On December 15, the National Council for Government Innovation published the National Cybersecurity Strategy for the period 2021-2024, which aims to protect Information and Communication Technologies (ICT). To achieve this goal, the document proposes a roadmap with four pillars, where the protection of citizens’ personal data in cyberspace constitutes one of the fundamental ones, in line with the provisions of the Personal Data Protection Law of 2019. The regulation is already in force.
The document indicates that the right to privacy, both of legal and natural persons, is a priority for national security. In this sense, it provides that a national data inventory process must be carried out, to ensure a secure administration of this information. At the same time, it calls for promoting the adoption of best practices for data privacy and the protection of intellectual property.
On the other hand, the second pillar of the Strategy consists of the deterrence and punishment of criminal activity in cyberspace, given that comprehensive legislation in this area has not yet been passed. In this regard, the regulations establish as an obligation the notification of serious data protection violations in the private sector. If security breaches are detected in this area, they must be reported to Panama’s Cyber Security Incident Response Team (CSIRT in Spanish).