Categories
| All Categories |
| China |
| European Union |
| France |
| Peru |
| South Africa |
| U.K. |
| Multinational |
Subscribe
Mail
RSS
Peru
Peru Adopts New Data Protection Law
Francoise Gilbert
On July 2, 2011, Peru adopted its first “Law on the Protection of Personal Data.” The law was published in the country’s official gazette of July 3, 2011 as Law No. 29733. Inspired from the Spanish data protection law and the APEC Privacy Framework, this new law is intended to bring Peru to a level of data protection that would be satisfactory to the European Union member states and other countries that have adopted similar data protection regimes.
Scope of the Law
The law applies to personal data that are held or intended to be held in personal data banks for processing within the country. The important criterion for determining whether the law applies is: where the processing occurs.
The law regulates personal data held in electronic or other form. “Personal Data” is defined as any information about a natural person that identifies, or allows identifying, the person through reasonable means. The law distinguishes “personal data” and “sensitive data.” The definition of “sensitive data” covers traditional items such as data relating to race or ethnicity, health and sexual life, political opinion, religious or philosophical beliefs, and union membership as well as items less frequently found in similar laws: biometric data and income.
Like many other countries, Peru excludes from the scope of the data protection law data that are held for personal purposes, or in connection with family life, as well as data that are held by public administrations but only to the extent that the data are used for criminal investigation or enforcement, public safety or national defense.