IT and communication law

The information technology law (IT law), a hybrid law at the crossroads of a multitude of more traditional rights, is a growing field in the Principality of Monaco. As a result, the risks of litigation directly or indirectly linked to these new technologies are increasing in volume and financial weight.

Because IT law touches on so many other areas of law (e-commerce law, digital law, Internet law, telecommunications law, personal data protection, labour law, financial law, company law, civil law, criminal law, employment law, administrative law, intellectual property law, etc.), it is made up of scattered rules, and the following inventory is therefore not exhaustive.

The Monegasque Digital Security Agency ("Agence Monégasque de Sécurité Numérique" AMSN) is the national authority responsible for the security of information systems: expertise, response and treatment in terms of security and digital attacks for the State and Vital Importance Operators (VIOs); drawing up and updating the national list of qualified trust service providers (QTSPs) and the qualified trust services they provide.

Law no. 1.578 of 1 July 2025 provides for changes to the digital legislation by drawing on European standards (in particular the eIDAS 2.0 (EU) Regulation):

• Law no. 1.383 of 2 August 2011 for a Digital Principality : trust services, electronic attestations of attributes; electronic contracts and transactions; liability of online technical service providers; exchanges of information between public sector bodies and with their users, including the communication of administrative documents; de-indexation of certain individual administrative acts by search engines;
• Law no. 1. 483 of 17 December 2019 on Digital Identity: digital identity portfolio;
• Civil Code: electronic format for private deeds relating to personal or real sureties of a civil or commercial nature).

Digital Principality: e-commerce, trust services, technical service providers, cryptology

Law no. 1.383 of 2 August 2011 for a Digital Principality, as amended (most recently by Law no. 1.482 of 17 December 2019, Law no. 1.528 of 7 July 2022, Law No. 1.578 of 1 July 2025), is the central text governing :

• e-commerce (rules applicable to contracts for the sale of goods or the provision of services to consumers by one or more distance communication techniques using electronic means, as well as to services consisting of the provision of online information, commercial communications and tools for searching, accessing and retrieving data, accessing a communication network or hosting information, including when they are not remunerated by those who receive them),
• trust services (electronic signatures, electronic stamps, digitisation and archiving, cloud and hosting, data intermediation....),
• liability of technical service providers (web hosts, access providers, online service platform operators: search engines, price comparators, marketplaces, classified ad sites, social networks, online consumer opinion providers....),
• cryptology.

There are also a large number of implementing regulations (sovereign ordinances and ministerial orders).

The Principality's digital services (smart city, e-administration, e-health, e-education, ....) are based on Monaco's Sovereign Cloud. This enables State data and data from private actors to be stored in the Principality, under Monegasque law. The Sovereign Cloud's twin (backup data centre or "recovery site") is hosted in the Grand Duchy of Luxembourg.

Another aspect of the Principality's digital development is the digital identity assigned to natural persons (nationals and holders of residence permits, persons registered in a public service register held for the application of a legislative or regulatory provision) and legal entities (registered in a public service register held for the application of a legislative or regulatory provision) (Law no. 1.483 of 17 December 2019 on digital identity amended by Law No. 1.578 of 1 July 2025 above mentioned).

Although Monaco does not currently have any legislation on artificial intelligence, Bill no. 1087 tabled on 19 December 2023 covers the use of AI systems for law enforcement purposes for remote biometric identification in areas accessible to the public, following the example of the European Union's AI Act, which is also likely to apply to Monegasque AI system suppliers and deployers due to its extraterritorial scope.

In addition, as with any processing of personal data, the collection and use of personal data for the development of artificial intelligence systems and the creation of learning databases are subject to compliance with the provisions of Law no. 1.565 of 3 December 2024 on personal data protection (legal basis, conditions for the re-use of personal data, minimisation of data used, retention period, etc.), with innovation having to be reconciled with respect for the rights of the persons concerned (information, management of the exercise of rights).

