Personal Data is not forever
Protection of personal data is an issue that has gained relevance in the last year in all parts of the world. An example of this phenomenon is the implementation of the General Regulation of Personal Data (GDPR) in the European Union in 2018 or the new laws, modifications to the current ones or judicial decisions on the matter, that Latin American countries began to implement to be in accordance with the community regulations.
In this respect, in a recent judicial ruling, the Supreme Court of Justice of the Nation of Mexico (SCJN) analyzed the pertinent period to keep personal data within the Law for the Protection of Personal Data in Possession of Obligated Subjects of the State of Guerrero and determined the invalidity of a portion of the regulations since it established generic terms for the preservation of personal data.
In this sense, the Court understood that this generic term was in violation of the right to the protection of these data, since the treatment of them requires individualization in each specific case, so to decide what deadlines to apply should be attended to the applicable provisions in the matter in question.
As a result of the aforementioned resolution, the Supreme Court ordered the Institute of Transparency, Access to Information and Protection of Personal Data of the state of Guerrero to issue, within 90 days, the guidelines to which the general law of the corresponding subject refers. Finally, it is important to note that this decision was applied to other states such as Jalisco, Michoacán and Sinaloa, in which the Institute of Transparency, Public Information and Protection of Personal Data was notified to adapt its regulations to this criterion, since it was improperly extended the term to one year, in the local law.