III. Privacy issues
In 1928 the Supreme Decree 950 was passed.1 This legal document establishes the obligation of the notaries, judges, and curators to send to the Chamber of Commerce of Santiago (CCS) on a daily basis, the economic, banking, financial background of debtors. The norm also grants to the CCS the exclusiveness in the drafting of the Commercial Information Bulletin (Bolet√≠n de Informaciones Comerciales) and creates a special section called "Clarifications" (Aclaraciones) where those affected by the publication due to mistakes, inaccuracies or by any other cause could add the explanations of the data in the former number of the Bulletin.2
On May 18, 2005, the National Economic Attorney's Office filed a complaint against the CCS in the Competition Tribunal. The case was based on the abuse of the dominant position of the CCS in the market of credit information based on the fees that debtors have to pay to the CCS in order to make a clarification.3
On October 25, 2006 the Supreme Decree 998 that partially modifies the Supreme Decree 950 was enacted.4 The law establishes that those debtors could add information to the Clarification Section of the Commercial Information Bulletin when the obligations derived from checks, bills of exchange and promissory notes that had undoubtedly been paid or that had been extinguished by other legal means after its publication in the Bulletin. The publications of those clarifications are free of charge when the amount of the installment or debt, or the amount of the check, bill of exchange or promissory note that motivates the publication is less than $ 100.001 Chilean Pesos (189 USD approx).5 From January 2010, the clarification of any debt will be free of charge regardless the amount of the debt.
In November 2005, the CCS adopted a good practices code for electronic commerce and trained their associated companies on issues related to personal data protection and customer rights on electronic transactions.6
In April 2007, a group of congressmen introduced a bill that prohibits information exchange agreements between public institutions and companies dedicated to the commercialization of commercial background, economic, financial and banking information.7 The bill seeks to substitute Article 20 of the Law for the Protection of Private Life with the following text: "Article 20. The processing of personal data by a public body can only be performed in relation to matters of its responsibility specifically those included in Article 17 of this law, under the provisions of the rules. In these conditions it will not require the authorization of the data subject." Proponents of the bill indicate that according to Article 17 of the Law for the Protection of Private Life, the debtors list created by institutions such as the General Treasury of the Republic (TGR) must not be disclosed to third parties. In spite of that law, the TGR has a sharing agreement with companies DICOM, Data Business and Sinacofi. According to the agreement, the companies publish a list of debtors who in the last three years have fiscal debts and have not approached the institution to express their willingness to sign a payment agreement. The TGR states that under Decision 25.336 of the General Comptroller of the Republic (Contraloría General de la Republica), of July 2002, they are allowed "to subscribe agreements with companies specializing in information in order to publish a list of tax debtors."8 Nevertheless, in a trial related to this topic, the maximum Justice Court accepted a protection remedy (acción de amparo) filed by a taxpayer who expressed that the TGR acted illegally violating Article 19(4) of the Constitution on protection of individuals' private life for publishing the tax debtors' list in the DICOM register.9
In March 2005, a bill was introduced that requires banks and other financial institutions to provide a written answer to their clients explaining the reasons for denial of a request of credit.10 Banks commonly reject verbally credit requests of individuals, based on the contents of the "Historic DICOM," historic registers of debtors' personal information. In April 2007, nine Congressmen introduced a bill similar to the one described above, that establishes a specific prohibition of the existence and use of historic registers.11
In October 2006, a parliamentary motion contained in the Bulletin Nº 4.629-07 was introduced in the Senate.12 The motion proposes to modify the Law for the Protection of Private Life so that "all the companies that provide information, about checks, checking accounts and commercial records are forced, in case of rejection, to express it by electronic means."13 The author of the bill explained that individuals with rejected checks are hindered from filing formal claims because they do not have any documents that certify the rejection of the questioned document or the reasons of the rejection. The bill was passed after a rapid processing in the Senate, passing to a second constitutional procedure at the Lower House (Cámara de Diputados).
In April 2002, a Law on Electronic Documents, Electronic Signature and Electronic Signature Certification Services (the Law) was enacted. The law establishes that contracts and agreements entered into through the use of electronic signatures shall be equally valid and effective as those executed on paper.14
Unsolicited Commercial E-mail ("Spam")
On June 29, 2004, Consumer Protection Law (No. 19.955) was enacted.15 This law is the first regulation that addresses some of the problems related to unsolicited commercial communications, also known as "spam." Article 28(b) establishes an opt-out system and provides that any electronic commercial email must indicate the name of the sender, the precise description of what is advertised, and a valid address where the consumer can send a message to avoid any future email. The same provisions are applicable to advertisements coming via regular mail, fax or telephone. These communications must indicate an easy mechanism to avoid future similar distribution.
