Mexico City, January, 2021
In accordance with the decree where various provisions of the Income Tax Law, the Value Added Tax Law and the Federal Tax Code (“CFF”), known as Tax Miscellaneous, are amended, added and derogated, for the year 2021, published in the Official Gazette of the Federation on December 8, 2020 and effective as of January 1, 2021, the services of the Tax Administration System (“SAT”) are being modified in relation to the verification and authentication of the certificates of advanced electronic signatures of the taxpayers.
The modification in question consists of the amendment of the last paragraph of article 17-F of the CFF (“Modification”), whose current wording is as follows:
“
…
Individuals who agree to the use of the advanced electronic signature as a means of authenticating or signing digital documents may request the Tax Administration Service to provide the verification and authentication service of the certificates of advanced electronic signatures. The requirements to grant the provision of such service shall be established by general rules issued by the decentralized administrative body.”
According to the Tax Miscellaneous, now is as it follows:
“
…
Individuals who determine the use of the advanced electronic signature for the authentication or signing of digital documents, may request the Tax Administration Service to provide the verification and authentication service of the certificates of advanced electronic signatures and the identity verification of the users. The requirements of granting the provision of such service shall be established by general rules issued by the decentralized administrative body.”
In relation to the above and with respect to the general rules issued by the SAT regarding the provision of its services, rule 2.2.11 of the Miscellaneous Fiscal RESOLUTION for 2020, currently in force, establishes the following:
“2.2.11. According to article 17-F, second paragraph of the CFF, the SAT will provide the verification and authentication service of advanced electronic signature certificates and biometric identity verification service to taxpayers who agree to use the e- signature (“e.firma”) for authentication or signing of digital documents, or that requires the verification of biometric identity provided that they present the information and documentation indicated in the procedure sheet 256 / CFF “Request for access to the public service for verification and authentication of e- signature ”, contained in Annex 1-A.
The verification and authentication service of the certificates of advanced electronic signatures that the SAT will provide will consist of allowing the taxpayers mentioned in the previous paragraph, access the public consultation service through which they will verify the validity of the digital certificates of the e-signature. The biometric identity verification service consists of validating the taxpayer’s information, based on the biometric information collected in the e.signature generation process.”
In due course, the rule 2.2.11, of the Tax Miscellany for 2021, will now include the new service contemplated in the Modification.
In this sense, the Modification grants a service provision to the SAT which verifies the identity of the users where the SAT may issue an opinion on the holder’s identity of the advanced electronic signature. This may raise some situations that could put the obliged subject (SAT) in a position of non-compliance with some provisions indicated in the General Law on Protection of Personal Data Held by Obliged Subjects (“Data Law”).
The provision of the service established on the reform from article 17-F of the CFF according to what has been commented on various informative notes[1], the opinion on the identity of the signer would be a binary answer (yes / no).
Given the context of the reform, we believe that it’s important to point out the concept of personal data and databases established by the Data Law:
i) “Any information concerning an identified or identifiable natural person. A person is considered identifiable when his/her identity can be determined directly or indirectly through any information”.
At such, it is understood that personal data is any information, which means that there is no limitation in terms of its scope as long as it refers to an identified or identifiable natural person (who can be identified). In that sense, and taking the aforementioned concept, it could be considered that the only binary response would then be a personal data created as a result of the services provided by the SAT.
In this sense, the Modification could contravene some provisions established in the Data Law, such as the principles of purpose and information that consist in the handling of data having a specific and informed objective, which have been communicated to the owner who provided such data to the obliged subject, in his/her capacity as taxpayer.
On the other hand, whilst awaiting the entry into force of the reform, the SAT as obliged subject, should have carried out an impact assessment, which consists of analyzing the data entailing that it intends to give, to determine and mitigate possible risks that could involve the owners and the duties of the person in charge.
Finally, the Modification could contravene article 69 of the CFF itself, which establishes the obligation to keep absolute confidentiality with respect to the data supplied by taxpayers and as the powers established in article 32 of the SAT Internal Regulations, to the General Taxpayer Services Administration, which is responsible for providing advanced electronic signature services.
In this regard, we will be monitoring the Tax Miscellaneous for the year 2021 and see how it could affect the interests of our clients. If you have any questions or request more information, do not hesitate to contact us.
[1] https://www.eleconomista.com.mx/opinion/SAT-hacer-negocio-con-las-huellas-dactilares-de-los-contribuyentes-20200910-0047.html
*This article is authored by Gustavo Miranda and Carlos Solano and it may reflect their personal opinions independently from the law firm they work for. Shall you intend to apply any of the debated interpretations within the article, we highly recommend to formally consult Jáuregui y Del Valle, S.C. or any other qualified advisor.
© 2020, Jáuregui y Del Valle, S.C.(JDV), All rights reserved. This information belongs to JDV and external distribution should be authorized. Printing and sharing are allowed.
