The Deputy Superintendence for the Protection of Personal Data of the Superintendence of Industry and Commerce is the Data Protection Authority in charge of guaranteeing that public and private entities, comply with the principles, rights and guarantees in the treatment of regulated personal data according to Law 1266 of 2008 and Law 1581 of 2012.
According to Decree 4886 of 2011, the Deputy Superintendent for the Protection of Personal Data has the following functions:
- Advise the Superintendent of Industry and Trade in the formulation of policies as it relates to your area.
- Ensure compliance with the rules and laws and propose new provisions.
- Give support to the Office of Consumer Services and Business Support in the development of outreach, promotion and training, in matters within its competence.
- Provide temporary blocking of the data when the evidence submitted by the holder of the right, a certain risk of violation of his fundamental rights is identified, and this blockade is necessary to protect them while a final decision is made.
- Uttering declarations of conformity on international data transfers. 6. Require the collaboration of international or foreign entities when the rights of the holders are being affected outside Colombian territory on the occasion, of international collection of personal data, among other things.
- Decide appeals and requests for direct recall filed against acts issued and the appeal filed against the acts issued by this Deputy in charge.
- Direct the Deputy in charge and assure the efficient performance of the functions required.
- Receive and evaluate reports that are submitted to the Superintendent and report regularly on the state of affairs of their Deputy and the degree of implementation of its programs.
- Other duties as assigned and which reflect the nature of the Deputy.
This Deputy Superintendence since the enactment of Law 1266 of 2008, and especially, since the entry into force of Law 1581 of 2012, has been given to the Superintendence of Industry and Commerce international recognition as an authority on the protection of personal data, participating in the following forums:
- INTERNATIONAL CONFERENCE OF OFFICERS OF DATA PROTECTION AND PRIVACY
The October 24, 2012. During the 34th meeting held in Punta del Este, Uruguay, the Superintendence of Industry and Commerce was accepted as a full member of the Conference on behalf of Colombia. At that Conference, as well as in the one that took place in September 2013 in Warsaw, Poland, the Superintendence intervened in the closed session for authorities and in the open session. This Conference is the major international group of agencies and authorities of personal data protection.
- ASIA -PACIFIC FORUM ON ECONOMIC COOPERATION - APEC. PRIVACY GROUP FOR THE ELECTRONIC COMMERCE COMMITTEE
The Deputy Superintendence was invited to participate in the meetings of the Subgroup of Privacy on the Electronic Commerce Committee- APEC as a guest, not a member for a period of three (3) years. The Cross - Border Privacy Framework is an international reference for the regulatory work that is underway in Colombia to achieve adequate interoperability of various systems so that citizens are effectively protected, without becoming a barrier for trade. The Deputy Superintendence for the Protection of Personal Data attended as an observer to the Senior Officers Meeting Group (SOM1) held in Jakarta, Indonesia from January 31 to February 2, 2013.
- OECD - WORKING PARTY ON INFORMATION SECURITY AND PRIVACY
The Deputy was invited to participate since 2013 as a participant for the Working Party on Information Security and Privacy (WPISP) of the OECD, which since 2012 has been focusing on the draft of the revised guidelines on Privacy and Transborder Data Flows of 1980.
- GLOBAL PRIVACY ENFORCEMENT NETWORK (GPEN )
Since September 23, 2013 Colombia was accepted as a member of the Global Privacy Enforcement Network –GPEN. We are the second Latin American country, after Mexico, in being part of this network for the international protection of data. The network began its functions in 2007 when a recommendation was adopted by the OECD member countries, in terms of cross-border cooperation to implement the Data Protection laws. As a result of this recommendation, this informal network aimed at promoting the effective implementation of measures to protect the personal data of its citizens was created.
- LATIN AMERICAN NETWORK FOR DATA PROTECTION
The SIC is a member of the Executive Committee of the Latin American Network for the Protection of Personal Data forum, that integrates various actors, both from the public and private sector, with initiatives and projects related to the protection of personal data in Latin America. The Network conducts an annual Iberoamerican Meeting, has a General Assembly members Entities RIPD, which was held this year from October 15-17 in Cartagena-Colombia.
- ASIA PACIFIC PRIVACY AUTHORITIES - APPA
Colombia is a member of APPA (Asia Pacific Privacy Authorities) since 2013, the main forum for authorities on privacy and data protection in the Asia Pacific Region. This network of authorities, established in 1992, focuses on the joint work of the authorities in regulation, new technologies, complaints and claims management and supervision methods. Its members meet twice a year to discuss reports related to regulatory and procedural advances of its members as well as panel discussions on issues of impact on privacy and data protection worldwide.