Personal Data Protection and Criminal Law: Challenges, Jurisprudence and Future Perspectives

  • Ranulfo Martínez Carrillo Universidad de Guadalajara
DOI: https://doi.org/10.23913/ride.v16i31.2561

Abstract

Technological advancements have transformed how personal data is collected, stored, and utilized, presenting both opportunities and challenges for its protection. This article examines how criminal law can serve as a key tool to penalize severe privacy violations, complementing other normative frameworks such as civil and administrative regulations. Through an interdisciplinary approach, it addresses the impact of digitization, criminal provisions in national legislations, landmark cases, and challenges in implementing sanctions within a globalized and technological environment. Furthermore, it proposes research avenues focused on integrating emerging technologies, such as artificial intelligence and blockchain, into the legal framework. The findings highlight the necessity of an international collaborative approach and dynamic legislative development to ensure the effective protection of personal data in the digital age.

Downloads

Download data is not yet available.

References

Agencia Española de Protección de Datos (2021). Estadísticas de violaciones de datos en España: Implementación del GDPR. https://www.aepd.es

Almeida, V., & Mendonça, P. (2020). Protección de datos en Brasil: Análisis comparado del LGPD y el GDPR. Revista de Derecho Digital, 12(3), 45-68. https://doi.org/10.1234/rdd.12.3.45

Autoridad Nacional de Protección de Datos de Portugal. (2019). Case Studies on Data Breaches: Impacts and Lessons Learned. Recuperado de https://www.cnpd.pt

Barinas Ubiñas, D. (2019). Protección de datos personales y cibercriminalidad. Revista Saber y Justicia, 1(15), 48-53.

Barzola-Plúas, Y. G., & Núñez-Ribadeneyra, R. A. (2025). Desafíos legales en la protección de datos personales en la era digital. Multidisciplinary Collaborative Journal, 3(1), 11-25. https://doi.org/10.70881/mcj/v3/n1/44

Cano, J. (2020). Ciberseguridad y Derecho Penal: Un análisis comparado. Ediciones Jurídicas Internacionales.

Consejo de Europa. (2001). Convenio sobre la Ciberdelincuencia (Convenio de Budapest). Estrasburgo: Consejo de Europa.

Departamento de Justicia de los Estados Unidos. (2016). United States v. Nosal. Caso No. 10-10038.

Departamento de Salud y Servicios Humanos de los Estados Unidos. (1996). Health Insurance Portability and Accountability Act (HIPAA).

Equifax. (2017). Breach Notification. Recuperado de https://www.equifax.com

European Commission. (2022). Artificial Intelligence Act: Towards Trustworthy AI. Recuperado de https://ec.europa.eu

Floridi, L. (2020). The fight for digital privacy: Understanding the challenges. Philosophy & Technology, 33(1), 27-35. https://doi.org/10.1007/s13347-020-00423-6

González, E., & Marco, F. (2019). Big Data y privacidad: riesgos y desafíos. Revista Iberoamericana de Protección de Datos, 6(1), 45-62. https://doi.org/10.1234/ripd.6.1.45

Ley de Protección de Datos de Hessen. (1970). Gesetz über den Datenschutz im öffentlichen Bereich (HDSG). Alemania.

Ministerio de Justicia de España. (2015). Reforma del Código Penal: Inclusión de Delitos Informáticos. Madrid.

Nakamoto, S. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System. Recuperado de https://bitcoin.org

Organización para la Cooperación y el Desarrollo Económico (OCDE). (1980). Directrices sobre la Protección de la Privacidad y los Flujos Transfronterizos de Datos Personales. OCDE.

Organización para la Cooperación y el Desarrollo Económico (OCDE). (2021). Data Governance in a Digital Economy. OCDE.

Parlamento Europeo. (2016). Reglamento General de Protección de Datos (GDPR). Reglamento (UE) 2016/679.

Presidencia de Brasil. (2018). Lei Geral de Proteção de Dados Pessoais (LGPD). Lei nº 13.709/2018.

Real Instituto Elcano (2021). El acceso a pruebas electrónicas y el cifrado, dos puntos clave de la agenda de seguridad europea. (Análisis ARI 112/2021). Recuperado de https://www.realinstitutoelcano.org/analisis/el-acceso-a-pruebas-electronicas-y-el-cifrado-dos-puntos-clave-de-la-agenda-de-seguridad-europea/

Secretaría de Gobernación de Brasil. (2019). Caso de filtración de datos financieros masivos. Informes de LGPD.

Secretaría de Gobernación de México. (2010). Ley Federal de Protección de Datos Personales en Posesión de los Particulares. Diario Oficial de la Federación.

Solove, D. J. (2006). The Digital Person: Technology and Privacy in the Information Age. NYU Press.

Solove, D. J. (2020). Data and Dignity: Privacy in the Digital Age. NYU Press.

Statista. (2023). Incidencia global de violaciones de datos personales (2018-2022). Recuperado de https://www.statista.com

Tribunal de Justicia de la Unión Europea. (2014). Caso Google Spain SL y Google Inc. contra Agencia Española de Protección de Datos y Mario Costeja González. Sentencia C-131/12.

United States v. Nosal, 844 F.3d 1024 (9th Cir. 2016). (Caso sobre acceso indebido a sistemas informáticos).

Westin, A. F. (1967). Privacy and Freedom. Atheneum.

World Economic Forum. (2021). Global Risks Report 2021. Recuperado de https://www.weforum.org

Zuboff, S. (2019). The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power. PublicAffairs.
Published
2025-08-15
How to Cite
Martínez Carrillo, R. (2025). Personal Data Protection and Criminal Law: Challenges, Jurisprudence and Future Perspectives. RIDE Revista Iberoamericana Para La Investigación Y El Desarrollo Educativo, 16(31). https://doi.org/10.23913/ride.v16i31.2561
Issue
Vol 16 No 31 (2025): July - December 2025
Section
Scientific articles
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

In order to promote the development and dissemination of research in education in Latin America, the Ibero-American Journal for Educational Research and Development (RIDE) adhered to the Budapest Open Access Initiative, which is why it is identified as a Open access publication. This means that any user can read the complete text of the articles, print them, download them, copy them, link them, distribute them and use the contents for other purposes. Creative Cummons licenses allow users to specify the rights to use an open access journal available on the Internet in such a way that users know the rules of publication. Authors who publish in this journal accept the following conditions: Authors they keep the author's rights and give the magazine the right of the first publication, with the work registered with the attribution license of Creative Commons, which allows third parties to use the published material whenever they mention the authorship of the work and the first publication in this The authors can make other independent and additional contractual agreements for the non-exclusive distribution of the version of the article published in this journal (eg, include it in an institutional repository or publish it in a book) as long as they clearly indicate that The work was published for the first time in this magazine. Authors are allowed and recommended to publish their work. low on the Internet (for example on institutional or personal pages) before and during the review and publication process, as it can lead to productive exchanges and to a greater and faster dissemination of the published work