25 lines
1.0 KiB
Org Mode
25 lines
1.0 KiB
Org Mode
:PROPERTIES:
|
|
:ID: auto-lfp-dppp
|
|
:CREATED: [2026-05-23 Sat]
|
|
:END:
|
|
#+title:
|
|
#+filetags: :passepartout:compliance:framework:lfp:
|
|
|
|
|
|
Mexico's federal privacy law (effective 2010, reformed 2024). Key requirements:
|
|
consent, notice (privacy notice must specify the "responsible party"), purpose
|
|
limitation, data subject rights (ARCO — access, rectification, cancellation,
|
|
opposition + deletion, portability), cross-border data transfer limitations,
|
|
security breach notification. INAI (National Institute for Transparency,
|
|
Access to Information and Personal Data Protection) enforces.
|
|
|
|
Penalties: Up to 1.9M days of minimum wage (~$5M USD); INAI can also
|
|
suspend data processing.
|
|
|
|
Why it matters: USMCA (US-Mexico-Canada Agreement) trade obligations are
|
|
pushing toward privacy regime interoperability. A bilingual (Spanish/English)
|
|
gate package covering both LFPDPPP and US frameworks serves the massive
|
|
US-Mexico cross-border commerce market. First-mover advantage: LFPDPPP is
|
|
less automated than GDPR; the market has fewer vendors and lower expectations.
|
|
|