The status of cybercrime in Mexico, Brazil and the outcome on cybercrime and security of the fifth meeting of the Internet Governance Forum

AutorCristos Velasco San Martín - Vanessa Cravo
CargoProfesora Research Legal Counsel. Institut für Medienstrafrechts (Köln, Germany) - Telecommunication Regulation Expert. Anatel Agência Nacional de Telecomunicaçoes (Brasil)

The views and opinions contained in this article are the authors own ideas and do not represent the views of ISOC or any other entity, organization or employer affiliated with any of the authors. The website of ISOC 2010 IGF Ambassador Alumni is available at: umni.php

Page 26

This article was written in connection to the final project of the Internet Society (ISOC) Ambassadors Program for the Internet Governance Forum (IGF), which is part of the requirements for the completion of the program and it is the follow-up of the Fifth IGF Meeting held in Vilnius Lithuania in September 2010. ISOC granted a number of ambassadorships for experts to be able to attend and participate in the Fifth IGF meeting in Vilnius. Cristos Velasco participated for the third time as ISOC-Returning Ambassador and Vanessa Cravo as a first time ISOC Ambassador.*

1. The status of the legislation on cyber-crime in Mexico

Unlike Venezuela1 or the Dominican Re-public2, Mexico does not have an independent, special law that punish conducts and crimes committed through the use of computer systems or Internet. Mexican law partially punish con-ducts committed through the use of computer systems and information technology equipment in some provisions contained in the Federal Criminal Code, a number of State Criminal Codes and other laws at the federal level.3

For example, Title Nine, Chapter II (Articles 211bis 1- 211bis 7) of the Federal Criminal Code provides for imprisonment terms ranging from six months to eight years in and fines for those who copy information, alter, destroy or cause loss of information contained in computer systems or equipment pertaining to the State or media storage pertaining to public security or computer systems and equipment pertaining to financial institutions.

Article 168 bis of the FCC punishes with imprisonment from six months to two years and a fine of three hundred to three thousand days of salary to an individual who without right: (i) deciphers or cracks telecommunications signals other than a satellite’s carrier programs, or (ii) transfers the property, use of devices, instruments or information that allows deciphering or cracks telecommunications signals other than the satellite’s carrier programs.

In the field of corruption of minors and child pornography, Title Eight, Chapter II (Articles 202 to 202 bis) of the Federal Criminal Code provides fines and imprisonment sentences ranging from seven to twelve years to those who commit child pornography related crimes, and even said provisions establish punishments as a result of the transmission of data files through public or private telecommunications networks or through computer or electronic systems, as well as pu

Page 27

nishments for individuals involved in preparatory acts, and for those who sell, reproduce and dis-tribute material with child pornography content.

Furthermore, Articles 203 and 203A of the Federal Criminal Code establish penalties and imprisonment from seven to sixteen years for those who promote, advertise, invite, facilitate or arrange sexual tourism in national territory, as well as those who engage in any type of real or simulated sexual acts with minors by virtue of sexual tourism.

In the area of copyright, Article 424 bis of the Federal Criminal Code provides for imprisonment of from three to ten years and fines of from two-thousand to twenty-thousand days of the minimum wage salary to:

(i) individuals who produce, reproduce, introduce into the country, stock, transport, distribute, sell or lease copies of works, phonograms, videos or books protected under the Federal Law on Authors Rights (FLAR) in an illegal form, with a commercial purpose and without the authorization of the party entitled to the rights of the au-thor or related rights pursuant to the FLAR;

(ii) those who have knowledge or provide prime sources and materials destined for the production or reproduction of works, phonograms, videos or books referred in the aforementioned para-graph; or

(iii) an individual who manufactures a de-vice or system with the intent to profit, the purpose of which is to deactivate electronic protection devices of a computing program.

