EPIC --- Privacy and Human Rights Report
|Title Page Previous Next Contents | Country Reports >Republic of Chile|
The Constitution of the Republic of Chile of 1980 recognizes the right to privacy. Article 19 secures for all persons: "Respect and protection for public and private life, the honor of an individual and his family, as well as the inviolability of the home and of all forms of private communications. The home may be invaded and private communications and documents intercepted, opened, or inspected only in cases and manners determined by law."
Chile is the first Latin American country to enact a data protection law. The Law for the Protection of Private Life came into force on October 28, 1999. It covers the processing and use of personal data in the public and private sectors, and the rights of individuals (of access, correction, and judicial control). The law contains a chapter dedicated to the use of financial, commercial and banking data, and specific rules addressing the use of information by government agencies. It also includes fines and damages for the unlawful denial of access and correction rights. Only databanks in the government must be registered. The law was slightly amended in 2002 and modifies the Labor Code by providing that employers cannot condition hiring an employee on the lack of personal or economic debts.
Since the Law for the Protection of Private Life was passed in 1999, nineteen bills aimed to modify it have been presented (current to May 2007). In August 2006 the newspaper “El Mercurio” published an investigation that revealed the sale of patients’ prescription information by pharmaceutical chains and laboratories.  As a result of this report, a group of members of the Parliament drafted a bill modifying the Law for the Protection of Private Life to remedy the situation. This bill establishes criminal sanctions for the illegitimate data processing by data controllers.
On September 2006 another bill that modifies the Law for the Protection of Private Life was introduced. This bill aims to protect personal data belonging to public and private institutions, and penalize its processing was introduced in the Lower House (Cámara de Diputados).
The law has been criticized for certain ambiguities in its language, such as for the concept of "public access source" and "sensitive personal data." It has also been criticized for the weak protection measures for some categories of personal data. For example, no difference is made between "personal" and "sensitive" data, such as data revealing political opinions, religious beliefs, or health or sex life; and the law lacks control mechanisms aimed at sanctioning illegitimate data processing by data controllers. The EU expressed concerns about the data protection law, as this law does not contain restrictions for transfers of personal data to third countries, nor does it have a data protection authority.
On May 28, 1993, Law 19.223 that protects the right of privacy was enacted. This law, which modifies the Penal code, protects the right to privacy by sanctioning the person who, without authorization, illegally seeks to know information contained in a database or alters, destroys or discloses that information.
In August 2000, Decree No. 779 that regulates the registration of public sector-controlled databases was enacted. The registration is the responsibility of the Civil Registration and Identification Services.
Two pending bills aim at reforming the Penal Code with respect to cybercrimes. The first one modifies Law No. 19.223 about cybercrimes and criminalizes the improper access to information included in a database and its destruction or alteration, and damage to computer data. The second bill introduces new crimes, such as the falsification of electronic documents and credit cards. However, the Ministry of Justice recently decided not to continue with these bills and will instead focus on the redaction of a new Criminal Code that will contain new cybercrimes.
In November 2005, Law 19.423 added new provisions to the Penal Code related to the protection of the private life. Under this law, the collection of information by recording, wiretapping, or other secretive means, is prohibited. Such surveillance may be conducted in narcotics-related cases upon the issuance of a judicial order.
In January 2004, Law No. 19.927 was enacted. It establishes sanctions for the distribution, disclosure, importation and exportation of child pornography materials; it also increases the penalties and creates new powers for the Public Prosecutor (Fiscal del Ministerio Público), justices and police officers to enable them to intercept or wiretap all kinds of telecommunications and pursuant to a judicial order.
In December 2004, a regulatory order provided that ministries that use electronic communications must keep records of all their communications for at least six years. The order does not give details about the meaning of "records." The regulatory order is not clear whether it mandates that public entities keep records only about traffic data or electronic communication content, too.
In November 2005, in the context of the fight against child pornography, a Congressman introduces a bill that would force Internet Cafés to keep records of the personal information of their clients, including ID card numbers, the computer they used for verifying the IP address, the date of use and the length of time the service was hired.
