Further progress on digital security efforts
News posts
The Prince's Government has made the rapid development of the digital economy a top priority, calling for the introduction of strict security measures to maintain the trust of those involved and ensure that the system runs smoothly.
The Principality of Monaco attaches particular importance to the protection of personal data. To this end, it strives to modernise legislation and adapt it to European and international standards.
Cyber Security
To achieve a robust, secure and sustainable cyberspace in Monaco, the Monaco Cyber Security Agency has devised an action plan centred around five objectives:
- Defending the Principality's fundamental interests, ensuring the security of critical infrastructures and vital service providers
- Developing a cyber security strategy in line with the Principality's values, safeguarding companies and individuals online, and combating cybercrime
- Raising awareness, providing the necessary training in cyber security and encouraging responsible online behaviour
- Creating a competitive and secure digital environment with trusted products and services for the public, businesses and institutions
- To become a key player in developing a secure, stable and inclusive cyberspace in Europe as soon as the Principality has reached a sufficiently high level
As this strategy concerns everyone, the Government, businesses and individuals, full details have been made available on the Monaco Cyber Security Agency website
Protection of personal data
Monegasque legislation on protecting personal data
As a result of Act no. 1.565 of 3 December 2024 on protection of personal data, which replaced Act no. 1.165 of 23 December 1993 on protection of personal data, the Principality of Monaco has legislation that offers strong protection of personal data.
The act meets the highest European standards, including the General Data Protection Regulation ("GDPR"), the European "Police and Criminal Justice" Directive and the Council of Europe Convention 108. The aim is to ensure that the European Commission deems the act "adequate", thus facilitating data transfers with European Union countries.
Information sessions have been hosted by the Prince’s Government for Monegasque stakeholder representatives in the private and public sectors with the aim of raising awareness about the challenges and impact of GDPR in Monaco.
Documentation for these sessions can be downloaded at the links below:
General Data Protection Regulation (GDPR)
Although the Principality is a third country with respect to the European Union, public and private stakeholders in Monaco who act as data controllers or data processors may be affected by the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (known as the "GDPR"), in addition to the obligations under Act no. 1.565 of 3 December 2024, since the directive has extraterritorial effect.
Convention 108 of the Council of Europe
In 2008, the Principality of Monaco acceded to the Convention of 28 January 1981 for the Protection of Individuals with regard to Automatic Processing of Personal Data, CETS No. 108 of the Council of Europe, the only binding international legal instrument on data protection.
On 10 October 2018, Monaco also signed the amending protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, known as "Convention 108 +", which updated the Convention.
On 6 March 2025, the Principality of Monaco ratified the protocol, becoming the 33rd state to do so. This followed the adoption of Act no. 1.566 of 3 December 2024, which approved ratification of the amending protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data and the Act no. 1.565 of 3 December 2024 on protection of personal data.
The APDP at your service
The Personal Data Protection Authority (APDP), the successor organisation to the Data Protection Authority of Monaco (CCIN), is the Monegasque authority responsible for advising data controllers and data processors, providing information to data subjects, and monitoring and verifying that within the Principality, personal data is handled in accordance with the applicable legislation and regulations.
For more information and resources on the protection of personal data, please visite the APDP website.