In the Americas, data protection laws define what constitutes “sensitive” personal data using common elements.
Moreover, the concept of sensitive personal data in the Americas largely aligns with the special categories of personal data that are protected under the European Union's General Data Protection Regulation.
Each country has specific measures to protect sensitive personal data, but these vary in nature and scope across the region. Such measures include restricting the legal grounds available for processing sensitive personal data and imposing additional security and transparency obligations.
Additionally, many countries in the Americas share two requirements for collecting and processing data from minors:
- ensuring the data processing takes place only if it is in the best interests of the minor; and
- requiring consent from the parents or legal guardians before processing a minor’s data.
These are among the main findings from Cullen International’s new benchmark covering how eight countries in the Americas protect sensitive data and the personal data of minors.
For more information and access to the benchmark, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our Americas Digital Economy service.
more news
08 May 25
Patchwork approach to 2G/3G switch-off poses challenge for IoT providers
Our IoT regulatory intelligence service provides a clear and comprehensive benchmark tracking the switch-off status of 2G and 3G networks in 66 countries across the world.
07 May 25
[INFOGRAPHIC] EU AI Act cheat sheet: general-purpose AI models
This cheat sheet by Cullen International provides a summary of the core provisions on general-purpose AI (GPAI) models under the EU AI Act.
05 May 25
National measures against spoofing practices in Europe
Cullen International’s research shows recent developments in national regulation against spoofing practices across Europe.