On July 1, 2025, Mexico approved the National System of Investigation and Intelligence in Public Security Law. The new legislation, driven by President Claudia Sheinbaum’s government, creates a legal framework for coordination among security agencies tackling organized crime.
The reform aims to improve evidence integration for the Attorney General’s Office, as well as speed up investigations and reduce gaps in criminal prosecutions. It grants the Security and Citizen Protection Ministry (Secretaría de Seguridad y Protección Ciudadana – SSPC) broad powers to access personal, fiscal, biometric, and geolocation data from public and private sources without a prior court order. To achieve this, it calls for the creation of a Central Intelligence Platform, run by the Digital Transformation Agency and the National Intelligence Center (Centro Nacional de Inteligencia – CNI), to centralize information.
While the new legislation aims to combat crime, the expansion of powers it allows could lead to abuses of privacy and civil rights, as well as create vulnerabilities in the proposed systems, making it easier for criminal or corrupt actors to access sensitive data.
InSight Crime spoke with Pepe Flores, Acting Director of the Mexican human rights organization, R3D: Red en Defensa de los Derechos Digitales, about the potential impact of this law on the fight against organized crime in Mexico.
InSight Crime (IC): What impact do you think this reform will have on the struggle against criminal intelligence and organized crime in Mexico?
Pepe Flores (PF): The law starts from the premise that investigative and prosecutorial authorities lack sufficient technological capacity to address crime and therefore need more.
That premise is debatable. In reality, there is no guarantee that these new tools for interconnection and centralization of public and private databases will have a meaningful impact on crime reduction.
Authorities already have many technological capacities, such as real-time geolocation and access to telecommunications data. Yet their use has revealed cases where stored data was accessed without judicial authorization and the abuse of exceptional mechanisms. With the reform expanding those powers, the potential for abuse becomes more concerning.
IC: The proposed legislation calls for a single, centralized database accessible by federal, state, and municipal authorities without prior judicial authorization. How might this measure affect organized crime?
PF: The law is created for the goal of targeting organized crime, but the absence of clear limits opens the door to arbitrariness, impunity, and discretion.
The law envisions a Central Intelligence Platform to consolidate access and to connect public and private databases under the control of the Digital Transformation Agency and the National Intelligence Center. This information could be used without prior judicial authorization to produce “intelligence products,” an ambiguous concept that could include anything from preventive security tasks to national security matters without first establishing a criminal case.
SEE ALSO: Mexico Ignores Alternatives to Militarization: Report
This framework allows information sharing across levels of public institutions and with private actors. For example, an authority ostensibly fighting crime could request information from financial entities. Such requests could be made at the discretion of prosecutors without notifying the individuals affected. The reform also does not specify whether companies will be able — or willing — to take a proactive role in alerting their users to such requests.
IC: Could this reform enable data-sharing between the Mexican government and foreign authorities, such as the United States? Under what conditions?
PF: The reforms allow for several scenarios involving the transnationality of data. On one hand, they permit requests for data on Mexican citizens from foreign companies. On the other, they authorize the exchange of databases and intelligence products with “entities from other countries,” as the law states. This could, for instance, open the door to an agreement between Mexico’s Security Ministry and the US State Department. The law does not establish safeguards to ensure that such exchanges occur strictly within a framework of international security cooperation.
SEE ALSO: Can Mexico’s President Appease Trump With Anti-Crime Crackdown?
IC: What are the main challenges Mexico will face in implementing the measures proposed by this reform?
PF: One challenge is the collection and use of biometric data. The law requires linking the new national identity system with biometric data already held by other agencies — such as passport or tax records — which enables the indiscriminate transfer of data between institutions. This raises questions about data protection standards and the risk of leaks or cybersecurity vulnerabilities.
Another concern is the use of requested data in automated decision-making systems. There is a risk that a person could be flagged as a criminal risk simply for living in a certain neighborhood, frequenting a certain area, or belonging to a specific ethnic or racial group.
IC: The content of the reform has generated criticism about possible human rights violations and lack of data protection. What alternative measures could more effectively strengthen Mexico’s capacity to detect criminal intelligence?
PF: First, judicial oversight is essential. Keeping a judicial record of requests would document how many are made and create a mechanism for transparency and accountability to prevent abuse.
Second, concepts such as “intelligence products” or “for national security reasons” should not be so broad and vague, since they give authorities discretion to use new tools in ways that normalize mass surveillance.
Third, individuals should have a right to notification, so they are aware both that they were targeted for surveillance and of the authority that issued the request.
Finally, private companies and actors receiving these requests should have proactive obligations. Reporting these numbers is important so society can identify when abuses of these powers occur.
IC: Is there any country in the region that could serve as an example for Mexico in designing strategies for security-related investigation and intelligence?
PF: In Colombia, for example, officials pursued peace-culture campaigns instead of introducing facial recognition cameras or biometric identification to address violence in soccer stadiums. Those campaigns produced results more oriented toward long-term change.
In other countries, we are seeing the import of US-inspired security models based on identification and recognition, the normalization of indiscriminate mass surveillance, and now access to retained data.
Latin America is at a critical juncture in implementing certain technologies for law enforcement and criminal investigation. I believe this is linked to US influence in pushing security policies that increasingly emphasize punitive rather than preventive models. Latin America is moving toward this security narrative, which normalizes mass, discriminatory surveillance.
This interview has been edited for clarity and length.
