How are data and cybersecurity laws/regulations implemented?
Last review date: 31 December 2024
☒ omnibus – all personal data
☒ sector-specific
☒ constitutional
What are the key data privacy laws and regulations?
Last review date: 31 December 2024
- National Constitution
- Law 6.534/20 – On the Protection of Personal Credit Data
- Resolution No. 1502/2022 issued by the Consumer Defense Agency
- Resolution No. 3 – Minutes No. 8 "Credit Information Bureau Regulations and Personal Information Credit Protection"
What are the key cybersecurity laws and regulations?
Last review date: 31 December 2024
- Law 642/1995 On telecommunications and creates the National Telecommunications Commission ("CONATEL")
- Law 1.337/1999 On National Defense and Internal Security
- Law 4.439/2011 Amending and extending several articles of Law 1.160/97 ("Criminal Code") concerning computer-related crimes
- Decree 7.706/2011 Approving the Master Plan for Information and Communication Technologies (ICTs) of the Executive Branch
- Decree Law 4,868/2013 on E-Commerce
- Decree 1,165/2014 approving the regulation of Law 4,868 of February 26, 2013, on "E-Commerce"
- Decree 6234/16 Whereby it declares of national interest the application and use of Information and Communication Technologies (ICTs) in the public administration and the public management and orders the implementation of specialized ICT units in specialized ICTs units in the institutions under the Executive Branch
- Law 5653/16 On the Protection of Children and Adolescents against harmful content on the Internet
- Decree 7052/17 by which "The National Plan on Cybersecurity" is approved
- Resolution 115/18 "Guide to Critical Cybersecurity Controls" issued by the National Secretariat of Information and Communication Technologies (for the Executive Branch)
- Law 6207/18 by which the Ministry of Information, Technology and Communication (MITIC)
- Decree 2274/2019 approving the regulation of Law 6207/18 by which the MITIC is created
- Law 6.822/2021 "On trust services for electronic transactions, electronic documents and electronic transferable documents"
- Resolution Central Bank No. 12/2021 - Financial Institutions Security Manual
- Law 6.822/2022, by which the regulatory framework "On trust services for electronic transactions, electronic documents, and electronically transferable documents" is established
- Resolution Central Bank No. 3 – Minutes No. 8 by which Credit Bureaus and the Protection of Personal Credit Data are regulated
What are the key laws and regulations relating to non-personal data?
Last review date: 30 December 2024
N/A
Are new or material changes to those key data and cybersecurity laws anticipated in the near future?
Last review date: 30 December 2024
A bill aligned with the principles established by the GDPR has been introduced in the Congress of Paraguay. It is currently under review, with approval anticipated within the first semester of 2025.