On June 4, 2026, the Ley para Garantizar los Derechos de Niñas, Niños y Adolescentes en Entornos Digitales — popularly the "Ley Pantallas Seguras" — was published in Jalisco's Periódico Oficial, making the state the first in Mexico to legislate a youth social-media restriction. Approved by the Congreso de Jalisco on May 14, the law prohibits social-media use by children under 14 except for educational purposes, mandates content filters in schools and public internet points, creates a Consejo Estatal de Protección chaired by the governor, and authorizes fines of up to 1,000 UMA — roughly 117,000 pesos (about US$6,300) at the 2026 daily UMA value — against non-compliant establishments.
Jalisco moved deliberately ahead of the federal calendar. Education Secretary Mario Delgado has said the federal government will present its own youth social-media proposals in June 2026 after a public consultation, and has openly admired the Australian model that barred under-16s in December 2025. By legislating first, Jalisco has set a state-level template — and exposed the design problems any Mexican framework will have to confront.
The case the regulators are making
The strongest argument for the law is not hard to state. Sponsoring deputy Adriana Medina Ortiz noted that 92.4% of Jalisco adolescents aged 12 to 17 are already heavy internet users, and the statute frames itself as a response to grooming, fraud, cyberbullying, and deepfakes — real harms that fall disproportionately on minors. Mexican states have clear constitutional authority over child protection, and a cross-sectoral council coordinating education, health, and technology agencies is a reasonable governance instrument. If the alternative is leaving 12-year-olds alone with recommendation algorithms optimized for engagement, doing nothing is not obviously the safer choice. That is a serious position, and it deserves to be met on the merits rather than dismissed.
Where proportionality breaks down
The difficulty is mechanical. A ban on under-14 access is only as good as the age-verification system that enforces it, and the law does not specify one. This is the same fault line that has dogged comparable efforts abroad. The Electronic Frontier Foundation has repeatedly warned that age-gating regimes — including California's — force platforms toward intrusive identity checks that sweep in adults, normalize document collection, and create honeypots of sensitive data. A statute that mandates an outcome without a privacy-protective method for achieving it tends to produce exactly that result.
The enforcement architecture compounds the problem. Because a Mexican state cannot bind Meta, ByteDance, or Google directly, Jalisco's penalties land on the actors it can reach: schools, public internet points, and commercial establishments, which face warnings, fines from 10 to 1,000 UMA, suspension, or license revocation under the Congreso's own description. The platforms that actually design the products escape the sanction regime entirely. The practical effect is to push liability onto neighborhood cybercafés and the parents the law also tasks with installing parental controls — while the multinational services continue operating as before. That is a regressive distribution of compliance cost, and it is unlikely to change the behavior of the firms whose design choices drive the harms.
A patchwork in the making
Jalisco is not acting alone. Legislators in Mexico City, the State of México, and Nuevo León have floated their own minors' restrictions, with proposed thresholds ranging from under-14 to under-16, and at least one Nuevo León initiative would condition access on "verifiable parental authorization." If each state legislates a different age and a different enforcement mechanism before the federal proposal arrives, platforms and the businesses that host connectivity will face a fragmented map of obligations within a single country — the worst environment for both compliance and innovation. A national framework that preempts this divergence, sets one evidence-based standard, and places duties on the platforms rather than on cybercafés would be markedly more coherent than 32 overlapping state regimes.
What proportionate would look like
None of this requires abandoning child safety as a goal. A better-calibrated approach would target the mechanisms that produce harm rather than access itself: enforceable transparency on recommender systems, default high-privacy settings for known-minor accounts, friction on features engineered for compulsive use, and real penalties on the platforms that ignore them. Device-level and operating-system parental controls — which Jalisco's text rightly encourages — can deliver much of the protective benefit without a state-run identity layer. The law's softer provisions, including pedagogical protocols for guided navigation and digital-literacy programs for parents, are its strongest features precisely because they build capacity instead of merely restricting access.
Jalisco's instinct — that children deserve protection in digital spaces — is sound, and the consensus behind the bill across all parliamentary parties reflects genuine public concern. But protection that hinges on an unspecified age gate, and that fines the corner internet café while leaving the platform untouched, is more likely to generate privacy risk and uneven enforcement than measurable safety gains. As Mexico's federal proposals take shape this month, the lesson from Jalisco is to regulate the product design that creates the risk — not the access point closest to hand.