Article 64 of the Federal Law empowers the IFAI to issue fines
from 100 to 320,000 the times the Mexico City minimum wage
(approximately US$480 to US$1,534,275 for violation of the Federal
Law. In addition to monetary penalties, three months to three years
imprisonment may be imposed on data controllers for any security
breach of databases under their control. Such sanctions above can
be doubled twice again for violations concerning sensitive
IFAI President Gerardo Laveaga stated that a number of new
investigations have been opened, following a 20% increase in the
number of data-protection complaints from individuals from 2012 to
2013. The IFAI issued fines totalling 50 million pesos ($3.7
million) in 2013, a figure that is set to markedly increase for
2014. This included the $1 million fine levied against the bank
Banamex and the $500,000 fine imposed on cellular company Telcel.
The IFAI reported that it intends to challenge all appealed 2013
fines, which will likely swell the coffers of the IFAI in 2014 even
further. Organisations should take heed; evidently the IFAI is
increasingly willing to show its teeth to enforce compliance with
the Federal Law.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The education sector is rapidly embracing technology. Laptops, tablets and internet connected devices are increasingly the first choice learning tool for students and staff across schools and universities.
Welcome to the August Global Data & Privacy Update. This update is dedicated to covering the latest legislative developments affecting the way data is managed and protected, as well as reporting on the most recent news...
The UK decision to leave the EU will not affect existing data protection and privacy laws in the UK. These laws (the UK Data Protection Act 1998 (DPA) and the Privacy and Electronic Communications Regulations 2003 (PECR)) protect people's personal data as well as ensuring that organisations have clear rules and a legal basis when collecting and using such data.
In April, we reported that the EC had opened a public consultation seeking the views of various stakeholders on the current wording of, and possible changes to, the Privacy and Electronic Communications Directive.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).