MEXICO Law and Practice Contributed by: Alejandro Mendiola Diaz and Gunter Schwandt, Nader Hayaux & Goebel
cybercrimes. The Federal Criminal Code defines various offences, including unauthorised access to information systems, data breaches, and the illegal disclosure of sensitive information. Cyber - crime investigations often involve co-ordination between various state and federal authorities. In Mexico City, the Cybercrime Investigation Unit within the local prosecutor’s office specialises in investigating digital offences. These include crimes against sexual privacy, such as the unau - thorised sharing of intimate content on social media – something that is a growing concern in the digital age. Financial Sector Cybersecurity Regulation The National Banking and Securities Commis - sion ( Comisión Nacional Bancaria y de Valores , or CNBV) is responsible for overseeing incidents within the financial sector. The CNBV ensures that financial institutions mitigate risks that could compromise the confidentiality, integrity or availability of banking systems. It monitors and supervises the response to security breaches, data loss, and other violations of financial secu - rity regulations. Banxico, as the central bank, also plays a criti - cal role in securing the financial sector against cyberthreats. In response to the growing number of cyber-attacks targeting financial systems glob - ally, Banxico works closely with financial institu - tions, sector regulators, and law enforcement. In 2018, Banxico spearheaded the formation of a Cybersecurity Incident Response Group, which collaborates with the Attorney General’s Office and other stakeholders to enhance coordinated responses to major security incidents. Data Protection The INAI has historically been the primary author - ity in charge of ensuring data protection and the
public’s right to access information. Given that the protection of personal data is closely tied to cybersecurity, the INAI has played a crucial role in safeguarding digital information. Recent government actions saw the INAI abolished and its functions transferred to the Ministry for Anti- Corruption and Good Governance ( Secretaría Anticorrupción y Buen Gobierno ). This shift has raised concerns about the future of data protec - tion policies and how Mexico will address priva - cy in the face of evolving cybersecurity threats. The long-term implications of this transition on cybersecurity governance and enforcement remain to be seen. Cybersecurity in Critical Infrastructure The National Guard ( Guardia Nacional ) has a specialised cybersecurity unit dedicated to sup - porting agencies managing critical infrastruc - ture. This unit’s responsibilities include: • identifying and assessing cybersecurity threats; • managing cybersecurity incidents; • acting as a national point of contact for cybersecurity threats; and • conducting digital forensics to assist law enforcement agencies in investigating cyber - crimes. In addition, the National Guard provides cyber - security assistance to state authorities, reinforc - ing the protection of both federal and regional infrastructure. This co-ordination aims to create a unified response to protect national security and critical systems from cyber-attacks. Other Governmental Involvement Although the agencies outlined earlier in this section are among the most prominent players in Mexico’s cybersecurity regulatory environment, other governmental bodies indirectly contribute
188 CHAMBERS.COM
Powered by FlippingBook