New regulations on cybersecurity and IT matters
By Mariano Peruzzotti and Andrea Sanchez Vicentini.
During February 2022 several regulations issued by the Ministry of Security and the Chief of Cabinet of Ministers, respectively concerning cybersecurity and IT-related matters were published in the Official Gazette. Below, we will briefly comment the main aspects of each regulation:
- Resolution 75/2022 – Ministry of Security
On February 15, 2022, Resolution 75/2022 of the Ministry of Security was published in the Official Gazette. This regulation updates the Federal program for the prevention of cybercrimes (2021-2024) (in Spanish, “PLAN FEDERAL DE PREVENCIÓN DE DELITOS TECNOLÓGICOS Y CIBERDELITOS”).
The Resolution sets forth the guidelines and public policy priorities related to responsibilities concerning cyberspace and its impact on National Security. It also provides a catalogue of proposed actions aimed at guaranteeing the safe use of cyberspace, protecting the Argentine habitants’ rights and guarantees recognized in the current regulations based on the coordination and cooperation among the public sector agencies, the private sector, non-governmental organizations and the academia.
The Advisors Committee Group will be in charge of conducting the coordination of the strategic policy and will articulate all the necessary actions and means to achieve a cross-cutting implementation of the guidelines.
The full text of the Resolution is available on the following site: https://www.boletinoficial.gob.ar/detalleAviso/primera/257535/20220215
- Resolution 86/2022 – Ministry of Security
On February 15, 2022, Administrative Resolution 86/2022 of the Ministry of Security was published in the Official Gazette. This resolution created the program for the strengthening of cybersecurity and crime investigations (in Spanish, “Programa de Fortalecimiento en Ciberseguridad y en Investigación del Crimen (ForCIC)”).
The purpose of this program is to coordinate, assist and provide advice on investigative techniques applicable to cybercrime and/or crimes involving technology and/or the use of technology.
For the execution of the program, members of the federal police and security forces who are trained or are being trained for conducting criminal investigations on cybercrimes will be appointed.
The Center of Investigation on Cybercrimes (In Spanish, “Centro de Investigación de Ciberdelitos de Alta Tecnología”) was created to meet the purposes of this program. It will be in charge of conducting activities concerning training, prevention, analysis and investigation of cybercrimes. Moreover, a committee focused on cybersecurity incident responses will be created.
The full text of the Resolution is available on the following site: https://www.boletinoficial.gob.ar/detalleAviso/primera/257536/20220215
- Provision 1/2022 – Chief of Cabinet of Ministers (National Directorate of Cybersecurity)
On February 16, 2022, Provision 1/2022 of the Chief of Cabinet of Ministers was published in the Official Gazette. This regulation approved an Information Security Policy Model that includes principles and rules concerning security, confidentiality, integrity and availability of information.
The main aim of the Security Policy Model is to describe purposes, principles, basic rules and communication mechanisms for the protection of the public agencies’ information as well as the resources that can be used to that end. In addition, it provides guidelines applicable to information security, protection and management of data, technological resources in use and services provided.
The full text of the Provision is available on the following site: https://www.boletinoficial.gob.ar/detalleAviso/primera/257620/20220216
- Provision 1/2022 – Chief of Cabinet of Ministers (Undersecretary of Open Government)
On February 18, 2022, Provision 1/2022 of the Chief of Cabinet of Ministers was published in the Official Gazette. This regulation updated and concentrated in one single document the general terms and conditions and the privacy policy of “My Argentina” Digital platform and the specific terms and conditions and the privacy policy of “My Argentina – Health” platform.
The following are the most relevant changes:
- The platform can only be used by persons over 13 years who have an Argentine ID card.
- It describes the cases of data sharing among governmental agencies.
- Unlike the previous version, the current documents do not contain any reference concerning cross border data transfer.
- It includes new prohibitions related to the data obtained, such as the unlawful data processing, the access to restricted data, the attempts to breach security measures , or searches and use of technical vulnerabilities, among others.
The full text of the Provision is available on the following site: https://www.boletinoficial.gob.ar/detalleAviso/primera/257752/20220218
For further information please contact: mperuzzotti@ojambf.com