Yes, web scraping is legal in Mexico when conducted within the bounds of data protection and intellectual property laws, but unauthorized access or misuse of scraped data may trigger liability under local regulations.
Key Regulations for Web Scraping in Mexico
- Federal Law on Protection of Personal Data (LFPDPPP): Scraping personal data without consent violates Articles 6 and 15, exposing entities to fines up to 32 million MXN (2024 values) or 1.5% of annual revenue under the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI).
- Federal Copyright Law (LFDA): Automated extraction of copyrighted content (e.g., paywalled articles) may constitute infringement under Article 10, particularly if repurposed commercially without authorization.
- Cybersecurity Law (2026 Amendments): Proposed reforms to the Ley Federal de Ciberseguridad introduce stricter penalties for scraping systems without explicit authorization, aligning with NIST-like access controls for critical infrastructure data.
Additional Considerations:
- Terms of Service (ToS): Violating platform ToS (e.g., LinkedIn’s automated access bans) may lead to civil claims under Código Civil Federal Article 1910 for tortious interference.
- Sector-Specific Rules: Financial data scraping (e.g., from Banxico or CNBV-regulated entities) requires adherence to Ley para Regular las Instituciones de Tecnología Financiera (Fintech Law), mandating secure data handling protocols.
Enforcement remains inconsistent, but INAI’s 2023–2024 enforcement actions against unauthorized data brokers signal heightened scrutiny. Entities should implement data minimization, obtain consent where applicable, and document scraping purposes to mitigate risk.