Article 112 of the Credit Institutions Law, which is a federal law establishes fines and imprisonment terms from three to nine years for those who alter, copy or reproduce the magnetic stripe or means of electronic identification, optical or any other technology of credit and debit cards, checks, drafts checks or any other payment instrument used or issued by national or foreign credit institutions, as well as the procurement, marketing or use of customer information, accounts or transactions of credit institutions.4

At the State level only seven States (Sinaloa, Aguascalientes, Tabasco, Baja California, Tamaulipas, Puebla and the Federal District) criminalize and provide sanctions to conducts committed through the use of computer systems and information technologies.

For example, Article 217 of the Criminal Code of the State of Sinaloa establishes fines and imprisonment terms from six months to two years for anyone who uses or access a database, computer systems or networks, with the pur-pose of designing, executing or modifying a scheme in order to defraud, obtain money, goods or information, as well as for those who intercept, interfere, receive, use, modify, damage or destroy software, computer programs or data contained in a database, system or net-work.

Moreover, Article 404 section XIX of the Code of Social Defense for the State of Puebla related to the crime of fraud, establishes fines and imprisonment terms from six months to ten years depending on the amount of the fraud, to the individual who modifies or damages the property of another through the illicit use of cyber mechanisms.5

Page 28

1.1. The Council of Europe Regional Workshop on Cybercrime Held in Mexico City

As part of the activities of the Council of Europe in order to promote access to the Convention on Cybercrime (the Budapest Convention)6 around the world, such organization organized in conjunction with the Mexican Inter-Secretarial Group Specialized in Information Security a regional workshop on cybercrime on 25-27 August, 2010 whose main purpose was to analyze Mexico’s legal framework on cybercrime confronting with the substantive and procedural provisions of the Budapest Convention and to accelerate and strengthen the process of reform of cybercrime legislation across Latin-America, fostering cooperation against cybercrime and security at the international and regional level, and promote access and ratification to the Budapest Convention among countries in the region.

This regional workshop gathered a number of experts from the Council of Europe, from the IT industry sector, from academic institutions along with law enforcement authorities and government representatives from the following countries: Argentina, Colombia, Costa Rica, Paraguay, Peru, Dominican Republic and Mexico. Among the topics analyzed and discussed were:

(i) the substantive and procedural provisions of the Budapest Convention and the compared criminal provisions contained in the legislation of the afore-mentioned Latin-American countries,

(ii) criminal investigation and the obtention of digital evidence, (iii) public-private cooperation in cybercrime investigations, (iv) the challenges for countries facing cybercrime and security.

The participants also analyze the best practices of countries that have cybercrime legislation in place such as Argentina7 and the Dominican Republic8, as well as European countries that have already access and ratify the Budapest Convention like Portugal and Romania.9

During the first day of the workshop, which was dedicated to analyze the legal frame-work of Mexico with representatives from different government agencies, the private sector and experts in the field, there were a number of presentations on different law initiatives against cybercrime at the Federal and State level, and some of the lessons learned from that day is that there is neither coordination among such government agencies, nor consensus on the different law initiatives against computer and Internet related crime that were part of the discussion.

During the regional workshop, there was general consensus that Latin-American countries should reform and adapt their legislation both, substantive and procedural in line with the Budapest Convention, however it was also men

Page 29

tioned that the Budapest Convention needs further guidance and reform in areas such as: (i) obtaining of digital evidence located in servers in other countries or in the cloud since there is no international standard on the subject matter; (ii) the protection of privacy and personal data by police and law enforcement authorities that ex-change and share personal information as a result of criminal investigations; (iii) conflicts of laws and cross-border jurisdictional issues among two or more countries that have legitimacy to prosecute cybercrime having effects within or outside their territory or over their nationals; (iv) the creation of a national point of contact 24x7 to cooperate with other 24x7 con-tact points around the world; (v) capacity building and training for law enforcement authorities and the judiciary in order to investigate and prosecute computer related crime in an efficient manner, among others.

Our brief conclusion from this workshop is that Latin-American countries have shown particular interest in drafting...

Para continuar leyendo

Solicita tu prueba

VLEX utiliza cookies de inicio de sesión para aportarte una mejor experiencia de navegación. Si haces click en 'Aceptar' o continúas navegando por esta web consideramos que aceptas nuestra política de cookies. ACEPTAR