Files
wdmUI/docs/06-legal/retention-argentina.md
2026-05-09 18:45:50 +00:00

5.1 KiB

Retention · Argentina

Regulatory baselines for video retention in Argentina. Used to set defaults in the first-boot wizard and to inform sales conversations.

Disclaimer: This is a working summary, not legal advice. Customers must consult counsel for binding interpretation in their context. Document drafted for internal Blocao Labs use.

AAIP general guidance

The Agencia de Acceso a la Información Pública (AAIP) is the federal data protection authority in Argentina, applying Ley 25.326 (Ley de Protección de los Datos Personales).

Key references:

  • Ley 25.326 (Protección de Datos Personales).
  • Resolución AAIP 4/2019 — guidance on video surveillance.

General principle: video that captures identifiable people is personal data. Retention must be:

  • Limited in time to what's strictly necessary for the stated purpose.
  • Proportional to the risk being addressed.
  • Documented in a privacy policy / register of processing activities.

De-facto baseline: 30 days is widely accepted as a starting point for general security purposes. Longer retention requires documented justification (insurance requirement, regulatory mandate, ongoing investigation).

CABA Ley 5.688 (Sistema Integral de Seguridad Pública)

For the City of Buenos Aires specifically:

  • Public-space surveillance cameras: up to 60 days retention permitted.
  • Longer retention requires judicial authorization.
  • Operated by the city or by the city under contract.

For private establishments in CABA the AAIP general rule applies (~30 days default). The 60-day rule is for public-space cameras specifically.

BCRA standards (banking)

The Banco Central de la República Argentina issues standards for the banking sector. For bank branches and ATMs:

  • Minimum 90 days retention for camera footage.
  • Specific positions (entrance, ATM, teller area) may have additional requirements.
  • Audit trails for who accessed footage, with retention of those logs.

Banks are usually the customers with the longest retention requirements in Argentina.

Other sectors

  • Casinos / gambling: provincial regulation, often 30-90 days.
  • Logistics / customs: AFIP / customs authority may require specific retention for goods movement (typically 30-180 days).
  • Healthcare: depends on jurisdiction; usually similar to general AAIP (30 days) plus medical record co-retention rules.
  • Education: AAIP general; some provincial education ministries have specific guidance.

How Blocao maps these to wizard defaults

In the first-boot wizard, when country = Argentina, the retention step offers:

Preset Duration Use case label
Conservadora 14 days Minimal retention; AAIP-compliant for low-sensitivity sites
Estándar (default) 30 days General purpose; AAIP-aligned
CABA pública 60 days City of Buenos Aires public surveillance
BCRA bancaria 90 days Banking sector minimum
Personalizada configurable Set numeric value with justification

Selecting a preset writes:

  • frigate.config.yml: per-camera retention.
  • site-config repo: retention policy with regulatory basis annotation.
  • HEALTH selftest: tests verify retention is not exceeded (oldest clip date matches policy ±1 day).

Privacy notice / signage

Argentine law requires conspicuous signage informing people they are being recorded. Blocao does not generate signage — that's a customer responsibility — but the documentation reminds customers and points to AAIP's signage templates.

Documenting purpose

Every Blocao deployment should have a documented purpose:

  • "General security and theft prevention."
  • "Compliance with [specific BCRA standard]."
  • "Insurance documentation."

The wizard prompts for this purpose during retention setup. The text is stored in the site-config repo as purpose.md. This serves as the start of a "registro de actividades de tratamiento" required by AAIP.

Subject access requests (DSAR)

A person captured on Blocao footage can request:

  • Confirmation that they are recorded.
  • A copy of their footage.
  • Deletion (subject to legitimate-purpose exceptions).

Blocao's FORENSICS panel makes this tractable: search by face/identity (post-MVP for face recognition), by time + location, export.

The customer is responsible for handling DSARs. Blocao provides the tools.

When this changes

AAIP and provincial regulators are actively updating guidance. Significant areas to track:

  • Facial recognition specific rules — already discussed in CABA, federal-level under consideration.
  • Cross-border data flow — if AAIP follows the EU's Schrems II direction, this strengthens Blocao's sovereignty positioning further.
  • Retention period harmonization — possible federal standardization in coming years.

When new guidance lands, this document gets a new revision (commit history) and the wizard presets get updated via fleet-config.

See also