As a participant in the Summit for Action on Artificial Intelligence of Paris on 10 and 11 February 2025, Monaco is a signatory of the Declaration on Inclusive and Sustainable Artificial Intelligence for People and the Planet.

See also our publication > Council of Europe Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law

Blockchain technology has been legally recognised in the Principality of Monaco since Law no. 1.482 of 17 December 2019. The concept of "distributed ledger technology" covers the essential features of blockchain technology, while being broader and more neutral, which has the advantage of not limiting the application of dematerialisation to this technology alone in the future.

Smart contracts" ("protocole contractuel numérique") based on this technology are also defined by Monegasque law.

Furthermore, Blockchain technology has been legally recognised in the Principality of Monaco since the aforementioned Law No. 1.482. Indeed, it defines the notion of “digital recording device on a shared register” (dispositif d’enregistrement numérique sur un registre partagé) , which covers the essential features of Blockchain technology, while being broader and neutral, which has the advantage of not limiting the application of dematerialisation to this technology alone in the future.

In its extension, Law No. 1.491 of 23 June 2020 relating to « offres de jetons » (Security Token Offering – STO, and Initial Coin Offering – ICO) supplemented by Sovereign Order 8.258 of 18 September 2020, introduced a legal framework into Monegasque law for fundraising using blockchain technology.

Bill 1039 also envisages the use of this technology by public limited companies (keeping the register of transfers, registering registered shares issued, transcribing the transfer form) and limited liability companies (registering share distributions and the deed of transfer of shares). These two types of company could use "smart contracts" to execute the agreements that bind them.

Law no. 1.528 of 7 July 2022 requires prior authorisation from the Minister of State or the Commission de Contrôle des Activités Financières (CCAF), as the case may be, for the activities of service providers:

• digital assets (exchange of digital assets for other digital assets, operation of a digital asset trading platform, exchange of digital assets for legal tender) or
• crypto-assets (issuance of crypto-assets, custody or administration of crypto-assets or access to crypto-assets, where applicable in the form of private keys, with a view to holding, storing and transferring crypto-assets, operation of a platform for displaying buying and selling interests in crypto-assets, placement of crypto-assets, execution of orders in crypto-assets, reception and transmission of orders in crypto-assets, advice in crypto-assets).

The implementing regulations are awaiting publication.

Pursuant to Annex B (Banking and Financial Legislation) of the Monetary Agreement concluded on 29 November 2011 between the European Union and the Principality of Monaco (as last amended by Sovereign Order No. 11.278 of 18 June 2025), Monaco must implement Regulation (EU) 2023/114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937 (MiCA). Deadline: 31 December 2026.

This Regulation establishes uniform rules for issuers of crypto-assets that have so far not been regulated by other EU financial services acts and crypto-asset service provider:

• transparency and disclosure requirements for the issuing, the offering to the public and the admission of crypto-assets to a trading platform;
• authorisation and supervision of crypto-asset service providers and issuers of asset-referenced and electronic money (e-money) tokens;
• operation, organisation and governance of the issuers and crypto-asset service providers; protection for holders of crypto-assets and clients of service providers;
• measures to prevent insider dealing, unlawful disclosure of inside information and market manipulation.

At the same time, Law no. 1.528 of 7 July 2022 introduced into Monegasque law the concepts of:

• "metaverse" ("persistent and synchronous platform creating one or more immersive virtual universes offering online products and services to several users simultaneously in the form of avatars, who can move around and interact socially and economically"),
• "avatar" ("digital form chosen by the user to represent him graphically in a metaverse"),
• "non-fungible token" or "NFT" ("unique and non-interchangeable token representing in digital format a right attached to an asset").

The supply and use of a metaverse including a representation of the Principality or allowing the identification of any elements of its national heritage is subject to prior administrative authorisation. The regulatory text setting out the conditions is awaiting publication.

Monaco is hosting the MEWS (Metaverse Entertainment World Summit), supported by the Monegasque authorities.