In July 2006 a bill that proposed the reform of the Criminal and the Criminal Procedure Code was introduced into the Lower House. The bill grants more preventive powers to Law Enforcement Forces (Fuerzas del Orden y Seguridad), proposing the creation of a unified and updated database with personal data of individuals detained or with pending detention orders. The database would be maintained by the Chilean Investigations Police (Policía de Investigaciones de Chile) and the militarized national police force (Carabineros de Chile) for the exclusive use of the Chilean Investigations Police. This information would include photos, fingerprints, physical characteristics and other information deemed useful for effective crime prevention.
Chile's transition to democratic rule in 1990 did not eliminate personal privacy violations by government agencies. The Investigations Police – a plainclothes civilian agency that functions in close collaboration with the International Criminal Police Organization (Interpol) and with the intelligence services of the army, navy, and air force – keeps records of all adult citizens and foreign residents and issues identification cards that must be carried at all times. The personal data compiled during military rule was never destroyed. In January 1998, former dictator General Augusto Pinochet threatened to use "compromising information" from secret military intelligence files against those who were trying to keep him from becoming a Senator for Life, a position that would provide immunity from civil suits and public accountability for crimes that took place during his dictatorship. Under current law, the voter registration list is publicly disclosed and used for direct marketing purposes. In 1999, the United Nations Human Rights Committee criticized the requirement that hospitals report all women who receive abortions.
A 1996 privacy law sets penalties for those who infringe on the private and public life of individuals and their families. The privacy law has never been applied to the media.
In 1928 the Supreme Decree 950 was passed. This legal document establishes the obligation of the notaries, judges, and curators to send to the Chamber of Commerce of Santiago (CCS) on a daily basis, the economic, banking, financial background of debtors. The norm also grants to the CCS the exclusiveness in the drafting of the Commercial Information Bulletin (Boletín de Informaciones Comerciales) and creates a special section called “Clarifications” (Aclaraciones) where those affected by the publication due to mistakes, inaccuracies or by any other cause could add the explanations of the data in the former number of the Bulletin.
On May 18, 2005, the National Economic Attorney’s Office filed a complaint against the CCS in the Competition Tribunal. The case was based on the abuse of the dominant position of the CCS in the market of credit information based on the fees that debtors have to pay to the CCS in order to make a clarification.
On October 25, 2006 the Supreme Decree 998 that partially modifies the Supreme Decree 950 was enacted. The law establishes that those debtors could add information to the Clarification Section of the Commercial Information Bulletin when the obligations derived from checks, bills of exchange and promissory notes that had undoubtedly been paid or that had been extinguished by other legal means after its publication in the Bulletin. The publications of those clarifications are free of charge when the amount of the installment or debt, or the amount of the check, bill of exchange or promissory note that motivates the publication is less than $ 100.001 Chilean Pesos (189 USD approx). From January 2010, the clarification of any debt will be free of charge regardless the amount of the debt.
In November 2005, the CCS adopted a good practices code for electronic commerce and trained their associated companies on issues related to personal data protection and customer rights on electronic transactions.
In April 2007, a group of congressmen introduced a bill that prohibits information exchange agreements between public institutions and companies dedicated to the commercialization of commercial background, economic, financial and banking information. The bill seeks to substitute Article 20 of the Law for the Protection of Private Life with the following text: “Article 20. The processing of personal data by a public body can only be performed in relation to matters of its responsibility specifically those included in Article 17 of this law, under the provisions of the rules. In these conditions it will not require the authorization of the data subject.” Proponents of the bill indicate that according to Article 17 of the Law for the Protection of Private Life, the debtors list created by institutions such as the General Treasury of the Republic (TGR) must not be disclosed to third parties. In spite of that law, the TGR has a sharing agreement with companies DICOM, Data Business and Sinacofi. According to the agreement, the companies publish a list of debtors who in the last three years have fiscal debts and have not approached the institution to express their willingness to sign a payment agreement. The TGR states that under Decision 25.336 of the General Comptroller of the Republic (Contraloría General de la República), of July 2002, they are allowed "to subscribe agreements with companies specializing in information in order to publish a list of tax debtors." Nevertheless, in a trial related to this topic, the maximum Justice Court accepted a protection remedy (acción de amparo) filed by a taxpayer who expressed that the TGR acted illegally violating Article 19(4) of the Constitution on protection of individuals’ private life for publishing the tax debtors’ list in the DICOM register.
