Following the massive data leak that has come to light in recent hours, Fundación Vía Libre has requested all information related to the leak from the responsible authorities. We know that the leak originated from a private company (SudamericaData and/or WorkManagement), however, the available data comes from public bodies such as ARCA (formerly AFIP), the Vehicle Registry, ANSES and BCRA, among others.
For this reason, our questioning of these organisations is not related to the leak itself, but rather to compel them to explain how and why this private company had this data in its possession. Among the questions we asked was whether or not there is a data transfer agreement. If such an agreement exists, it is undoubtedly outside the regulatory framework of the current data protection law. On the other hand, if no such agreement existed, we are faced with a worrying case of theft and misappropriation of personal data that the State is responsible for protecting.
In any case, the State is always responsible for the proper custody of the data that citizens are required to provide and is therefore accountable for this leak.