in a nutshell
On 5 and 6 December 2022, Resolutions 240/2022 and 244/2022 were published in the Official Gazette. With these resolutions, the Access to Public Information Agency (AAIP) is considering a new classification of infringements and sanctions applicable to conduct that violates Law 25,326 and its related regulations.
The AAIP repealed the clauses governing sanctions and replaced the annexes providing for “classification of violations” and “tiering of sanctions” to ensure that culpable administrative acts were the same punishable act within each offense. abolished maximum sanctions that apply when multiple financial sanctions are involved. The level of the “step of sanctions”.
Here are the relevant changes:
- The AAIP has downgraded the classification of some conduct previously considered serious or very serious infringements. For example: (i) the processing of personal data not registered in the National Registry of Databases (“registry“) What was previously considered a serious violation is now a minor violation. (ii) Failure to register personal databases with the Registry as requested by the State Submitting false or inaccurate data to was previously considered a very serious offense and is now a serious offense.
- The AAIP has increased the fines applicable to minor, severe, and very severe violations while maintaining the maximum fine (ARS 100,000) applicable to very severe violations. For minor violations, the applicable maximum fine has been increased (from ARS 25,000 to ARS 80,000). The minimum applicable fine (from ARS 25,001 to ARS 80,001) and maximum applicable fine (from ARS 80,000 to ARS 90,000) have been increased for serious violations. For very serious violations, the applicable minimum fines have been increased (from ARS 80,001 to ARS 90,001). Either way, these fines can lead to reputational damage, even if they’re irrelevant from a financial standpoint.
- The AAIP has expanded its criteria for determining applicable sanctions. (ii) the offender’s economic situation; (iii) demonstrable adoption of corrective actions and internal mechanisms and procedures that can mitigate the damage; (iv) whether personal data of children and adolescents has been affected;
- The AAIP has increased the maximum fines that apply when a condemned administrative act includes multiple financial sanctions for the same punishable act within each level of “tiering of sanctions.” Up to 3 million ARS for minor breaches (previously 1 million ARS); up to 10 million ARS for major breaches (previously 3 million ARS); up to 15 million ARS for very major breaches (previously is ARS 5 million).
Click here to access the Spanish version.