In March 2005, a bill was introduced that requires banks and other financial institutions to provide a written answer to their clients explaining the reasons for denial of a request of credit. Banks commonly reject verbally credit requests of individuals, based on the contents of the “Historic DICOM,” historic registers of debtors’ personal information. In April 2007, nine Congressmen introduced a bill similar to the one described above, that establishes a specific prohibition of the existence and use of historic registers.
In October 2006, a parliamentary motion contained in the Bulletin Nº 4.629-07 was introduced in the Senate. The motion proposes to modify the Law for the Protection of Private Life so that “all the companies that provide information, about checks, checking accounts and commercial records are forced, in case of rejection, to express it by electronic means.” The author of the bill explained that individuals with rejected checks are hindered from filing formal claims because they do not have any documents that certify the rejection of the questioned document or the reasons of the rejection. The bill was passed after a rapid processing in the Senate, passing to a second constitutional procedure at the Lower House (Cámara de Diputados).
In April 2002, a Law on Electronic Documents, Electronic Signature and Electronic Signature Certification Services (the Law) was enacted. The law establishes that contracts and agreements entered into through the use of electronic signatures shall be equally valid and effective as those executed on paper.
On June 29, 2004, Consumer Protection Law (No. 19.955) was enacted. This law is the first regulation that addresses some of the problems related to unsolicited commercial communications, also known as "spam." Article 28(b) establishes an opt-out system and provides that any electronic commercial email must indicate the name of the sender, the precise description of what is advertised, and a valid address where the consumer can send a message to avoid any future email. The same provisions are applicable to advertisements coming via regular mail, fax or telephone. These communications must indicate an easy mechanism to avoid future similar distribution.
In March 2005, a bill that modifies Law 19.628 was introduced in the Senate. The bill widened the definition of “personal data” to include not only all the information concerning an identified or identifiable individual but also any juridical person identified or identifiable. The bill also establishes what personal data and sensitive data are and provides that its processing will only be accepted if there is a previous and specific authorization from the data subject. It also defined what public access sources are and established that an e-mail address is sensitive data and that the fact of publishing an e-mail on a website does not mean that the website is tacitly authorizing its use for commercial promotion or advertising purposes or for being used in a different way from the one derived from the website’s purpose. The bill establishes that the unsolicited e-mail receiver can request the Internet Service Provider to block the sender’s address. It will proceed after at least five clients notify the service provider of the spam and only a particular, determined address will be blocked. The service provider will have to implement a quick procedure, and elaborate and publish a list of all the sender’s addresses to be blocked (as a result of the client’s request), in order to be consulted by the mail systems and servers of others service providers.
In April 2004, the Court of Appeals of Santiago ruled the case of Joe Doe against Investigations Police of Chile for keeping records of Joe Doe’s orders of apprehension for a period of 15 years. These orders of apprehension were later revoked. Joe Doe has requested the elimination of such registries due to their lack of accuracy. The police organization had rejected the request even though they recognized the inaccuracy of the data. This case showed the illegality of certain police practices on criminal prevention and repression.
In October 2004, within the framework of an investigation on governmental irregularities, Judge Gloria Ana Chevesich order to seizure e-mails sent and received between 1997 and 2003 by more than 400 government officials. The workers allege that the order violated its right to privacy. The Court of Appeals of Santiago considered that the order was neither arbitrary nor illegal. On January 2005, the Supreme Court ratified the sentence.
Chile signed the American Convention on Human Rights on August 20, 1990. Chile entered in October 2002 into a bilateral association agreement with the European Union (EU), by which the two parties agree on cooperating in the increase of the level of data protection on each other's sides.
 Constitución de Chile de 1980 [Const.], article 19 (4) and (5), available at <http://www.bcn.cl/lc/cpolitica/> (in Spanish, last amended in 2005).
Law for the
Protection of Private Life (Ley sobre protección de la vida privada), Law
No.19.628 of August 30, 1999, Official Journal, August 28, 1999, available at
 Law No. 19.812 that modifies the Law for the Protection of Private Life (Ley No. 19.812, que modifica la ley sobre protección de la vida privada), available at <http://www.cpsr-peru.org/bdatos/chile/privacidad/Ley%2019.812MODIFICA%20LEY19628Chile.rtf> (in Spanish).
