Earlier today in Bogota, the supervisor of the Colombian data protection authority (within the Superintendency of Industry and Commerce) announced that the country’s new data protection law will receive final approval from President Juan Manuel Santos this month or next.  The supervisor, José Alejandro Bermúdez, made the announcement in an interview with the Spanish news agency Efe.

In December 2010, the Congress of Colombia passed comprehensive data protection legislation modeled after the European Union’s Data Protection Directive of 1995.  The legislation subsequently underwent a required review by the Constitutional Court, which required only modest changes. 

With one of the largest economies in the region and the third-largest population of Spanish-speakers in the world, the coming into force of a comprehensive data protection law in Colombia is a significant development.  Coming just days before the convening of the 34th International Conference of Data Protection and Privacy Commissioners in Punta del Este (Uruguay), the announcement underscores the intense interest in data protection throughout Latin America.

Notably, Mr. Bermúdez emphasized that with the law in effect Colombia “provides an adequate level of protection” for personal data.  As we reported last week, the desire to obtain adequacy determinations from the EU is among the factors driving passage of new data protection laws in Latin America.  In August, Uruguay became the second country in the region to receive an adequacy determination.