Monaco: New law on the protection of personal data

Monaco: New law on the protection of personal data

The adoption of Bill No. 1.054 on the protection of personal data will bring a number of changes. Find out what they are.

On 28 November 2024, during a legislative session, the members of the National Executive had the opportunity to vote on the Monegasque Bill n°1.054 on the protection of personal data.

The unanimous adoption of draft law no. 1.054 repeals the Monegasque law on the protection of personal data currently in force, namely law no. 1.165 of 23 December 1993.

The new law comprises 118 articles that apply to both the private and public sectors.

Objective of the new law: to align with RGPD standards

The objective is to guarantee Monaco a high level of personal data protection, equivalent to European standards. By bringing the Principality into line with the requirements of the European standards defined by the General Data Protection Regulation (GDPR), it would be possible for the European Commission to reassess Monaco and grant it an adequate level of protection in the coming months.

Major changes :

The adoption of Bill 1.054 on the protection of personal data has brought about a number of changes. The new law strengthens the obligations of data controllers and processors, while streamlining the formalities that previously had to be carried out with the Monegasque supervisory authority.

A new field of application :

Better protection for people in Monaco :

Law no. 1.054 introduces new rights for the people concerned:

Of course, the data subject retains his or her pre-existing rights under Law no. 1.165, namely the right of access and the right to object.

More stringent obligations for data controllers and processors:

A new supervisory authority :

The “Autorité de Protection des Données Personnelles” (APDP) is the successor to the Commission de Contrôle des Informations Nominatives (CCIN).

Role of the new authority

The APDP is a new authority with powers of investigation, control and sanction:

Stronger penalties for non-compliance:

With regard to penalties for failure to comply with the legislation, Law no. 1.054 provides for heavy administrative fines, as already provided for under the RGPD at European level, and the select committee may decide to make the penalties imposed public.

An ACTIS meeting to find out more:

On 18 December, ACTIS experts will be holding a videoconference to explain and discuss the new law. Register now, free of charge at : event.groupetelis@telis.mc