powerful technology.

In Latin America, and particularly in Chile, we face the challenge of advancing regulations, learning from comparative experiences to avoid errors. However, we face significant obstacles, especially since the Bill on the Protection of Personal Data is still awaiting approval. This situation makes legislative discussion on more complex issues difficult, such as the regulation of AI systems, which has already been approved in general and has advanced to its particular discussion.

It is essential to recognize that the lack of an updated law on the protection of personal data, combined with little experience in implementing practices to reduce risks or conducting impact assessments, represents a significant challenge to responsibly moving forward in the regulation of issues. as relevant as this. In that sense, updating the Law on the Protection of Personal Data is presented as the fundamental pillar to progress in any regulatory framework related to technology.

We understand that artificial intelligence uses data of various types, including personal data, which must be used and protected appropriately. Likewise, we cannot ignore how the decisions made by these systems directly impact people’s rights. An illustrative example would be the selection of individuals for waiting lists in the health sector or the allocation of educational scholarships. In both cases, in the absence of updated legislation and lacking practical experience in the responsible use of this type of data, the risk of abuse and discrimination by artificial intelligence systems is significant.

This Sunday, January 28, was International Data Protection Day, an ideal time to look forward with optimism, anticipating that the mixed commission can reach agreements in March on the issues on which the chambers have not yet reached consensus. This advance will mark the conclusion of the legislative process and open a new chapter in Chile’s technological regulation.

By Constanza Pasarin and Trinidad Moreno, associates of the compliance group of Albagli Zaliasnik (az).

Source: Diario Financiero

Compartir:
Chile | Do I have to submit to the internal regulation of my clients or contractual counterparties?

Chile | Do I have to submit to the internal regulation of my clients or contractual counterparties?

Regarding a conversation related to the new Economic Crimes Law, we had a question about whether there is expressly a legal obligation that orders me to submit to the internal regulations of third parties related to my activity. The above, considering that, if effective, this implies that I must read, know and apply all the policies and manuals of my clients and, eventually, other third parties.

In that sense, and at least as far as it concerns a contractual relationship with clients or counterparties on an equal footing in negotiation, it is reasonable to maintain that if I sign a contract with a third party, in which my complete opposition to the commission is expressly mentioned of crimes within my organization, and I have a living, controlled and regularly updated prevention model, it should not be an imperative to have to submit to the self-regulation of my related parties.

In addition to being somewhat extreme, requiring all companies to comply with each of the internal obligations of their related parties, which commonly also depend on the needs, logic and legal techniques of each original regulation, it is tremendously expensive—in terms of time and efficiency—think that each company has to submit, purely and simply, to each and every one of the policies and manuals that make up the Crime Prevention Model of related third parties, simultaneously avoiding its potential application and also ensuring to be attentive to the possible modifications of each of such models (in foreign, and sometimes even foreign, computer servers), which is what is usually asked to accept, ex ante, in such types of regulations.

Although the “obligation” referred to above is inserted in the context of the elements that a crime prevention model must contain, in accordance with the provisions of Article 3 No. 3 of Law No. 20,393, in practice it is observed that These obligations, prohibitions and sanctions mainly deal with the establishment of specific prohibitions relating to certain topics (eg, making facilitation payments, making decisions through undeclared conflicts of interest, carrying out illicit activities in the context of the execution of the contract) and compliance with obligations to report any suspicious situation through established reporting channels, among other points. But the problem, also practical, is that the way of approaching how these obligations, prohibitions and sanctions are implemented for those who contract with another has generally consisted of the supposed duty of having to accept, as noted, purely and simply , the entirety of a certain Crime Prevention Model that is imposed on the other, as a condition of the conclusion of the respective contract.

Consequently, and reflecting on the actual implementation of the new Economic Crimes Law, it is to a certain extent unfeasible, and, at the same time, excessive, to think that all companies must sign the internal regulations of their related third parties and accept them in a closed package. Without prejudice to the foregoing, the failure to incorporate clauses relating to compliance with the crime prevention model could entail risks for the provider when accrediting compliance with its management and supervision duties, especially when what is in question, eventually, is the liability of the legal entity for criminal acts committed in the context of the supplier/client contractual relationship.

