![Wolters Kluwer Law & Business has published the third edition of my book: “Cyber Law in Mexico” [ISBN-978-90-411-6855-9]. This book is part of the renowned “International Encyclopaedia for Cyber Law”...](http://protecciondatos.mx/wp-content/uploads/2016/05/Flyer_CyberLawMX-2016-200x250.jpg "Cyber Law in Mexico by Cristos Velasco")
![The most recent book of Dr. Cristos Velasco titled “Criminal Jurisdiction and Cross-Border Access on Cybercrime” [ISBN 978-84-9086-992-5] has been published by Tirant lo Blanch. This book is a continuation...](http://protecciondatos.mx/wp-content/uploads/2016/01/Portada_Libros_feature_img.png "Publication of Cristos Velasco’s New Book “Criminal Jurisdiction and Cross-Border Access on Cybercrime”")
Sorry, this entry is only available in Español.
Sanction Procedure against AT&T for non-compliance with the FLBR and the FLPPDPP
– Posted on August 17, 2016Posted in: Featured
Sanction Procedure against AT&T for non-compliance with the FLBR and the FLPPDPP
Sorry, this entry is only available in Español.
Latest news
0
0
EU-US Privacy Shield Published in EU Official Journal
– Posted on August 3, 2016Posted in: Featured
The EU-US Privacy Shield was officially published on August 1st in the EU Official Journal
The EU-US Privacy Shield is a mechanism that allows the transfer of personal data from any country member of the European Union to a company located in the United States. American companies are now obliged to use, store and process personal information according to a strong set of data protection rules and safeguards based on the EU Data Protection Directive 95/46/EC and the EU General Data Protection Regulation, the latter of which will be in full force from 1 May 2018.
The protection of personal data under the EU-US Privacy Shield applies regardless of whether an individual is a EU citizen or not.
Further info on the Privacy Shield:
EC Guide to the EU-U.S. Privacy Shield
0
European Parliament Adopts Directive on Security of Network and Information Systems
– Posted on July 14, 2016Posted in: Featured
El pasado 6 de Julio del presente, el Pleno del Parlamento Europeo adoptó la Directiva sobre Seguridad de Redes y Sistemas de Información, mejor conocida por sus siglas en inglés como Directiva NIS. El objetivo principal de la Directiva es fomentar un alto nivel común de seguridad de redes y sistemas de información dentro de los países miembros de la UE, por medio de la mejora de las capacidades de seguridad cibernética a nivel nacional; incrementar la cooperación a nivel regional; crear reglas comunes para la gestión y manejo del riesgo y establecer obligaciones de notificación de incidentes para los operadores de servicios esenciales y proveedores de servicios digitales.
La Directiva NIS será aplicable para los siguientes sectores: (i) Energía: electricidad, petróleo y gas; (ii) Transporte: aéreo, ferroviario, marítimo y terrestre; (iii) Bancario: instituciones de crédito; (iv) Infraestructura del mercado financiero: centros de negociación y contrapartes centrales; (v) Salud: establecimientos de salud; (vi) Agua: provisión y distribución de agua potable; (vii) Infraestructura Digital: puntos de intercambio de Internet, proveedores del servicio de sistemas de nombres de dominio y registradores de nombres de dominio de primer nivel.
Entre las disposiciones más relevantes de la Directiva NIS se encuentran:
1. La creación de un grupo de cooperación conformado por representantes de los Estados Miembros, la Comisión Europea y ENISA, dividido a su vez en cuatro áreas principales de trabajo: (i) Planeación; (ii) Gobierno; (iii) Compartir información y mejorar las practicas acerca del manejo de riesgos, incidentes, incrementar la concientización y capacitación; y (iv) Reportar cada año y medio respecto a las experiencias y avances obtenidos a través de la cooperación entres sus miembros.
