A new precedent from Mexico’s Supreme Court strengthens COFECE’s ability to access emails, chats, and internal platforms in antitrust investigations. The message to companies is clear: compliance can’t wait.
Indeed, a recent ruling by the Supreme Court of Justice of the Nation (SCJN) may redefine the playing field for cartel enforcement in Mexico. In deciding Bank of America México v. COFECE, the country’s highest court held that messages and documents generated by employees using corporate tools—such as institutional email accounts or internal messaging apps—are not protected as private communications under Article 16 of the Mexican Constitution.
In the jurisprudence published by the Court’s Second Chamber on May 16, the Justices concluded that because these communications are tied to the company’s business purpose, they must be considered confidential information, but not private. As a result, the competition authority may access them without a judicial warrant. This decision comes at a pivotal moment. A legislative proposal currently under discussion in Congress aims not only to create a new antitrust regulator, the National Antitrust Commission (CNA in Spanish), but also to introduce a standalone infringement for the exchange of strategic information between competitors, even where there is no explicit agreement or coordination.
Although the reform has not yet been enacted, the Court’s reasoning significantly strengthens the enforcement toolkit available to COFECE—and soon, to the CNA. From now on, the authority will face no constitutional hurdles in collecting internal messages containing references to pricing, discounts, commercial policies, or expansion plans.
Our analysis suggests that this could lead to a greater willingness by the Commission to initiate enforcement proceedings based on internal documentary evidence, even at early stages of contact between competitors.
This is undoubtedly a wake-up call for corporate compliance programs. Beyond its legal implications, the Court’s ruling sends a strong signal to the private sector. Companies should step up their efforts to review communication protocols, update their compliance systems, and train their teams accordingly. In this new landscape, even a casual conversation on an internal channel could become a key piece of evidence.
If the new infringement on information exchange is enacted, the line between compliance and violation will no longer hinge solely on the existence of a formal agreement. The mere act of exchanging sensitive information may be enough to trigger regulatory action, and reliance on privacy-based defenses will no longer hold up.
As one antitrust lawyer put it, “What used to be a grey area is now under the spotlight.”
