Private Initiative Pushes for Cybersecurity Law Input

The Private Initiative, on behalf of the chambers and associations of the Mexican technology and telecommunications sector, demands to be included in the debate on the proposed cybersecurity bill, according to a joint statement.  This call arises after the United Commissions of Citizen Security and Science, Technology and Innovation of the Legislative Branch agreed on the methodology for the process of ruling on the cybersecurity law initiative, which considered various public institutions but omitted private or non-governmental organizations.

In a joint letter, the Latin American Internet Association, the Mexican Association of the Information Technology Industry (AMITI), the National Chamber of the Telecommunications and Information Technology Electronics Industry (CANIETI), the International Chamber of Commerce Mexico (ICC Mexico), the National Telecommunications Association (ANATEL) and the Inter-American Association of Telecommunications Companies (ASIET) expressed their concern about the proposed legislation and their interest in taking part in its development and realization.

"We urge that the process of analysis, formulation, and discussion of the Cybersecurity Law be carried out with the highest standards of inclusion and transparency. It is essential to ensure that every actor and every stage of this process contemplates all stakeholders," reads the statement.

In the statement, these entities emphasized the importance of implementing a regulation that is not only robust and effective, but also addresses social and public security issues, while proactively anticipating challenges that may arise in the dynamic future. This approach is intended to guarantee the adoption of an approach that incorporates the perspectives of all sectors in the discussion process.

Juan Manuel Aguilar Antonio, Vice President of Cybersecurity, Council for Data and Emerging Technologies (CDETECH), highlights the conceptual limitations present in the current draft of the cybersecurity proposal. He points out the confusion of technical industry terms within the current legislative proposal, emphasizing a predominant state-centric view that prioritizes national and public security. Aguilar suggests that these gaps must be addressed for clear and effective implementation of the final draft. 

"There are important conceptual gaps in the text of the bill and confusion of concepts such as Cybersecurity and Information Security is observed, this extends to multiple terms used throughout the proposal that can generate an unclear legislative framework for the implementation of this initiative," outlined Aguilar.

Despite these considerations, specialists from Platzi, a Latin American online education platform, assert the urgent need for a cybersecurity law in Mexico. “The Latin American region is the target of more than 63 billion cyberattacks in six months, experiencing a notable increase in the use of ransomware and botnets. Mexico and Colombia are some of the most affected countries, which highlights the urgent need for more robust security strategies adapted to the regional reality,” they said.

The World Economic Forum (WEF) shared this urgency, revealing that cybersecurity ranks at the top of concerns among 39% companies and governments. These figures serve to underscore the need to reduce a marked cyber-equity gap and to support the most vulnerable organizations for the sake of global benefit.

“Technological development is making the cyber equity gap starker within and between countries. This makes everyone more vulnerable, even the best protected organizations, so collaborative solutions that support those least able to protect themselves will benefit everyone,” said Sean Doyle, Head of Cybercrime Atlas Initiative, WEF. 

This context establishes the need for comprehensive legislation that not only responds to current cybersecurity challenges but is also flexible enough to anticipate and address emerging government-business challenges. According to the WEF, collaboration between the private sector and government institutions, aligned with the chambers and associations of the technology and telecommunications sector, is a key element to ensure a balanced, effective regulation, adapted to the constant evolution of cyber threats.