COMOROS
DATA PROTECTION FACTSHEET
-
Population: 869,595
Capital: Moroni
President: Azali Assoumani
2021 Freedom House Score: 42/100
Data protection law? No, with no data protection authority yet appointed
-
Privacy enshrined in Constitution: Yes, the right to privacy is protected under Article 27 of the Constitution, which protects the confidentiality of correspondence and telecommunications, as well as protects individual computer data.
DPA legislation: Comoros currently has no comprehensive data protection legislation.
-
ICCPR: Signed
Council of Europe Convention 108: No
Council of Europe Convention 185: No
Malabo Convention: Signed
ECOWAS Supplementary Act on Personal Data Protection: No
Council of Europe Additional Protocol to Convention 108 (Treaty No. 181): No
-
Applies to natural persons: No law
Applies to juristic persons: No law
Applies to public entities: No law
Domestic/personal purposes exclusion: No law
National security exclusion: No law
Law enforcement exclusion: No law
Cabinet or Executive Council exclusion: No law
Judicial functions exclusion: No law
Journalistic, literary or artistic purposes exclusion: No law
Temporary copies exclusion: No law
Other exclusion(s): No law
Broad or vague exclusions: No law
Applies to foreign entities: No law
Excludes foreign entities that only transit personal data through the country: No law
-
Personal data is not defined under Comorian law.
-
There are currently no requirements for collection and processing.
-
Notification that data is being processed: No law
Notification to DPA in event of data breach: No law
Notification to data subject in event of data breach: No law
Timeframe for notification is specified: No law
Exceptions exist to breach notifications: No law
Requires a data processing register: No law
Register is publicly available: No law
Provides for terms of service icons: No law
DPA must submit at least annual report: No law
DPA report is made public: No law
-
Explicit provision for civil liability: No law
Established/designates a Data Protection Authority: No law
DPA is empowered to investigate: No law
DPA is empowered to subpoena or request evidence: No law
Law provides for criminal penalties: No law
Law provides for administrative penalties: No law
DPA is independently structured (does not exist within or receive instructions from another public body): No law
DPA receives funding directly from the state budget/legislative body: No law
DPA may receive some forms of external funding/own revenue: No law
Adequate protections against undue removal: No law
Number of members in DPA: No law
Maximum term length for members of the DPA (years): No law
-
Right of data subject to access a copy of their personal data: No law
Right of data subject to request a correction of data: No law
Right of data subject to request deletion of data: No law
Justification required for a request for deletion: No law
Defines the requirements for consent: No law
DPA is mandated to participate in policy formulation: No law
-
There are no laws restricting cross-border transfer.
-
Provides a right not to be subject to automated decision-making: No law
Page last updated: 24 May 2022
