COLOMBIA Law and Practice Contributed by: Maria Carolina Pardo, Ciro Meza, Angélica Navarro and Carlos Ignacio Arboleda, Baker McKenzie
gies. The nation faces considerable challenges in association with deepfakes, particularly regard - ing their potential to disseminate misinforma - tion and influence elections. Although specific legislation has not yet been enacted, ongoing discussions are focused on criminalising the creation and distribution of deepfakes, holding social networks responsible for their content, and balancing these actions with freedom of speech protections. There are some precedents from the Colombian Constitutional Court regard - ing the liability of social media companies for certain content posted on their platforms, man - dating that they apply more robust procedures to address complaints and mitigate risks at an early stage. In the transportation sector, Colombia cur - rently lacks specific legislation governing AI applications such as self-driving cars, com - mercial drones and drone delivery services. The discourse surrounding technology within the transport sector has not yet evolved to address these areas. Presently, discussions are focused on how digital transportation platforms should be regulated. Platforms like Uber, Cabify and Didi are under investigation for potential anti- competitive practices, as they operate similarly to taxis without adhering to regulatory permits. Several key elements are pertinent to AI regula - tion in Colombia, including transparency, data protection, IP and fundamental rights. Trans - parency is essential to ensure that AI systems are comprehensible and accountable. Data protection laws, specifically Law 1581 of 2012, are applicable to AI systems handling personal data, thereby ensuring adherence to privacy standards. IP rights are also an area of focus, with ongoing efforts to safeguard innovations in AI and all information and images reviewed by AI, which fall under the IP regime. Lastly, the
deployment of AI technologies must uphold fun - damental rights, including privacy and freedom of expression. 4. Internet of Things 4.1 Machine-to-Machine Communications, Communications Secrecy and Data Protection Colombia does not have specific machine-to- machine (M2M) communications or internet of things (IoT) legislation, but the general existing data protection and telecommunications regula - tions provide a framework for the responsible deployment of these technologies, as stated in the foregoing. 4.2 Compliance and Governance In Colombia, companies deploying IoT solutions face some compliance challenges. One of the primary challenges is ensuring data protection and privacy. Under Law 1581 of 2012, com - panies must obtain explicit consent from data subjects before collecting and processing their personal data. This requirement can be complex when dealing with IoT devices that continuously collect data locally but with no further process - ing occurring in Colombia. Companies must also implement robust security measures to protect data from breaches and unauthorised access, which can be technically demanding. Addition - ally, a problem related to the international trans - fer of personal data is ensuring compliance with Colombia’s stringent data protection laws. Law 1581 of 2012 and Decree 1377 of 2013 impose restrictions on transferring personal data to countries that do not provide an adequate lev - el of data protection. Companies must obtain explicit and unequivocal consent from data sub - jects for such transfers, with blanket consents
39
CHAMBERS.COM
Powered by FlippingBook