No. Doxxing in Colombia violates multiple laws, including the Ley 1266 de 2008 (Habeas Data) and the Código Penal (Articles 197–200), which criminalize unauthorized disclosure of personal data. The Superintendencia de Industria y Comercio (SIC) enforces data protection, while the Fiscalía General prosecutes violations. Recent 2026 amendments to Ley 1581 de 2012 (General Data Protection Regulation) strengthen penalties for non-consensual data exposure.
Key Regulations for Doxxing in Colombia
- Ley 1266 de 2008 (Habeas Data): Prohibits the dissemination of personal, financial, or biometric data without explicit consent, punishable by 4–8 years imprisonment (Article 26).
- Código Penal (Articles 197–200): Criminalizes defamation (injuria) and privacy breaches, with fines up to 1,000 salarios mínimos and 5-year sentences for aggravated cases.
- Ley 1581 de 2012 (GDPR-adjacent): Mandates consent for data processing; unauthorized sharing triggers administrative sanctions by the SIC, including temporary bans on digital platforms.
Digital platforms hosting doxxing content face liability under Ley 1952 de 2019 (Cybercrimes Act), requiring proactive moderation. Victims may seek injunctions via acciones de tutela under the Constitution (Article 15), demanding data suppression. International data transfers (e.g., to U.S. servers) must comply with Decreto 1074 de 2015 (adequacy standards).