 The only exception will be if the employee will be administering money of the company or the employer. The new law also provides that the ""right to forget"" (the duration personal data can be stored) is reduced to five years for commercial debts and to zero years if the debt has been paid.
Aguirre and Marily Lüders, Información de Recetas Médicas Da
Pie a un Dudoso Negocio, El Mercurio Newspaper. March 11, 2006, at 1, 4 part B
of Economía y Negocios. See
generally Anguita Ramirez, Pedro, La Protección de los Datos
Personales y el Derecho a la Vida Privada (Editorial Jurídica de Chile),
(January 2007). “After some months, the same newspaper published an
article where it showed that many health private institutions have access to the
medical records of their affiliates due the absence of legal protection
mechanisms”. Leighton Paula y Rodríguez Carmen, Pacientes y
Médicos ven Amenazada la Privacidad de la Información de Salud, El
Mercurio, October 15, 2006, at A-26, available also at <http://www.medicosparachile.cl/mpch2/index.php?option=com_content&task=view&id=314&Itemid=67>.
 Proyecto que Modifica la Ley 19.628, sobre Protección de la Vida Privada, con el fin de Resguardar en Mejor Forma los Datos de Carácter Personal y Sancionar Penalmente su Tratamiento y Cesión Indebida [Bill that modifies Law 19.628 on Protection of the Private Life with the aim to Shelter Better Personal Data and Penalize their Illegal Processing and Cession]. Bulletin 4.429-07. Passed to the Constitution Commission of the Lower House (Cámara de Diputados) on August 22, 2006. As of May 2007 there is no further development.
 Proyecto que Modifica la Ley 19.628, con el Objeto de Ampliar los Mecanismos de Protección de los Datos de Carácter Personal [Bill that modifies Law 19.628 with the aim to Widen the Protection Mechanisms of Personal Data]. Bulletin 4.466-03. Enter into the Comisión de Economía, Promoción y Desarrollo [Economy, Promotion and Development Commission] of the Lower House on September 5, 2006.
"La Autoridad de Control en la Legislación Sobre Protección De
Datos Personales," tesis para optar al grado de Magister en Derecho
Público, Universidad de Chile, Noviembre, 2003; Paula Jervis, Comentario
Jurisprudencial: Intimidad y Tratamiento de Datos Personales en el Portal del
Poder Judicial, Revista Chilena de Derecho Informático de la Universidad
de Chile 1 (2002); Paula Jervis, Derechos del Titular De Datos y Habeas Data en
la Ley 19.628, Revista Chilena de Derecho Informático de la Universidad
de Chile 2 (2003).
 Political, Economical and Cooperation Pact of Association between Chile and the European Union, subscribed in Bruselas in November, 18, 2002, available in <http://www.direcon.cl/frame/acuerdos_internacionales/f_bilaterales.html> (in Spanish).
 Articles 161-A and 161-B of the Penal Code, introduced by Law No. 19.423, November 20, 1995, available at <http://www.cpsr-peru.org/bdatos/chile/privacidad/19423> (in Spanish); 36 B General Law of Telecommunications, available at <http://www.cpsr-peru.org/bdatos/chile/privacidad/36b> (in Spanish).
 Supreme Decree No. 779 that approves the regulation of the registration of databases of personal data in charge of public organisms (Decreto Supremo No. 779, que aprueba el reglamento del registro de bancos de datos personales a cargo de organismos públicos), available at <http://www.cpsr-peru.org/bdatos/chile/privacidad/> (in Spanish).
Supremo 100, que aprueba Norma Técnica para el Desarrollo de Sitios Web
de los Órganos de la Administración del Estado [Supreme Decree 100
that approves the Technical Norm for the Development of Websites for the State
Organizations], available at
 Project of
Law that modifies the Law 19.223, and typifies criminal figures about the
informatics - Bulletin 2.974-19 (Proyecto de ley que modifica la Ley 19.223 y
tipifica figuras penales relativas a la informática - Boletín
2.974-19), available at <http://www.cpsr-peru.org/bdatos/chile/privacidad/delitosinformaticos>.