From a practical perspective, it should be noted that a serious and relevant situation that involves the commission of an illegal act will require addressing potential criminal contingencies as a first priority, which will allow for early mitigation of possible contractual risks related to non-compliance with these clauses.

Thus, today it is essential to review the contracts with my related third parties and not rest on the fact that there is an identical standard clause in all of these and that it must be accepted automatically or sine qua non to conclude the contract. We think that essential base points can be established, with common objectives, with a view to safeguarding the legal assets protected in Law No. 20,393, such as the obligations, prohibitions and sanctions already mentioned, and contractually refine the relevant points for both parties, but this It does not mean that I must necessarily submit to the internal regulation of my suppliers and clients.

By the way, as part of such essential bases, the controls through the contracts and monitoring of the correct fulfillment of the services agreed in this will be an important armor in the eventual case that said third party commits a crime in the context of the functions that are the subject of my contract.

* Francisca Franzani is director of the Compliance group at Albagli Zaliasnik and Andrés Illanes is manager of Corporate Affairs at Bodegas San Francisco.

Source: El Mercurio

For more information you can contact :

Francisca Franzani  | Compliance Group Director | ffranzani@az.cl

Compartir:
Reflections on leadership, Compliance culture and its relevance in regulatory interpretation

Reflections on leadership, Compliance culture and its relevance in regulatory interpretation

In today’s dynamic corporate landscape, Compliance management is not only about legal obligations, but is a strategic tool to support the integrity and sustainable success of organizations. In the context of this complexity, two fundamental elements stand out: committed leadership in the Compliance function and the construction of an ethical corporate culture. Next, we will analyze the interrelation of these elements, as well as their relevance in the interpretation of Compliance regulations.

The effectiveness of Compliance programs does not lie simply in the implementation of written policies, but in their daily roots in the organization. This firm commitment is achieved through internal leadership, genuinely attending to the good practices of those who direct and manage corporations at all levels.

Leadership and corporate culture: two indivisible pillars. Leadership and corporate culture are interdependent concepts that subsist in the Compliance ecosystem. Composed of values ​​and actions, culture represents the organization’s ethical system. Leaders, for their part, instill these values ​​in employees, thus guiding the purpose for which daily tasks are carried out.

Ethical and cultural leadership. Effective leadership in Compliance not only focuses on the regulatory system applicable – both internally and externally – to organizations, but especially has a positive influence on the overall operation of the company. Indeed, the leader in the field of Compliance must promote ethical values, communicate the importance of Compliance and establish accessible and effective policies in accordance with the corporate culture of the organization. Therefore, corporate culture, as an informal system in the organization, becomes essential to interpret Compliance regulations.

Normative interpretation and the influence of culture. Culture forms the approach through which Compliance regulations are understood and applied. An ethical culture facilitates a deep understanding and ultimate purpose of the standards, ensuring that the mere compliance with formal requirements is not sought, but rather the following of principles rooted at all levels of the organization. That is to say, it is no longer just the actions that matter, but rather that they are carried out in accordance with the organizational culture and pre-established ethical values.

Leadership and culture: key elements to achieve a comprehensive interpretation of Compliance. Ultimately, an effective Compliance program depends on leaders who consider it vital to organizational success. The link between ethical leadership and a solid corporate culture not only drives the design and effective implementation of regulations, but also guarantees a thorough interpretation of the regulatory framework, contextualizing it according to the organization’s design of ethical values. On this path towards excellence, training and professionalization of the Compliance discipline, leadership and culture become lighthouses that guide sustainable organizations appropriate to current corporate evolution.

By Lucía Rodríguez Wikman, Lawyer | CIEMSA | Compliance Latam Collaborator

Compartir:
Chile | Personal Data Protection Law: the pillar of the regulation of artificial intelligence

Argentina | Cryptoactives are included in the future tax “laundering”

The Argentine government, through the recently presented Omnibus Law, provides for the creation of a voluntary Asset Regularization Regime, for the laundering of assets not declared for tax purposes, held as of December 31, 2023.

As a novelty, we highlight the express introduction of cryptoassets or cryptocurrencies as goods subject to externalization. In this sense, they are introduced into the category of “Goods abroad”, regardless of who was their issuer, who is their owner or where they were deposited, guarded or stored.

For more information contact:

Gustavo Papeschi | Partner of Beccar Varela | gpapeschi@beccarvarela.com

Compartir: