Stanford CIS

WILMap: Mexico

Legislation | Bills and Pending Proposals | Decisions | Contributors | Feedback | Return to WILMAP Home PageSUMMARY (provided by Jose Camarena): (1) In Mexico there is no ad hoc legislation, such as the US Digital Millennium Copyright Act (DMCA). The Copyright Law contemplates provisions which accommodate concepts such as fixation, reproduction or communication to the public in the digital environment. The Copyright Law does not make internet service providers (ISPs) liable or provide any safe harbours excluding liability in specific situations like caching, search engine, mere conduit or routing. The exceptions and limitations imposed by the Copyright Law are restrictive in scope and it would be difficult to invoke them in connection with digital rights. The Copyright Law of Mexico does not provide exceptions or limitations to copyright or neighboring rights in connection with the activities of ISPs or other intermediaries. Intermediaries in charge of connecting Internet sites operated by infringers of copyright or neighboring rights, are not clearly liable of infringement, namely indirect infringement, by providing means to the site operators –connecting their sites to an indeterminate number of users, but also providing software that users can employ for file sharing or other purposes- who then perpetrate infringement of rights in a direct fashion. No exception or limitation system can exist in the absence of rights or actions to enforce the same. (2) Direct infringement has been explored, with success, in connection with works disseminated over the Internet, based on the economic right of access that derives from WIPO Treaties. The access right has been tested in a number of cases related to the film and music industries. The most significant case in Mexico has been MPAA v. SigloX.com. As a result of that case, the site was dismantled, the server seized and one employee convicted.(3) Secondary liability of intermediaries has been debated at a government level, with the participation of groups or association like the Business Software Alliance (BSA), the Motion Picture Association of America (MPAA), a number of collecting societies, as well as the largest ISPs in the country, that include Telmex and Telefonica. However, they have not convinced that ISPs can be liable for secondary copyright infringement, because the Copyright Law or international treaties do not deal with the issue. Among the proposals made, a bill was introduced in 2010 adopting a three-strike system and using the French HADOPI 2 as a model.(4) Civil liability tools have been tried. Collective societies have threatened with litigation against ISPs, but not under the provisions contained in the Mexican Copyright Law (because there are none concerning these matters), some of them are instead trying to rely on civil law principles such as subjective liability. However, being civil in nature, it has been questionable whether it can apply to infringement matters deriving from the Copyright Law. Likewise, the civil theory is narrow in scope, and would not easily accommodate to non-common situations dealing with special rights. Moreover, issues like assistance or inducement are additional factors that can complicate the application of civil liability doctrines. For ISPs in Mexico, the balance inclines to their side, taking into account that the Copyright Law does not recognize their liability. Copyright holders cannot invoke any sort of legal actions against intermediaries unless they perform direct infringement. However, as in other jurisdictions, the question remains if it can be justified that intermediaries are held liable of indirect copyright infringement for connecting users, regardless if these latter engage in wrong doing. (5)  The non contractual theory of strict liability could be a way of proceeding against ISPs but effective results seem unlikely. The concept of 'strict liability' is defined in Article 1913 of the Civil Code in the following manner: "When a person operates machines, any instrument or substance that is inherently dangerous [ . . . ] such person is obliged to repair the damage caused by such instruments, even if the person does not act in an unlawful manner, unless that person proves that the damage was a consequence of the inexcusable fault or gross negligence of the injured party." Judicial precedent demonstrates that strict liability is based on a non-contractual theory of liability. Judicial decisions have stated that when a party to an agreement involving 'inherently dangerous' instruments is injured, the basis for imposing strict liability is not found in the agreement itself, but rather in the law. Strict liability will be imposed when dangerous instruments cause damage, regardless of whether a contractual relationship existed between the parties. There are situations in which both contractual liability and strict liability may exist: one cause of action can derive from the breach of the contract, and the other from the use of dangerous instruments. In such a case both causes of action can arise and may be exercised. In comparison, strict liability is closely related to subjective non-contractual liability. In both the damages or injuries are a result of a person's wilful acts. However, under strict liability the person's acts are not actually the source of the liability. Rather, strict liability results from the risk inherent in the use of certain objects. Legal theory classifies this type of liability as 'created risk' liability due to the fact that the person using such objects knows (or should know) the dangers involved in their use. Article 1913 governs only situations in which damages result not from an unlawful act but from a created risk. When the cause of the damages is an unlawful act only, then Article 1910 applies: "A person, while acting in an unlawful manner or against recognized usage, who causes a harm to a third party is obliged to repair the damage, unless it is established that the damage was derived as a result of the inexcusable fault or the gross negligence of the injured party."