 Project of Law who modifies the Criminal Code, with the object to receive the traditional criminal types, new criminal manners arisen from the informatics development - Bulletin 3083-07 (Proyecto de ley que modifica el Código penal con el objeto de recepcionar, en los tipos penales tradicionales, nuevas formas delictivas surgidas a partir del desarrollo de la informática – Boletín 3083-07). See generally <http://sil.congreso.cl/pags/index.html> (in Spanish).
 Anteproyecto de Código Penal Chileno de 2005 [First Draft of Chilean Criminal Code of 2005], available at <http://www.politicacriminal.cl/n_01/pdf_01/d_1.pdf> (in Spanish).
 Ley No. 19.423, "Agrega disposiciones que indica en el Código Penal, en lo relativo a delitos contra el respecto y protección a la vida privada y pública de la persona y su familia," November 20, 2005, available at <http://www.cpsr-peru.org/bdatos/chile/privacidad/delitosinformaticos> (in Spanish).
 Law 19.927, January 12, 2004, modifies the Penal Code, the Code of Penal Procedure (Código Procesal Penal) and the Code of Criminal Procedure (Código de Procedimientos Penales).
regulatory order is an administrative order given by the Minister General
Secretary of the President.
 Regulatory Order 77, January 13, 2005, approves the technical norm about the efficiency of the communications between State Administration organs and between those and the citizen. Available at <http://www.modernizacion.cl/1350/articles-70677_decreto_77.pdf> (in Spanish) (Decreto Supremo 77, de 13 de Enero de 2005, que aprueba norma técnica sobre eficiencia de las comunicaciones electrónicas entre órganos de la Administración del Estado y entre éstos y los ciudadanos).
 Proyecto que Establece Obligación de Mantener Registro de sus Clientes a Establecimientos Comerciales que Ofrecen Servicios de Internet [Bill that Establishes the Obligation of Businesses that Offer Internet Services to Keep a Clients Register], Bulletin 4043-07. This bill started its procedure at the Lower House on November 9, 2005.
 Chile: A
Country Report, 1994: United States Library of
 "Chile''s Ex-Dictator Tries to Dictate His Future Role," The New York Times, February 1, 1998.
 Human Rights Committee Consideration of Chile'’s Fourth Periodic report, March 25, 1999.
 United States Department of State, Country Reports on Human Rights Practices 2002, March 31, 2003, available at <http://www.state.gov/g/drl/rls/hrrpt/2002/18324.htm>.
Decree 950, Ministry of Finance, March 28, 1928, available at
 The 1928 Decree has been kept in force in spite of the Law 19.628 of the Protection of the Private Life because the transitory Article 3 of the Law 19.628 recognized all legal effect to those articles that do not oppose to the content of the law.
 National Economic v. Attorney CCS, at <http://www.fne.cl> (in Spanish).
Decree 998 that modifies the 1928 Supreme Decree 950 de 1928, October 25, 2006,
in force since November 26, 2006, available at
 See XE Universal Currency Converter website, <http://www.xe.com/>.
 Código de Buenas Prácticas para el Comercio Electrónico de la Cámara de Comercio de Santiago [Code of Best Practices for e-Commerce of the Chamber of Commerce of Santiago], available at <http://www.ccs.cl/ccs/Portals/17/codigo_buenas_practicas/inicio-cbp.htm> (in Spanish).
See Bulletin 4.959-03. Proyecto que
Modifica la Ley 19.628, sobre Protección de la Vida Privada, con el
Objeto de Precisar su Ámbito de
 Contadores Acusan Fiscalización Abusiva del Servicio de Impuestos Internos, La Tercera, August 12, 2003, available at <http://www.lexisnexis.cl/PortalLN/Noticias/MostrarNoticia.asp?Codigo=7640> (in Spanish).
 Juri Jubrail, Alfredo vs. General Treasury of the Republic, Nº 500-2007. March 20, 2007. The Supreme Court revokes the decision of the Appeals Court of Temuco that rejected the remedy of deduced protection against the General Treasury of the Republic. The decision joins those other two issued by the maximum Justice Court of Chile against the same public institution and for the same trial.
que Modifica la Ley 19.496 y el D.F.L. 3 de 1997 de Hacienda, con el fin de
Establecer la Obligación para Bancos e Instituciones Financieras de
Fundar por Escrito la Negativa a una Solicitud de
Crédito [Bill that modifies Law
19.496 and the D.F.L. 3 of 1997 of the Ministry of Finance with the aim to
Establish the Banks’ and Financial Institutions’ Obligation to Hand
a Written Document Basing their Denial to a Credit Request], Bulletin 3.814-03.
