The dilemma between security and privacy
Organized crime no longer only uses firearms. It now uses cryptocurrencies, encryption, and anonymous networks to traffic, extort, and launder money without leaving a trace. Faced with this, many governments—including Mexico's—have chosen to strengthen their technological and legal capabilities, even at a high cost: citizen privacy.
In Mexico, Congress recently approved a package of reforms that includes changes to personal data protection laws, the introduction of the biometric CURP (Currency Identification Number), adjustments to the Telecommunications Law, and modifications to the Anti-Money Laundering Law. On paper, the goal is to modernize the state to combat cartels better equipped than many prosecutors' offices. On paper, the objective is to facilitate procedures, support the search for missing persons, and combat corruption.
On this issue, President Claudia Sheinbaum has insisted that the use of biometric data will be voluntary and that wiretapping communications will require a court order. But the disappearance of the National Institute of Statistics and Census (INAI) and the IFT—two autonomous bodies—has raised concerns about oversight mechanisms. Trust is not built solely through declarations, but through institutions capable of limiting power, even in exceptional situations.
And there are reasons for this concern. Since the 1970s, the Mexican state has resorted to espionage: first by intercepting phone calls and letters, then by intercepting emails, and later by using tools like Pegasus. During the Peña Nieto and López Obrador administrations, the use of this software against journalists and human rights defenders was documented. Today, it remains in the hands of the Army, and while there is no evidence of further abuses, there is also no guarantee that it has been deactivated.
The new reforms change key rules. Consent to use personal data is now implicit. Privacy notices no longer clearly explain citizens' ARCO (Access, Rectification, Cancellation, and Opposition) rights. Furthermore, platforms like Llave MX concentrate sensitive biometric information without independent bodies overseeing its use. A leak or misuse would have devastating effects, as demonstrated by the dissemination of the electoral roll in 2015.
Are reforms needed? Absolutely. Organized crime demands effective legal responses. But the challenge is to do so without weakening rights. History shows that, without firm controls, power can easily be diverted. The balance between security and freedom is not built solely on intentions, but on clear limits. At this point, it is not enough to affirm that rights will not be violated; institutional guarantees, external audits, grievance mechanisms, and active transparency are required.
The dilemma is real: how much privacy are we willing to give up to feel more secure? The answer must start from the recognition of a dual risk: on the one hand, organized crime; on the other, the temptation of an unchecked state. Defending privacy is not obstructing justice, but protecting what makes it legitimate. Because without privacy, there is no full citizenship, and without limits to power, any useful tool can become dangerous in the hands of unscrupulous officials.
Facebook: Eduardo J Ruiz-Healy
Instagram: ruizhealy
Website: ruizhealytimes.com
Eleconomista
