In the Americas, data protection laws define what constitutes “sensitive” personal data using common elements.
Moreover, the concept of sensitive personal data in the Americas largely aligns with the special categories of personal data that are protected under the European Union's General Data Protection Regulation.
Each country has specific measures to protect sensitive personal data, but these vary in nature and scope across the region. Such measures include restricting the legal grounds available for processing sensitive personal data and imposing additional security and transparency obligations.
Additionally, many countries in the Americas share two requirements for collecting and processing data from minors:
- ensuring the data processing takes place only if it is in the best interests of the minor; and
- requiring consent from the parents or legal guardians before processing a minor’s data.
These are among the main findings from Cullen International’s new benchmark covering how eight countries in the Americas protect sensitive data and the personal data of minors.
For more information and access to the benchmark, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our Americas Digital Economy service.
more news
17 April 25
Four-fifths of European mobile operators partially or completely sold their towers
Our latest benchmark analyses the business models adopted in 23 European countries, whether tower companies are registered under the general authorisation regime and if governments adopted specific legislation to stop foreign takeover of tower companies.
16 April 25
10 latest national developments in European telecoms regulation
Significant regulatory developments have recently taken place across Europe, particularly in the areas of fixed wholesale regulation and spectrum policy.
14 April 25
[INFOGRAPHIC] EU AI Act timeline
Our timeline outlines the milestones in the implementation of the Artificial Intelligence Act (AI Act) until August 2027.