In recent years, cybersecurity has become a central issue for Latin American states. Amid growing digitalization and cyber threats, governments have developed national strategies and public policies that set out their objectives in this area and, in many cases, designate the entities responsible for their implementation. In this context, as we pointed out in a recent publication, it is essential to approach cybersecurity policies from a human rights-based perspective that places people at the center of prevention and response to cyberattacks, addressing their specific risks and needs, and prioritizing the exercise of fundamental rights. In recent weeks, Argentina has drawn the attention of the cybersecurity community due to a series of government decisions that have set off several alarm bells.

What happened?

In September 2023, Argentina approved its Second National Cybersecurity Strategy, a document that, at first glance, represented a significant advance in the region by incorporating human rights principles and a gender perspective. However, that approach has come into question following a series of decisions made by the current government. In July 2024, the restructuring of the National Intelligence System marked the first turning point. This process entailed dissolving the Federal Intelligence Agency and transferring its functions to the former State Intelligence Secretariat (SIDE), now placed under the direct and exclusive control of the Executive Branch. Then, in April 2025, with Decree 274/2025, the situation escalated: SIDE took control of the Federal Cybersecurity Agency, and with it, the implementation of the National Strategy and the operation of CERT.ar. This model of cybersecurity governance is unprecedented both within Latin America and beyond.

In May 2025, alongside these reforms, the SIDE approved the National Intelligence Plan (PIN, for its Spanish acronym). Classified by the government as “secret,” this document sets out the guidelines for the Intelligence System to “promote the government’s strategic interests.” Only the president, the SIDE, and the Permanent Bicameral Commission for the Oversight of Intelligence Agencies have access to the PIN. This restricted access raises concerns not only about its opacity but also about the potential setbacks it could pose to citizens’ fundamental rights and freedoms. Furthermore, according to media outlets such as La Nación, which unofficially accessed the document, the PIN grants the SIDE the power to gather information on anyone who, in the entity’s opinion, “erodes” or “manipulates” public confidence in the current government’s security and economic policies. This practice is prohibited by the National Intelligence Law itself.

The approval of the PIN has raised alarms among Argentina’s journalistic community and civil society, as the expansion of SIDE’s operational powers effectively legitimizes the persecution and surveillance of those who express critical opinions — a fundamental pillar of democratic debate. In fact, the La Nación journalist who revealed the existence of the new state intelligence document reported receiving threats and attacks on their social media accounts. The seriousness of this case reveals a systemic pattern in the country — and across the region — that threatens freedom of expression and the right to access to public information, issues we have documented in other reports.

The dangers of the shift in cybersecurity governance

Placing cybersecurity under the control of intelligence agencies represents a step backward, as it displaces the people-centered approach, limits social participation, and increases the risks of surveillance. This change aligns with a conservative understanding of cybersecurity, anchored in a technical vision focused exclusively on protecting the state’s critical infrastructure, since intelligence agencies are primarily tasked with safeguarding state interests related to national security. It is important to note that this approach has been gradually replaced by more comprehensive, human rights–centered frameworks that place people at the core of prevention and response policies.

Furthermore, placing the development and implementation of cybersecurity policies under the hidden structure of state intelligence is far from a mere technical detail; it reactivates a dangerous logic long familiar in the region: using national security discourse as a justification to restrict fundamental freedoms. Throughout the last century, this narrative was deployed by dictatorial regimes to surveil, censor, and repress dissent under the so-called ‘”national security doctrine”.

One of the pillars of the Memory, Truth, and Justice processes in overcoming dictatorships in the region has been the demand for democratic limits on the actions of intelligence agencies. The persistence of opaque and unaccountable mechanisms — as is the case in Argentina — is not only a problem of transparency but also evidence that these agencies’ practices and purposes remain incompatible with democratic principles, running counter to recent landmark rulings in the region.

In Argentina’s current context, the redesign of the intelligence system and the transfer of cybersecurity control to SIDE are not minor or isolated events; they are part of the current government’s political project. This project openly promotes regressive narratives and measures regarding gender, diversity, social protest, and access to public information, all of which have been denounced by international bodies, including the OAS Special Rapporteur for Freedom of Expression and Reporters Without Borders. This anti-rights agenda seriously impacts historically vulnerable groups, including women and LGBTQIA+ people, who are also frequent and disproportionate targets of surveillance practices and digital attacks, particularly those who exercise political, social, or journalistic leadership. The very people who should be at the core of cybersecurity policies are precisely the ones facing the greatest risk under this authoritarian turn.

This shift in governance is also tied to geopolitical decisions to align explicitly with the interests of the United States and Israel, countries explicitly mentioned as strategic partners in Argentina’s new PIN. This alignment not only reinforces a national security logic that puts fundamental rights at risk but also replicates a model characterized by the concentration of power and the lack of effective democratic oversight. In the case of Argentina, where there are no effective institutional mechanisms to monitor intelligence agencies, the question that arises is: Who watches the watchers?

Implications of the Argentine case for our region

The Argentine case echoes historical events, highlighting how legal frameworks can be used to enable authoritarian practices. Moreover, drawing on a recent report by Derechos Digitales, along with other recent actions taken by the Argentine government, such as Resolution 428/2024, the case consolidates a path the state has been following since 2020: the deployment of surveillance practices under unclear regulations. Recent events have formalized these activities and enabled others, such as mass surveillance of social media, within a framework that turns cybersecurity into a political instrument to monitor and silence dissent.

As we can see, the problem is not new; what is new is that persecution and surveillance are now being legitimized through legal means. We are facing a political struggle that demands concrete action from states. The region is witnessing a growing tolerance for authoritarian forms of government. Argentina, historically considered a benchmark in human rights, has drifted away from that role. This backsliding calls for concrete commitments from other countries in the region to build and defend common standards and to prevent the replication of such a cybersecurity model.

The concern grows even more when considering that Argentina is among the Latin American countries with the strongest institutional frameworks in this area. It has more technical resources, operational capabilities, and political power than many others. In a region marked by profound asymmetries between countries — where many lack solid frameworks, trained personnel, and adequate funding for cybersecurity — there is a real risk that authoritarian models, such as Argentina’s, will negatively influence the design of cybersecurity policies in other countries.

Reaffirming a human rights–based approach to cybersecurity is not merely a technical aspiration, but a democratic imperative. Privacy, freedom of expression, and digital inclusion must be at the core of any public policy in this area. Strengthening democratic governance with multistakeholder participation, a gender perspective, and attention to structural inequalities, such as gender-based disparities, is a task that cannot be postponed. Only then can we build digital resilience without giving up the freedoms that sustain our democracies.