LEGISLATION

Ley de Telecomunicaciones y Radiodifusión [Broadcasting and Telecommunications Act], July 17, 2014 [(1) The Telecommunications Act recently passed in Mexico (on July 17, 2014). Under Article 15, Section LXI, the Telecommunications Federal Institute of Telecommunications (FIT) has the power to order the ‘precautionary suspension of transmission of content’. (2) Further, the new law provides the government with the right to geolocalize any cell phone without a warrant. It also forces Internet Service Providers to save customer data for at least 24 months, and to keep such information available for the security agencies of the Mexican Government. All without judicial authorization. (Articles 189-190) (3) Also, telecoms may be requested to block access to communications by the FIT, if those communications are deemed a threat to “public order and national security" (Article 190, Section VII). (4) The government argues that it requires exceptional measures to combat crime effectively, especially the phenomenon of kidnapping. But The Telecommunications Act does not establish any caution. Many civil organizations are promoting a campaign before the FIT  to demand said agency to issue a negative opinion on the above mentioned controversial points, so that the law can be properly amended.] [see also EFF page; and Article19 page] Federal Law on Copyright, December 5, 1996, as amended on June 10, 2013[(1) In Mexico there is no ad hoc legislation, such as the US Digital Millennium Copyright Act (DMCA). The Copyright Law contemplates provisions which accommodate concepts such as fixation, reproduction or communication to the public in the digital environment. (2) The Copyright Law does not make internet service providers (ISPs) liable or provide any safe harbours excluding liability in specific situations like caching, search engine, mere conduit or routing. The exceptions and limitations imposed by the Copyright Law are restrictive in scope and it would be difficult to invoke in connection with digital rights. (3) The Copyright Law of Mexico does not provide exceptions or limitations to copyright or neighboring rights in connection with the activities of ISPs or other intermediaries.] Civil Code, August 31, 1928, as amended on December 24, 2013[The concept of 'strict liability' is defined in Article 1913 of the Civil Code in the following manner: "When a person operates machines, any instrument or substance that is inherently dangerous [ . . . ] such person is obliged to repair the damage caused by such instruments, even if the person does not act in an unlawful manner, unless that person proves that the damage was a consequence of the inexcusable fault or gross negligence of the injured party." Article 1913 governs only situations in which damages result not from an unlawful act but from a created risk. When the cause of the damages is an unlawful act only, then Article 1910 applies: "A person, while acting in an unlawful manner or against recognized usage, who causes a harm to a third party is obliged to repair the damage, unless it is established that the damage was derived as a result of the inexcusable fault or the gross negligence of the injured party."]Ley Federal de Protección de Datos Personales en Posesión de los Particulares [Federal Law on Protection of Personal Data Held by Private Parties], April 27, 2010 [The Law provides a set of rights called “ARCO rights”, that refer to the rights of Access, Rectification, Cancellation and Objection, that data owners can exercise against the processing of their personal data by private parties. In particular,   (1) Article 25 provides that "the data owner will at all times have the right to cancel his personal data. Cancellation of personal data will lead to a blocking period following which the data will be erased. The data controller may retain data exclusively for purposes pertaining to responsibilities arising from processing. The blocking period will be equal to the limitation period for actions arising from the legal relationship governing processing pursuant to applicable law. [ . . .]." (2) Article 26, however, clarifies that "[t]he data controller will not be obligated to cancel personal data when: I. It relates to the parties of a private or administrative contract or partnership agreement and is necessary for its performance and enforcement; II. The law requires that it be processed; III. Such action hinders judicial or administrative proceedings relating to tax obligations, investigation and prosecution of crimes, or updating of administrative sanctions; IV. It is necessary to protect the legally protected interests of the data owner; V. It is necessary to carry out an action in the public interest; VI. It is necessary to fulfill an obligation legally undertaken by the data owner, and VII. It is subject to processing for medical diagnosis or prevention or health services management, provided such processing is done by a health professional subject to a duty of secrecy. (3) Article 27 states that "data owners will, at all times and for any legitimate reason, have the right to object to the processing of their data. Where appropriate, the data controller may not process such data owner's data."]