Introduced to consideration on March 23,
 Proyecto que Modifica Disposiciones de la Ley 19.628 sobre Protección de la Vida Privada, y el D.F.L. 3 de 1997, Ley General de Bancos, con el Objeto de Prohibir la Existencia de Registros Históricos de Deudores (DICOM) [Bill that modifies the Dispositions of the Law 19.628 on the Protection of Private Life and the D.F.L. 3 of 1997, General Banks’ Law, with the aim to Ban the Existence of Historic Debtors Registers (DICOM)], Bulletin 4.972-03. Processed since April 11, 2007.
que Modifica la Ley 19.628 sobre Protección de la Vida Privada con el Fin
de Resguardar en Mejor Forma los Datos de Carácter Personal y Sancionar
Penalmente su Tratamiento y Cesión Indebida [Bill that modifies Law
19.628 on the Protection of Private Life with the aim to Shelter Better Personal
Data and Penalize their Illegal Processing and Cession], Bulletin 4.629-07,
Introduced to legislative process at the Senate of the Republic, on August 22,
 The referred article Seeks to modify Article 5 (bis) of the Law 19.618 establishing “that the written denial must indicate who the client of this information service is. Date and hour of the information request, detail of the reasons by which the check was not accepted as a payment instrument. This declaration must be handed in printed form to the check issuer, by the service client or requester of the information at the moment the check is rejected”.
 BNA World Data Protection Report, Vol. 2, Issue 7, July 2002, at 5.
 Ley 19.955, July 14, 2004, modifies the Law 19.496 about the protection of consumer's rights (Ley 19.955, 14 de Julio de 2004, que modifica la Ley 19.496 sobre protección de los derechos del consumidor), available at <http://www.sernac.cl/docs/texto_ley_del_consumidor.pdf> (in Spanish).
 Proyecto de
Ley que Modifica la Ley 19.628, sobre Protección de la Vida Privada, con
el Fin de Evitar el Uso Abusivo de Datos Personales o de Empresas y de
Resguardar a los Usuarios de Correos Electrónicos de la Propaganda
Comercial No Solicitada [Bill that modifies Law 19.628 on the Protection of
Private Life withe the aim to Prevent the Abusive Use of Personal or Companies
Data and Shelter Electronic Mail Users from Unsolicited Commercial Mails],
Bulletin 3796-07, March 03, 2005, available at
(First Constitutional Procedure / Senate). See
also Novoa, Jovino, Evitemos El Uso Abusivo De Los Datos Personales (y
regulemos el SPAM),
 Id. at article 1, numeral 1.
 Id. at article 1, numeral 2.
 Id. at article 1, numeral 3-7.
 Cerda Alberto y Herrera, Andrés, Proyecto de ley contra el uso abusivo de datos personales y resguardo de los usuarios ante el correo electrónico no deseado, Revista Chilena de Derecho Informático de la Universidad de Chile 6 (2005).
 Id. at article 1 numeral 7.
Appeals of Santiago, April 30, 2004, Case Nº 494-2004, available at:
 Constanza Dintrans, Tratamiento de Datos Personales por la Policía de Investigaciones: Comentario a Sentencia de la Corte de Apelaciones de Santiago, Rol 494−2004, Revista Chilena de Derecho Informático de la Universidad de Chile 6 (2005).
 Court of Appeals of Santiago, December 6, 2004. Case Nº 7001-2004, available at <http://www.cedi.uchile.cl/docs/Casoemail_sentenciaCA.pdf> (in Spanish).
 Article 30 of the European Union-Chile Association Agreement, October 3, 2002, available at <http://europa.eu.int/comm/trade/issues/bilateral/countries/chile/euchlagr_en.htm>; see also Ministerio de Relaciones Exteriores – Dirección General de Relaciones Económicas Internacioles (Ministry of Foreign Affairs, General Directorate of International Economic Relations), Acuerdo de Asociación entre Chile y Unión Europea (Association Agreement between Chile and the European Union), available at <http://www.direcon.cl/frame/acuerdos_internacionales/f_bilaterales.html> (in Spanish).