News

Uruguay Close To Receiving EU Adequacy Recognition?

02 October 2009
Image
Image

Uruguay may be on its way to become the second Latin-American country recognized by the European Commission as offering an adequate level of data protection. Last month, the Uruguayan government adopted a set of regulations implementing the country’s 2008 Personal Data Protection Act (Law 18331). The implementation of this new law, as well as the creation of a national data protection authority last May, are expected to have a positive impact on the European Commission’s assessment as to whether or not Uruguay’s data protection rules meet EU adequacy standards.

The EU Data Protection Directive (95/46/EC) provides that the transfer of personal data from EU member States to non-Member States may in principle only take place if the laws in the recipient country ensure an adequate level of data protection.  The European Commission can decide that a non-EU country has adequate protection if the country’s legal framework covers all the basic data protection principles (set out in the Directive) and if there is an enforcement system in place ensuring the effectiveness of that framework. To date the European Commission has issued adequacy decisions in favor of Argentina, Canada, Guernsey, Isle of Man, Jersey, Switzerland, the U.S. Department of Commerce’s Safe Harbor Principles, and the transfer of air travelers’ data to the U.S. Department of Homeland Security.

Uruguay filed a request for EU adequacy recognition in October 2008, and the preliminary reactions so far appear to be favorable. However, the recognition process is unlikely to be completed before the end of the year. An adequacy decision from the European Commission will allow personal data to flow freely from the EU to Uruguay, without the need for additional data privacy safeguards. EU recognition will help Uruguay boost its outsourcing industry and attract more EU-based companies looking for providers of administrative, financial and other data processing services in Latin America.

 

Authored by the HL Chronicle of Data Protection Team

Contacts

bio-image

Eduardo Ustaran

Partner

location London

View more

Related topics

Related countries

Related keywords

Load more

Articles you may be interested in

image_1
Insights and Analysis

End-to-end encryption: obstacle or pillar of national security?

07 April 2025
image_1
News

Latombe Case: First hearing for annulment of the EU-U.S. Data Privacy Framework

02 April 2025
image_1
News

Connected vehicles: CNIL’s consultation promotes driver’s consent over fraud and car theft

01 April 2025
image_1
News

Streamlined BCR approval: Understanding the EDPB's updated procedure

31 March 2025
image_1
News

The Data Chronicles | Unlocking the EU Data Act | What it means for connected products and related services

27 March 2025
image_1
News

Overview of the CNIL’s enforcement actions in 2024: the simplified procedure generates an increase in sanctions

25 March 2025
image_1
News

Gender and GDPR: does the right to rectification override civil registry records?

25 March 2025
image_1
News

The Data Chronicles | Unlocking the EU Data Act | Impact on cloud providers and cloud users

20 March 2025
image_1
News

The Data Chronicles | Unlocking the EU Data Act | What you need to know

13 March 2025
left_arrow
right_arrow

View more insights and analysis

arrow
arrow

Register now to receive personalized content and more!

 

Register
close
See benefits
Register