BILLS AND PENDING PROPOSALS

Trans Pacific Partnership Intellectual Property Rights Chapter [confidential text leaked on August 30, 2013][Mexico is partecipating in the negotiation of this international agreement including a section on Internet service provider liability, with countries lining up either in favour of a general notification obligation or a notice-and-takedown system with the prospect of terminating subscriber Internet access and content blocking. Mexico favors the former approach.] [See M. Geist Blog post]Copyright Amendment Bill, implementing a Three Strike System, introduced on April 27, 2010[(1) On April 27, 2010, the Mexican Congress filed and published a bill to amend the Copyright Law based on the HADOPI model. The bill aimed to protect copyrighted works through internet services providers (ISPs) covering access, hosting, and other service operations.  The purpose of the bill is to implement a three-strikes system that resembles HADOPI 2.(2) Rights holders can ask the Mexican Institute of Industrial Property (IMPI) to request ISPs to render two warnings to users that allegedly infringe copyrights on the Internet. A third strike could be made by requesting injunctive relief (or “preliminary measures”, but it is unclear what court action would follow). ISPs who do not render the warnings are subject to administrative sanctions. This bill requires that ISPs take the high burden of using different measures to detect repeat infringement users. In return, ISPs are entitled to limited liability provided that they fulfill obligations such as: adopting contract termination policies: not interfering with measures holders implement to protect works: not starting content transmissions themselves: and not knowingly providing their services to infringer users. The bill only refers to access services and does not mention host, search engine, caching, nor indicate the limitations.(3) As in France, the Mexican bill has attracted the attention of internet groups, including the Mexican international corporation Carlos Slim’s Telmax. These groups have a draft of a new bill that would change the current bill in power planned for review and discussion by the Chamber of Deputies in September this year.]

DECISIONS

Séptimo Tribunal Colegiado de Circuito del Centro Auxiliar de la Primera Región, Amparo en Revisión 72/2012, August, 2016.[privacy and data protection, hosting provider, right to be forgotten] [After the Mexican National Institute for the Access to Information (INAI) recognized a "right to be forgotten" in the administrative procedure PPD.0094/2015 (see below), ordering Google Mexico to delist specific URLs, one of the publishers that had their content delisted brought the case to the Mexican courts. In second instance, the court affirmed that the INAI decision affected the ability of the publisher to disseminate information and that the publisher should have been heard in the administrative procedure. The court struck down the decision of INAI and determined that the publisher should be included in the procedure. For more information, see R3D website (in Spanish).]

Administrative proceduresNational Institute for the Access to Information (INAI), Carlos Sánchez de la Peña v. Google México, S. de R.L., PPD.0094/14, January 2015[privacy, hosting provider, right to be forgotten] [(1) The Mexican National Institute for the Access to Information (INAI) ruled in favor of a transportation magnate, Carlos Sánchez de la Peña, who wanted three links removed from Google search results. The links contained negative comments about the business dealings of Mr. Sánchez’s family—including a government bailout of bad loans. The INAI heard the case after Google Mexico rejected a petition from Mr. Sánchez de la Peña to have the links removed. (2) In his request to INAI, Mr. Sánchez claimed that the three Google links distorted and decontextualized information about his activities as an entrepreneur. Mr. Sánchez de la Peña’s family has owned “Estrella Blanca” bus lines for generations. One of the links directed to an article about a lawsuit against Mr. Sánchez’s father, Salvador Sánchez Alcántara, by shareholders in the bus company. Mr. Sánchez de la Peña is named in the story and the snippet accompanying the link. The article also discusses how the company received millions of dollars in loans from Mexican banks that collapsed during the country’s financial crisis in the mid-1990s. The loans, most of them past-due, were absorbed by Mexico’s bank-bailout fund known as IPAB.  (3) The Federal Law on Protection of Personal Data Held by Private Parties, provides a set of rights called “ARCO rights”, that refer to the rights of Access, Rectification, Cancellation and Objection, that data owners can exercise against the processing of their personal data by private parties (see above). The Regulations to the Federal Law on the Protection of Personal Data further qualify those rights (see above). However, the principle according to which a person can request the cancellation of his personal data is very vague. Also, limitations to said cancellation right seem highly discretionary and vaguely defined under Article 26 of the Law as well as under Article 88 of the Regulations. The INAI commissioners considered that Mr. Sánchez met the privacy-law requirements that allow for the removal of information when its “persistence causes injury” even if the information was lawfully published. (4) Mexico’s data privacy law contains exceptions to Internet privacy rules if the information is in the public interest. The INAI, however, didn’t apply the exception, arguing that Google didn’t claim those exceptions when making its case.  (5) The INAI ordered the removal only from google.com.mx. Mexico’s data privacy law only requires the removal of links from local search engines. (6) Google will be challenging the INAI ruling before the ordinary courts. Google Mexico considers that the INAI decision infringes on the right to access to information and freedom of speech. Free-speech advocates sided with Google Mexico by noting that the INAI ruling would allow politicians and business tycoons to abuse the so-called right to be forgotten by wiping out Internet links that cast them in a negative light. Activists and advocates are warning society about the negative effects of this type of rulings, especially in countries like Mexico, where the independent press and media are still fighting against censorship. The INAI ruling removes pieces of information that are essential for academics, think tanks and critical journalists in their work to hold elusive and criminal government officials accountable for their deeds before Mexican society.]

CONTRIBUTORS

Jose CamarenaEmail: pepecl2003 at gmail.com[personal page]

FEEDBACK

Please use this form to provide your feedback or suggest any amendments or updates to this page.