I. Legal Framework
Constitutional privacy framework
Article 20 of the Constitution of the Republic of Bolivia recognizes the inviolability of any kind of communications and private documents, and establishes that private documents that are violated or seized will not produce legal effect. The Constitution also provides that neither a public authority, nor a person or a public or private entity will be able to intercept conversations and private communications, nor will they be able to install equipment that controls or centralizes private conversations or communications. Article 21 of the Constitution recognizes the inviolability of the home.
In 2004, the Constitution was modified and the action of Habeas Data was introduced. The Habeas Data action can be filed by any person who believes he is unduly or illegally restrained from knowing, objecting or obtaining the rectification or deletion of personal data registered by any physical, electronic or magnetic means in computer files or public or private databases. The Habeas Data action is processed pursuant to a summary procedure (proceso sumarísimo) as provided for by Article 19 of the Constitution.
Any citizen can introduce a Habeas Data action in front of the Superior Court of the district (Corte Superior del Distrito) or in front of any Judge (Juez de Partido). If the tribunal or competent judge declares the habeas data action reasonable, he will order the disclosure, deletion or rectification of the personal data registered in the database that is challenged. The sentence can be appealed before the Constitutional Tribunal, within the next 24 hours. However, the execution of the sentence will not be suspended. The action of Habeas Data cannot compel journalists to reveal their sources.
Statutory rules on privacy
Bolivia does not have a comprehensive data protection act. However, several regulations protect privacy. The Bolivian Tax Code and Banking Law, regulate privacy and confidentiality: the Resolutions of the Superintendence of Banks held that the Banking and Financial Information Bureaus (Buros de información crediticia) are covered by the banking secrecy provisions, and therefore must not provide any information to third parties, except in special cases. Liability for damages may arise from the breach of bank secrecy.
The Criminal Code (Código Penal) sets forth as a crime any disclosure of information obtained without authorization. It establishes several offences related to the violation of privacy. Article 296 of the Penal Code guarantees the privacy of correspondence, establishing that whoever opens an envelope containing a letter that is not directed to himself, with the intent of learning about its content, is guilty of a felony. Article 298 of the Code also punishes the disclosure of information obtained by any means similar to those referred to in Article 296. Article 297 punishes the interception of telephone or telegraphic communications.
The Regulation of the Planning and Entrance to the Public Prosecutor Career establishes in article 3 the protection of personal data. It provides that personal information collected from Public Prosecutors (Fiscales) and the General Inspector (Inspector General) will be processed in a confidential way and following the principles of relevant, adequate and legitimate purpose. Only data subjects or third parties with special power of attorney will have access to the data. The procedure for accessing, correcting and canceling data considered to be irrelevant or inaccurate is established by this law and by future laws that can be approved (habeas data). The controller is the Human Resources System Director and the processor is the Scale Chief.