← Back to Ratio
Regulation · · 3 min read

AI Regulation in Mexico: Why More Laws Isn't Enough

Legislative panic, regulatory inflation, regulatory colonialism: the three mistakes Mexico should avoid when regulating artificial intelligence.

#regulation #ai-governance #ai-law #mexico #digital-sovereignty

In August 2025, AMCID gave me the privilege of sharing my lecture, “Artificial Intelligence: Regulatory Constellations,” with more than 200 colleagues and experts. The title is not arbitrary: the zodiac serves as a mnemonic tool to describe the different approaches to AI regulation around the world, from the most prescriptive to the most principle-based, and what they reveal about each region’s legal philosophy. But by the end of the session, with questions that went well beyond the allotted time, it became clear that the topic extends far beyond comparative taxonomy. What concerns legal practitioners is more fundamental: in which direction should we push?

The conference revolved around three ideas worth putting into writing.

Whenever a technology that generates a buzz emerges, there is a temptation to create a regulatory framework from scratch. The reflex kicks in: “This problem is new; current law isn’t enough.” But when one examines closely exactly what the concerns are: civil liability for algorithmic harm, transparency in automated decisions, and the protection of personal data in the context of language models; there is almost always a preexisting legal framework. Strict liability, disclosure obligations, fundamental rights: the system already has answers for a considerable portion of these scenarios.

Legislating as if there were no precedent is regulatory panic disguised as modernity. And regulatory panic produces bad laws.

Three pitfalls legislators should avoid

At the conference, I described three risks that any country seeking to regulate AI judiciously should avoid.

The first is legislative panic. Political pressure to “do something visible” leads to laws drafted in haste that create more uncertainty than certainty. A law passed in response to the news cycle rarely solves the problem it aims to address; more often than not, it creates new gray areas.

The second is regulatory inflation: multiplying sector-specific laws, one for facial recognition systems, another for chatbots in public services, another for high-risk models, fragments the legal system without strengthening it. The law works better when based on principles rather than on catalogues of technologies that become obsolete in two years.

The third is regulatory colonialism. Transplanting the European AI Act or U.S. executive orders without adapting them to the Mexican context is equivalent to importing a solution without understanding the local problem. The standardization of regulatory frameworks on a global scale comes at a cost: it erodes legal and digital sovereignty, which is not a luxury but the foundation upon which any legitimate regulation is built.

Can institutions enforce what already exists?

The central argument of the conference was not “don’t regulate AI.” It was something more precise: before drafting new regulations, we must ask whether existing institutions have the resources, training, and independence to enforce those already in place.

A judge who cannot describe the basic functioning of a recommendation system cannot properly apply the principle of strict liability, even if the law provides for it. A regulator without a budget or technical staff cannot oversee high-risk models, even if the regulations require it. In that scenario, more legislation is simply more text that no one can enforce.

Thinking about and making decisions regarding AI requires less complacent rhetoric and more grounding in legal principles. Less reliance on technological narratives that are effective from a marketing standpoint, and more critical thinking about what the law can do, and what no regulation can do if the institutions that back it lack the actual capacity to act.

That does not end the debate. But it does establish a more honest starting point than the race to pass the subcontinent’s first AI law.

Frequently asked questions

Does Mexico need a specific law on artificial intelligence?
Not necessarily. More urgent than enacting a specific law is strengthening existing institutions and properly applying the legal principles already in place. An ad hoc law for each technology leads to regulatory inflation and may create more legal uncertainty than certainty.
What is regulatory colonialism in the context of AI?
Regulatory colonialism occurs when a country adopts regulatory frameworks designed by and for other legal and economic realities, typically those of technological powers such as the European Union or the United States, thereby sacrificing its legal and digital sovereignty. In the context of AI, this is equivalent to transplanting the European AI Act without adapting it to the Mexican or Latin American context.
Why are AI's "new legal problems" not really new?
Because most of the challenges posed by AI, including civil liability for algorithmic harm, transparency in decision-making, and the right to an explanation, are already grounded in preexisting legal principles: strict liability, fundamental rights, and disclosure obligations. What has changed is the scale and speed, not the nature of the problem.

Adapted to the site style. Substance preserved.

Original LinkedIn post — Originally published on August 7, 2025 · read the original