2. Fomentar e incrementar la cooperación entre los Centros de Respuesta a Emergencias de Sistemas de Cómputo (CERT’s) con instituciones, agencias y entidades de la Unión Europea para el intercambio de información relacionada con incidentes relacionados con sistemas de cómputo.
3. Gestión del riesgo y obligaciones de notificación de incidentes para los operadores de servicios esenciales y proveedores de servicios digitales. Los operadores de servicios de comunicaciones deberán adoptar medidas de seguridad adecuadas y notificar los incidentes de gravedad a las autoridades nacionales relevantes. Las medidas de seguridad podrán incluir: (i) Prevención de Riesgos: (ii) asegurar las redes de información y sistemas de seguridad; y (iii) minimizar el impacto de los incidentes.
La Directiva NIS fue publicada en el Diario Oficial de la Unión Europea el pasado 19 de Julio de 2016. Los Estados Miembros tendrán 21 meses para adoptar y transponerla en sus respectivos marcos jurídicos nacionales, así como un periodo adicional de seis meses para identificar a los operadores de infraestructura crítica y servicios esenciales, entre otras obligaciones.
Mayor información acerca de la adopción de la Directiva NIS se encuentra en:
0
Official launch of the OECD Broadband Policy Tool-Kit for Latin America and the Caribbean
– Posted on June 21, 2016Posted in: Featured
The OECD Broadband Policies for Latin America and the Caribbean: A Digital Economy Toolkit a joint project of the OECD and the International Development Bank (IDB) was officially launched last June 21 during the 2016 OECD-Ministerial Meeting held in Cancun, Mexico.
As part of my expertise in the field, I was hired as a consultant to draft Chapter 14 on Digital Security Risk Management and Chapter 15 on Privacy Protection. Both chapters provide an overall situation on policies and best practices in the field of privacy and digital security management in selected countries of LAC.
Any comments or perspectives on said chapters are very welcome.
For further information on the Toolkit, see the official website of the OECD
Follow the twitter hash tag: #OECDdigitalMX @OECDInnovation
0
Cyber Law in Mexico by Cristos Velasco
– Posted on May 13, 2016Posted in: Featured
Wolters Kluwer Law & Business has published the third edition of my book: “Cyber Law in Mexico” [ISBN-978-90-411-6855-9].
This book is part of the renowned “International Encyclopaedia for Cyber Law” coordinated by Jos Dumortier, former professor at the Catholic University of Leuven in Belgium and Mr. Ruben Roex.
Like in previous years, this Monograph is now available as “print on demand” (electronic or printed format) for those interested in purchasing it separately, without having to buy all the six volumes of the “International Encyclopaedia for Cyber Law”
This edition contains a total of 416 pages and is updated until February 2016. It is currently the only available book in Mexico on the subject published in English. It contains a general introduction; statistics and background of the political system, population and geography; telecommunications infrastructure; statistics and current data on information technology, broadband and telecommunications investment; electronic commerce; domain names; competitiveness and e-government. Likewise, this book is divided into nine main areas of practice with different chapters and sub-sections, and a final section of conclusions as follows:
I. Regulation of the Information Technology and Communications Market contains the legal and regulatory framework of the telecommunications sector, which includes an exhaust analysis of the Federal Law on Telecommunications and Broadcasting and the activities of the national regulatory authority IFT; an analysis of the competition framework in telecommunications under the current laws and treaties and the activities and fines established by the Antitrust regulator Cofece. This section also includes a revision of the rules on standardization, certification and homologation of telecommunications equipment.
II. Protection of Intellectual Property in the ICT Sector includes a revision of the national rules on copyright in the area of ICT, legal protection of software, databases, computer chips, trademark and trade scheme licenses, the current legal framework of Internet domain name registration, including the domain name disputes administered by WIPO and a revision of the Anti-Counterfeiting Agreement (ACTA) and its signature by the Mexican authorities.
III. ICT Contracts incorporates an analysis of the legal framework applicable to software, government and electronic contracts.