Law no. 1.435 on the fight against technological crime transposed the provisions of the Council of Europe Convention on Cybercrime of 23 November 2001, to which Monaco is a party.

The Principality is involved in cybersecurity dynamic, in line with European Union measures to ensure the continuity of essential services in key sectors in the event of incidents.

Ministerial Order no. 2018-1053 of 8 November 2018 implementing article 27 of Law no. 1.435 of 8 November 2016 on the fight against technological crime is thus being gradually updated. By Ministerial Order No. 2023-556 of 21 September 2023, to strengthen the cybersecurity regime applicable to Operators of Vital Importance (OIVs) in Monaco in order to protect their information systems (SIIVs): to introduce definitions (incident, cyberthreat. .), to adjust the system for notifying security incidents to the Monegasque Digital Security Agency ("Agence Monégasque de Sécurité Numérique" AMSN) and, where applicable, to the Directorate of Public Safety ("Direction de la Sûreté publique"), and to inform the recipients of a major cyber threat, by the Principality's operators of vital importance (OIV), etc. By Ministerial Order No. 2025-533 of 3 October 2025 to further strengthen the cybersecurity regime applicable to Operators of Vital Importance (OVIs) in Monaco to protect their information systems (SIIVs).

The Principality's requirements framework for the qualification of cloud computing and hosting providers (PINH) is aligned with the SecNumCloud version 3.2 requirements framework of the French ANSSI (8 March 2022), which incorporates protection criteria with regard to non-European law (e.g. Cloud Act, FISA 702).

The Assises de la Cybersécurité is a not-to-be-missed annual event in the Principality.

Since November 2024, the French Public Interest Group Action Against Cybermalveillance (GIP ACYMA) and the Monegasque Digital Security Agency (AMSN) have been linked by a cooperation programme focusing on awareness-raising, prevention and assistance to victims of cybermalicious acts for individuals and businesses (provision of software developments and expertise to Monaco, ExpertCyber certification framework developed with AFNOR and adapted to Monegasque law). The Cybermalveillance.gouv.mc website is the Principality of Monaco's official mechanism for combating digital threats. The Principality of Monaco's Cybermalveillance subcommittee, created in July 2025, is the strategic body that oversees the mechanism.

Pursuant to Annex A (European Union legislation applicable to the activity and supervision of credit institutions and the prevention of systemic risks in payment systems and securities settlement and delivery systems) of the Monetary Agreement concluded on 29 November 2011 between the European Union and the Principality of Monaco (as last amended by Sovereign Order No. 11.278 of 18 June 2025), Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No. 648/2012, (EU) No. 600/2014, (EU) No. 909/2014 and (EU) 2016/1011 (DORA) is applicable in Monaco.

This Regulation establishes uniform rules on the security of networks and information systems of entities in the financial sector to withstand, respond to and recover from any disruption or threat involving information and communication technologies (ICT): IT risk management; incident reporting; resilience testing; third-party risk management carried out by IT service providers. All DORA provisions are applicable to Monegasque financial institutions.

Law no. 1.482 of 17 December 2019 amending Law no. 1.383 of 2 August 2011 for a digital Principality created a fee for the allocation or renewal of ".mc" domain names.

The Network Internet Center (NIC Monaco) acts as the top-level registry for the Internet domain name addressing system corresponding to the Monegasque naming space and allocates domain names via the Registrars. See our publication domain names ":.mc" Naming Charter defining the rules for allocation, registration, management and maintenance (Ministerial Order no. 2022-38 of 21 January 2022)

The NIC Monaco draws up the naming charter for the Monegasque ".mc" namespace, draws up the registration contracts defining the contractual relationship between the Registrar and the Registrars, manages the Monegasque ".mc" Internet domains, operates and maintains the DNS (Domain Name System) technical infrastructure enabling a domain name to be translated into an IP address and provides access to these domain names from the Internet.