The Social Security Data Governance Challenge in Mexico

The Social Security Data Governance Challenge in Mexico

Mexico has a long history with social security; the country’s first social security law was enacted in 1943. Today, the social security system is fragmented into several institutions that coexist with each other, but do not operate in an integrated manner. A huge gap exists between lawyers, policymakers, and implementers who should be working together closely to design practical, efficient, and actionable policies.

Proper federal governance of social security data in Mexico has been challenging given that Mexican states run their social security schemes independently. Additionally, only 31% of people older than 65 years have a pension or retirement income. To further complicate the picture, no system exists to allow data exchanges between institutions from different Mexican states. As a result, the federal government can neither offer simplified mobility nor provide wide benefits and pensions to the population.

The National Organization of State Institutions of the Social Security in Mexico (ONIESS) was created in September 2017 to facilitate the exchange of information and best practices between the 22 state pension institutes across the country. The creation of this organization is a crucial step toward designing a secure, integrated, inclusive and efficient federal social security scheme that will simplify pension system operation, bring mobility and provide wide benefits to Mexico’s population. There remains, however, substantial work to be done to further improve social security policies in Mexico in order to build a secure, integrated, inclusive, and efficient federal social security scheme.

Transparency, Access to Information and Personal Data Protection

The Mexican Constitution recognizes the protection of data as a fundamental right. Article 16 of the Constitution underlines that every individual has the right to the protection of their personal data and the right to access, rectify, oppose, and cancel personal data under the terms specified by the federal laws. In 2015, the National Institute for Transparency, Access to Information and Personal Data Protection (INAI) was launched. This autonomous organization is primarily responsible for guaranteeing the right of access to public government information, protecting personal data that is in the hands of both the federal government and individuals, and resolving refusals of access to information that federal government entities have formulated.

One of INAI’s most important accomplishments is its sponsorship of many important laws including:

  • The General Transparency and Access to Public Information Law, which regulates the obligations of federal government organizations and their public servants in relation to the administration and treatment of information relating to the private life of individuals;

  • The General Personal Data Protection Law, which governs how companies and individuals collect, use, store, protect, and manage personal data internally, as well as with whom and how they share such information;

  • The Mexican Open Government Initiative, which focuses on 3 commitments related to forced disappearances, citizen participation in anti-corruption mechanisms, and climate change information dissemination;

  • The National Transparency Platform, which allows for the uniform right of access to information across Mexico.

INAI struggles with enforcement on both the federal and state levels in day-to-day activities. While federal laws establish principles and procedures, and encourage the use of open standards to strengthen transparency and interoperability, no policies exist to support technical implementation. During an official workshop in April 2018 convened to discuss and design the ONIESS web platform, public technical officers expected to receive greater support for the development and maintenance of a national interoperable system with official technical recommendations. However, no policy providing such assistance exists, resulting in ONIESS’s incapacity to fully develop an interoperable platform.

Similar issues confront the Open Government Partnership, a multilateral initiative that aims to make governments more inclusive, responsive, and accountable. Mexico has been part of this partnership since 2011. The latest mid-term review for the 2016-2018 period underlines that no clear connections exist between objectives and actions in this partnership because the action-plan does not define appropriate methodologies.

The National Transparency Platform’s development cost was around $850,000, with $400,000 granted by the World Bank. One of the biggest challenges in the platform’s establishment was to undertake the complex interconnection of more than 8,000 obligated parties. Several insufficiencies were observed in infrastructure and digital equipment because implementation objectives were not well defined throughout the process.

Thus, Mexico has general laws concerning transparency, access to information, and personal data protection, but no federal or sectorial policies to support their enforcement. It is not sufficient to write laws without defining clear technical solutions or shaping methodologies for implementation. Heads of relevant institutions and ministers should work on internal policies, in line with federal laws, to straighten data governance, communication, and transparency in their institutions. 

Some countries, like Mauritius, are doing well in developing technical policies that fall in line with national laws. To avoid misunderstandings between government bodies, technical policies should clearly define applicable standards, including what data is to be collected.

 

Improving Identification and Building a Federal Social Security Scheme

The creation of ONIESS is a good start for improving social security services at the federal level. A national social security registry should be developed and could be based on an existing foundational registry for identification purposes – the Single Code of Population Registration (CURP). Indeed, a robust identification mechanism is the core of a secure, integrated, inclusive, and efficient social security scheme.

The CURP is a foundational registry created in 1996 following a presidential agreement for the adoption and use of a unique identification number for federal services. This agreement provides a CURP number to everyone living in Mexico (citizens and residents) and to Mexicans living abroad. Currently, the CURP is essential for tax filings and record-keeping for companies, schools, membership in government-run health services, passport applications, and other government services. The CURP is the most widely used identification number in Mexico, despite the fact that it is not randomized (providing the possibility to obtain information about the user with the number only) and that biometric data was not collected prior to 2008. 

Thus, to offer simplified mobility and provide wide benefits and pensions to the population, ONIESS – with the support of INAI – could either build a federal registry based on the CURP or create its own robust, unique, and verifiable registry collecting only minimal personal data for identification. This registry should be linked with various state institute registries in order to centralize social security data and provide a national and secure social security scheme. This would require the definition and adoption of best practices, methodologies, and standards by all stakeholders. This registry should also provide new services such as accepting external beneficiaries, partnering with new social security institutes, and centralizing beneficiaries’ work history. In line with INAI’s recommendations, a clear implementing policy supporting the legal, technical, and governance aspects of a federal social security scheme must be adopted to create the right registry and guarantee the population well-being through ONIESS’ actions.

  

Olivier Alais is currently Project Director – Cybersecurity & Internet Governance for Counterpart International. Prior this position, Olivier authored the “Applying a Public-Private Partnership approach to Digital ID in Somalia” report for the World Bank, designed technical specifications for the creation of a federal social security digital platform in Mexico for ONIESS, drafted the open source policy in Mauritius, and developed a micro insurance health program in Thailand. Olivier was also a Fellow at the Berkman Klein Center for Internet & Society at Harvard University to explore the social impacts of Open Data and Open Source. He holds a bachelor’s degree in computer science from the University of Paris and a joint engineering degree in information system from the University of Technology of Troyes, Compiègne and McGill University.