IV. Electronic Transactions includes an analysis of the rules for the formation of electronic agreements, the regulation of electronic commerce, electronic signatures and certification service providers in the following sectors: commerce, consumers, financial & banking, administrative procedures and tax and fiscal obligations; a revision of the rules on preservation of data messages, the rules on applicable law and jurisdiction for consumers, unsolicited communications (spam) and marketing practices and a revision of the status of national digital identity cards and online banking statistics.
V. Extra-Contractual Liability incorporates an analysis of the rules on non-contractual liability, negligence damage and redress and liability of network operators and Internet service providers.
VI. Online Legal Proceedings includes an analysis of the legal and administrative framework on online trial proceedings, the national online justice system and the sanctions imposed by the Federal Tribunal of Fiscal and Administrative Justice.
VII. Privacy and Data Protection incorporates an analysis of the constitutional reforms in the area of privacy an data protection, of Federal and State legislation on data protection, including an exhaust revision of the provisions of the Federal Law on Protection of Personal Data in Possession of Private Parties (LFPDPPP) and its Regulation and each of the instruments and guidelines on data protection issued by the national data protection authority INAI; the fines and sanctions against data controllers and data processors established by INAI; analysis of the jurisprudence and case law on privacy and data protection issued by the Supreme Court of Justice and Federal Tribunals and Internet industry related studies and statistics on data protection.
VIII. Transparency and Access to Government Information includes an analysis of the constitutional reform on access to information and the Federal Law of Transparency and Access to Public Government Information and Data Protection (FLTAPGIDP), state laws, information on the electronic system for access to information requests and relevant statistics on access to information from the national authority INAI.
IX. Computer and Internet related Crime, includes an analysis of the substantive provisions of the Federal Criminal Code in the area of ICT, interception of private communications, geographic tracking of mobile equipment by law enforcement authorities and cooperation on criminal investigations, offenses related to computer systems, infringement of copyrights, offenses related against the security of the nation, use and recognition of digital evidence for criminal investigations under the new National Criminal Procedure Code, the substantive and procedural rules on criminal jurisdiction, law initiatives on cybercrime, activities on international cooperation and national statistics on cybercrime, state legislation, law enforcement activities against cybercrime; an analysis of the national strategy on cyber security of the federal government, which includes the work of the national CERT-MX of the Scientific Division of the Federal Police and awareness activities on cyber security.
X. Final Conclusions
This book contains a “Thematic Index” with keywords within 776 numbered paragraphs of the text, which enables the reader to search for specific terms related to the regulation of information technologies in Mexico.
I am very grateful to my colleague and friend Mtro. Julio César Vega Director of the Internet Mexican Association (AMIPCI) for having drafted the preface to the third edition of the book.
It is worth mentioning that I will be presenting this book in conferences and seminars related to the regulation of ICT’s, as well as in Universities and academic circles in Mexico and Europe during 2016.
The book can be now directly purchased through: Wolters Kluwer Law & Business
0
Rodrigo Orenday’s Article on INE’s Data Leak Scandal
– Posted on May 2, 2016Posted in: Featured
Sorry, this entry is only available in Español.
0
Data Breach of Mexico’s National Voters List of the National Electoral Institute (INE) Found in Amazon Servers
– Posted on April 23, 2016Posted in: Featured
Sorry, this entry is only available in Español.
0
European Parliament Approves General Data Protection Regulation and Data Protection Directive for the Police and Judicial Sector
– Posted on April 15, 2016Posted in: Featured
Sorry, this entry is only available in Español.
0
Presentation in the 9th GDD-Fachtagung Datenschutz International in Berlin
– Posted on March 18, 2016Posted in: Featured
Last March 15, 2016, Dr. Cristos Velasco gave a conference titled: “Data Transfers to Countries of the LAC Region after the EUCJ Safe Harbor Decision” during the 9th GDD-Fachtagung Datenschutz International Conference in Berlin.
