The Data Protection Law defines personal data as information of any type that refers to determined or determinable natural or legal persons. If ESI to be disclosed contains personal data, then the Data Protection Law and its regulatory decree are applicable.
Handling of personal data always requires the consent of the data owner. One of the exceptions set forth in the Data Protection Law is when the personal data is collected for the exercise of functions proper to the powers of the state or by virtue of a legal obligation. When the handling of personal data is required under one of the three methods of obtaining pretrial evidence (see Section I), the court will exercise its judicial power to request it. The consent of the data owner is not required in these cases.
Regarding cross-border transfers, the Data Protection Law states that the transfer of personal data (of any kind) with countries or international or supranational organisations that do not provide adequate levels of protection is prohibited. However, if the cross-border transfer is requested as part of an international judicial cooperation process, the prohibition will not apply.
If an Argentine party wishes to produce evidence that has been requested internationally, it must ensure that the evidence complies with Argentine law.
Additionally, the Confidentiality Law states that individuals or legal entities may prevent information that is legitimately under their control from being disclosed to third parties, or acquired or used by third parties in a manner contrary to honest commercial practices, provided that the information (1) is confidential, in the sense that it is not generally known or easily accessible to persons in that field of work, (2) has commercial value because it is confidential and (3) the person who controls it has taken reasonable measures to keep it confidential. ESI is specifically considered when the Law details how 'confidential information' can be stored.