In March 2005, a bill that modifies Law 19.628 was introduced in the Senate.16 The bill widened the definition of "personal data" to include not only all the information concerning an identified or identifiable individual but also any juridical person identified or identifiable.17 The bill also establishes what personal data and sensitive data are and provides that its processing will only be accepted if there is a previous and specific authorization from the data subject.18 It also defined what public access sources are and established that an e-mail address is sensitive data and that the fact of publishing an e-mail on a website does not mean that the website is tacitly authorizing its use for commercial promotion or advertising purposes or for being used in a different way from the one derived from the website's purpose.19 Cerda Alberto y Herrera, Andrés, Proyecto de ley contra el uso abusivo de datos personales y resguardo de los usuarios ante el correo electrónico no deseado, Revista Chilena de Derecho Informático de la Universidad de Chile 6 (2005). It will proceed after at least five clients notify the service provider of the spam and only a particular, determined address will be blocked. The service provider will have to implement a quick procedure, and elaborate and publish a list of all the sender's addresses to be blocked (as a result of the client's request), in order to be consulted by the mail systems and servers of others service providers.20
Privacy case law
In April 2004, the Court of Appeals of Santiago ruled the case of Joe Doe against Investigations Police of Chile for keeping records of Joe Doe's orders of apprehension for a period of 15 years. These orders of apprehension were later revoked. Joe Doe has requested the elimination of such registries due to their lack of accuracy. The police organization had rejected the request even though they recognized the inaccuracy of the data.21 This case showed the illegality of certain police practices on criminal prevention and repression.22
In October 2004, within the framework of an investigation on governmental irregularities, Judge Gloria Ana Chevesich order to seizure e-mails sent and received between 1997 and 2003 by more than 400 government officials. The workers allege that the order violated its right to privacy. The Court of Appeals of Santiago considered that the order was neither arbitrary nor illegal.23 On January 2005, the Supreme Court ratified the sentence.
- 1. http://alegislativo.bcn.cl/publicadores/pub_link_asistente/admin/ver_arc...
- 2. The 1928 Decree has been kept in force in spite of the Law 19.628 of the Protection of the Private Life because the transitory Article 3 of the Law 19.628 recognized all legal effect to those articles that do not oppose to the content of the law.
- 3. http://www.fne.cl
- 4. http://www.boletincomercial.cl/html/decreto_998.asp
- 5. http://www.xe.com/
- 6. http://www.ccs.cl/ccs/Portals/17/codigo_buenas_practicas/inicio-cbp.htm
- 7. See Bulletin 4.959-03. Proyecto que Modifica la Ley 19.628, sobre Protección de la Vida Privada, con el Objeto de Precisar su Ámbito de Aplicación.
- 8. http://www.lexisnexis.cl/PortalLN/Noticias/MostrarNoticia.asp?Codigo=7640
- 9. Juri Jubrail, Alfredo vs. General Treasury of the Republic, N¬∫ 500-2007. March 20, 2007. The Supreme Court revokes the decision of the Appeals Court of Temuco that rejected the remedy of deduced protection against the General Treasury of the Republic. The decision joins those other two issued by the maximum Justice Court of Chile against the same public institution and for the same trial.
- 10. Proyecto que Modifica la Ley 19.496 y el D.F.L. 3 de 1997 de Hacienda, con el fin de Establecer la Obligación para Bancos e Instituciones Financieras de Fundar por Escrito la Negativa a una Solicitud de Crédito [Bill that modifies Law 19.496 and the D.F.L. 3 of 1997 of the Ministry of Finance with the aim to Establish the Banks’ and Financial Institutions’ Obligation to Hand a Written Document Basing their Denial to a Credit Request], Bulletin 3.814-03. Introduced to consideration on March 23, 2005.
- 11. Proyecto que Modifica Disposiciones de la Ley 19.628 sobre Protección de la Vida Privada, y el D.F.L. 3 de 1997, Ley General de Bancos, con el Objeto de Prohibir la Existencia de Registros Históricos de Deudores (DICOM) [Bill that modifies the Dispositions of the Law 19.628 on the Protection of Private Life and the D.F.L. 3 of 1997, General Banks’ Law, with the aim to Ban the Existence of Historic Debtors Registers (DICOM)], Bulletin 4.972-03. Processed since April 11, 2007.
- 12. Proyecto que Modifica la Ley 19.628 sobre Protección de la Vida Privada con el Fin de Resguardar en Mejor Forma los Datos de Carácter Personal y Sancionar Penalmente su Tratamiento y Cesión Indebida [Bill that modifies Law 19.628 on the Protection of Private Life with the aim to Shelter Better Personal Data and Penalize their Illegal Processing and Cession], Bulletin 4.629-07, Introduced to legislative process at the Senate of the Republic, on August 22, 2006.
- 13. The referred article Seeks to modify Article 5 (bis) of the Law 19.618 establishing "that the written denial must indicate who the client of this information service is. Date and hour of the information request, detail of the reasons by which the check was not accepted as a payment instrument. This declaration must be handed in printed form to the check issuer, by the service client or requester of the information at the moment the check is rejected".
- 14. BNA World Data Protection Report, Vol. 2, Issue 7, July 2002, at 5.
- 15. http://www.sernac.cl/docs/texto_ley_del_consumidor.pdf
- 16. http://sil.congreso.cl/cgi-bin/sil_mocionesaut.pl?63@Senador@Novoa%20V%C3%A1squez,%20Jovino#
- 17. Id. at article 1, numeral 1.
- 18. Id. at article 1, numeral 2.
- 19. Id. at article 1, numeral 3-7.
- 20. Id. at article 1 numeral 7.
- 21. http://www.poderjudicial.cl/0.8/info_causas/esta402.php?rowdetalle=AAAHk...
- 22. Constanza Dintrans, Tratamiento de Datos Personales por la Policía de Investigaciones: Comentario a Sentencia de la Corte de Apelaciones de Santiago, Rol 494-2004, Revista Chilena de Derecho Informático de la Universidad de Chile 6 (2005).
- 23. http://www.cedi.uchile.cl/docs/Casoemail_sentenciaCA.pdf