by Juan Manuel González | Sep 10, 2024 | Noticias-en
Today, our personal data is a valuable asset that is constantly circulating on the Internet and we leave a digital footprint that can be used in various ways. Given this situation, Law 1581 emerges as a beacon of protection, establishing a solid legal framework to guarantee our privacy in the digital world.
This Colombian regulation recognizes and protects the fundamental right of all people to know, update and rectify the information that has been collected about them. At the same time, it establishes clear limits on the collection, use and disclosure of personal data, thus avoiding abusive practices such as discrimination and the misuse of our information.
For businesses, Law 1581 represents an opportunity to build relationships of trust with their customers. By complying with this legislation, organizations demonstrate their commitment to transparency and data protection, which in turn strengthens their reputation and brand loyalty.
For further information, contact:
Oscar Tutasaura | Partner Posse Herrera Ruiz | oscar.tutasaura@phrlegal.com
by Juan Manuel González | Sep 4, 2024 | Noticias-en
Parliament has just approved a new law establishing a regulatory framework for crimes committed in the digital environment, with the aim of addressing the challenges posed by cybercrime. This legislation will provide tools to prevent and punish illegal digital activities, in a challenging context with the emergence of new forms of crime.
The law is structured into four main chapters:
I. Classification of computer crimes
Defines and penalizes new illegal conduct:
Cyberbullying: This occurs when electronic means (such as the Internet, social networks, text messages, etc.) are used to persistently stalk, monitor or try to approach another person, seriously disrupting their life.
Computer fraud: occurs when electronic means are used to deceive another person and obtain a financial benefit, causing harm to the victim (for example, unauthorized transfers, use of cards).
Computer damage: This occurs when a person destroys, alters or disables computer systems with the aim of causing damage. This may include, for example, deleting files, introducing viruses, or blocking access to computer systems.
Unlawful access to computer data: criminal conduct consisting of unauthorized access to third-party computer systems in order to obtain, manipulate or distribute the information contained therein.
Unlawful interception: This occurs in cases of total or partial interception of communications that are in transit through computer networks or systems.
Data breach: This occurs when a person, using any type of technology, accesses, appropriates, uses or modifies confidential information of third parties without their authorization.
Identity theft: occurs when a person falsely assumes the identity of an individual or entity, using social networks, emails, bank accounts, digital platforms and any other computer system that allows obtaining personal information and access credentials.
Device abuse: This occurs when a person creates, acquires, introduces into the country, sells or provides to other individuals, programs, credentials or passwords whose main objective is to facilitate the commission of a crime.
II. Prevention and education measures
It establishes the obligation of the State to promote awareness campaigns on computer security and to foster education in cybersecurity. It also provides mechanisms for collaboration between the public and private sectors in the implementation of preventive measures.
III. Cybercriminal Registry
It enables financial intermediation institutions and electronic money issuing entities to create records of people involved in illegal activities in cyberspace. In this context, the law exempts these entities from banking secrecy, so they can share their records among themselves and with the competent authorities in order to file complaints or take steps to prevent and mitigate cybercrimes.
IV. Prevention of non-consensual transactions
It empowers financial intermediation institutions and electronic money issuing entities to freeze funds in client accounts originating from unknown and unauthorized transactions from third-party accounts.
This new Law will surely promote, among others, the following aspects:
Strengthening the legal framework and prevention: provides authorities with tools to investigate and punish these crimes more effectively. Prevention and education measures should help reduce their incidence.
Tools for the financial system: grants the financial system the power to, among other measures, freeze accounts in the event of unauthorized transactions, enabling timely action to prevent or mitigate their effects.
International cooperation: establishes a legal framework that enables international cooperation, facilitating the exchange of information and assistance between countries. It also brings Uruguay closer to joining the “Budapest Convention”, an international treaty designed to combat cybercrime.
For it to come into force, it remains for the Presidency to promulgate it and publish it in the Official Gazette (coming into force 10 days later).
by Juan Manuel González | Aug 29, 2024 | Noticias-en
With more than 15 years of experience in Compliance, Yoab Bitran joins Albagli Zaliasnik (az) as the new director of the Compliance group to lead, together with Rodrigo Albagli, a value proposition based on the prevention and active management of legal, regulatory and reputational risks for companies and organizations.
He is a lawyer from the University of Chile with a Master’s degree in Business and Corporate Criminal Law from the same institution. He also holds an LL.M from Boston University.
He has served as academic director of the Thomson Reuters Compliance LatAm Diploma and professor of the Legal Management Program LatAm Diploma at the Pontificia Universidad Católica de Valparaíso (PUCV).
Throughout his career he has actively contributed to the compliance and corporate ethics industry as Head of LRN Latin America, the largest company in the world dedicated to ethics and compliance.
His professional career also includes his time as an International Associate at Chadbourne & Parke and as part of the legal management of ENAP.
Rodrigo Albagli, partner at the firm and who manages the compliance area at az, emphasizes that “Yoab will strongly support our expansion plan for the Compliance area, which represents a strategic pillar for the sustained development of az in the coming years.”
“It is time to push for excellence in ethics and compliance. Yoab has the experience, tools and knowledge to support companies in raising standards and guiding the effective implementation of compliance programs,” Albagli emphasized.
Yoab focuses his practice on advising companies of various sizes and industries, as well as on building and sustaining ethical corporate cultures. One of his main goals is to promote ethical leadership and best practices in the region, and he is frequently invited as a speaker at international conferences and events.