The conference was attended by a total of 23 members of the Gesellschaft fur Datenschutz und Datensicherheit e.V., which is the largest association of privacy and data protection professionals in Germany.
The conference was conducted in English and covered the following themes:
- Current State of Data Protection Laws in Selected Countries of Latin America and the Caribbean.
- International Data Transfer Mechanisms
- Main Legal Developments and Interoperability with other Regional Data Protection Frameworks
A major part of the conference was devoted to analyze the general requirements and available mechanisms to conduct international data transfers from Latin America to Europe and vice versa and its implications after the Safe Harbor Decision of the Court of Justice of the European Union (CJEU) of October 2015; latest developments in selected countries of Latin America; interoperability with other international data protection frameworks (APEC Cross-Border Privacy Rules System) and cross-border cooperation agreements for the enforcement of data protection laws. The final part of his presentation finalized with some personal views and pending tasks to be developed in countries of LAC.
The presentation is available in the following hyperlink
0
Publication of Cristos Velasco’s New Book “Criminal Jurisdiction and Cross-Border Access on Cybercrime”
– Posted on January 21, 2016Posted in: Featured
The most recent book of Dr. Cristos Velasco titled “Criminal Jurisdiction and Cross-Border Access on Cybercrime” [ISBN 978-84-9086-992-5] has been published by Tirant lo Blanch. This book is a continuation of its predecessor “Jurisdiction over Crimes Committed through Computer Systems and Internet” published in May 2012.
A large part of the content of this book is devoted to analyzing cross-border access to data and information by law enforcement authorities for purposes of criminal investigations in third countries. Although said topic is not new, it has gained attention and relevance in recent years mainly because the legal evidence that could be useful for a criminal investigation may be found not only in computer and information systems used by criminals located in different territories, but also hosted and stored in servers and data centers of cloud computing service providers that are usually located in different countries, a mater that complicates the work and criminal investigations of national law enforcement authorities.
Cross-border access to data by law enforcement authorities in third countries brings other controversial and complex issues to be resolved at the national and local level, such as aspects of national sovereignty under international law, safeguards and protection of fundamental rights such as the right to data protection, international cooperation aspects through multilateral legal mutual assistance mechanisms and conflict of laws on data protection between countries.
This book offers some insights, perspectives and possible solutions concerning this topic based on the author’s experience and his active participation in international seminars and conferences related to cybercrime, cyber security and data protection.
This current edition also includes the review and analysis of the legal frameworks on criminal jurisdiction and legislation on crimes committed through the use of information technologies of ten Latin American countries (Argentina, Brazil, Colombia, Costa Rica, Chile, Mexico, Panama, Paraguay, Peru and Dominican Republic), as well a assessment of their respective Computer Emergency and Information Security Response Teams (CERT’s) which play an important role in coordinating, facilitating and offering immediate response for both, victims of crime and organizations & institutions responsible for the management and control of security systems 24 hours a day, 365 days a year.
This book contains 415 pages and is divided into two parts. The first part consists of three chapters and the second part of four chapters; and finalizes with a section of conclusions and perspectives concerning the thematic that we are quite sure will be useful and relevant for public servants and employees of international and regional organizations; national data protection authorities and government officials in charge of creating and implementing policies on information and digital security; CERTs and 24×7 contact point networks; legislators and policy makers; trial and practicing attorneys, Judges, Magistrates and professionals responsible for the administration of criminal justice; professors; researchers and law students interested in the subject.
I will be officially presenting this book during international conferences and seminars related to cybercrime, information security and data protection in Europe and Latin America, as well as in some universities and academic circles in Spain and Mexico during 2016, including the International Book Fair of Guadalajara in December 2016. The book can be purchased in electronic or print format in:
Tirant lo Blanch España (Spain and countries of the European Union).
Tirant lo Blanch México (Mexico, United States, Canada and countries of Latin America).