“I am excited to maintain and strengthen az’s leadership in our country and become a regional benchmark in compliance best practices. We have the opportunity to have a significant impact on raising ethical standards in Latin America, taking advantage of our role as founders and coordinators of the Compliance Latam platform,” concluded Yoab.
by Juan Manuel González | Aug 14, 2024 | Noticias-en
On August 4, Legislative Decree No. 1623 was published, through which the IGV Law was modified, establishing in turn the tax on the provision of streaming services (among other operations) by subjects not domiciled in the country, such as Netflix, Amazon, Spotify, Disney+, etc.
Among its main provisions, the standard has provided for the following:
VAT (18%) on transactions carried out by natural persons who consume streaming platform services, intermediation services in the supply and demand of goods and services (AirBNB, Uber), storage services, among others, regardless of whether they carry out business activity or not.
VAT (18%) on transactions carried out with natural persons who “import” an intangible through the Internet, regardless of whether they carry out business activity or not.
Designation as withholding and collection agents of non-domiciled subjects and payment facilitators (banks, financial institutions, telecommunications companies) with respect to digital services and the importation of intangible goods via the Internet.
The obligation of providers of such services to register in the RUC and comply with certain formalities.
The collection of VAT on such operations would be carried out from October 1, 2024.
By Supreme Decree, the publication of which must be made within the next 30 days, the provisions of Legislative Decree No. 1623 will be regulated.
by Juan Manuel González | Aug 13, 2024 | Noticias-en
On January 10, 2023, the Organic Law to Promote the Violet Economy was issued and published in the Official Registry Supplement No. 234 of January 20, 2023. Article 18 of the law establishes that “(…) Company Equality Plans are a set of measures, adopted after carrying out a diagnosis of the situation, created with the aim of achieving equal treatment of opportunities between women and men in the company, eliminating discrimination of any type of gender and multiculturalism. Equality Plans will include the strategies and practices to be adopted to achieve them, as well as the establishment of effective systems for monitoring and evaluating the objectives set. Equality plans will include all departments of a company, without prejudice to the establishment of appropriate special actions with respect to certain work centers.”
Subsequently, through Ministerial Agreement No. MDT-2024-013 of January 19, 2024, published in the Official Registry Supplement No. 492 of February 5, 2024, the Ministry of Labor issued the Guidelines for the Registration of Equality Plans.
On July 29, 2024, Ministerial Agreement No. MDT-2024-099 was signed by the Minister of Labor Ivonne Elizabeth Núñez Figueroa with the purpose of updating the procedures and requirements for the registration of Equality Plans in companies with 50 or more workers.
In said ministerial agreement, the second paragraph of the First Transitional Provision of Ministerial Agreement No. MDT-2024-013 is amended, mentioning the following:
“Those employers who have a payroll of 50 or more workers must register the “Equality Plans” with the Ministry of Labor by July 31, 2025; and, once this period has concluded, the Ministry of Labor will proceed with the corresponding control and sanction process in case of evidence of failure to comply with the “Equality Plan”
In addition, it was indicated that the Ministry of Labor will proceed with control and sanction processes in case of non-compliance after this deadline.
If you require additional information, please contact the email laboral@bustamantefabara.com
by Juan Manuel González | Jul 30, 2024 | Noticias-en
On July 29, 2024, Resolution No. 710/2024 of the Ministry of Security was published in the Official Gazette of the Nation, creating the Artificial Intelligence Unit Applied to Security (“UIAAS”).
This new unit will operate within the scope of the Cybercrime and Cyber Affairs Directorate, which reports to the Cabinet of Advisors Unit of the Ministry of Security. The UIAAS will be headed by the Director of Cybercrime and Cyber Affairs and will include the participation of representatives of the Federal Police and Security Forces.
The mission of the UIAAS is the prevention, detection, investigation and prosecution of crime through the use of artificial intelligence. Its main functions include:
– Patrol social networks, applications and websites, as well as the “deep Internet” or “dark web”, to investigate crimes and detect security risks.
– Identify and compare images in physical or virtual format.
– Analyze security camera images in real time using facial recognition.
– Use machine learning algorithms to predict and prevent future crimes.
– Detect cyber threats before attacks occur, including malware and phishing.
– Process large volumes of data to create suspect profiles and establish links between different cases.
– Use drones for aerial surveillance and emergency response.
– Performing dangerous tasks, such as deactivating explosives, using robots.
– Improve communication and coordination between the Federal Police and Security Forces.
– Analyze social media activities to detect potential threats and anticipate unrest.
– Detect suspicious financial transactions that could indicate illegal activities.
The implementation of the UIAAS will be in accordance with the guidelines and directives established by the Ministry of Security Resolution No. 428/24.
It should be noted that, according to the Ministry of Security Resolution No. 428/24, during preventive work, police personnel must comply with the Personal Data Protection Law No. 25,326. Likewise, said resolution ignores that (i) it is strictly prohibited to handle sensitive data without judicial authorization, as well as to use publications by minors without due permission, and that (ii) if it is detected that the preventive activity involves a minor, it will be immediately suspended and the corresponding authorities will be notified, unless there is a risk to the life of the minor.
The scope and limits of the new UIASS’s actions, particularly when using technological tools to prevent criminal conduct, will have to be carefully analysed, taking into account potential problems regarding the right to privacy and the validity or legality of the actions of the security forces.
For more information and to access the full details of the regulation, please consult the following link: Resolution No. 710/2024.
