Law: There is no general personal data protection law.

Regulator: There is no general data protection authority.

Summary: While the Republic of Marshall Islands does not have a general personal data protection law, nor a general data protection authority, nor any legislation governing cybersecurity, Section 13 of the Constitution of the Republic of Marshall Islands states that all persons shall be free from unreasonable interference in personal choices that do not injure others and from unreasonable intrusions into their privacy. In addition, the Criminal Code 2011 includes a provision on violations of privacy (§250.12. of the Criminal Code 2011) which covers unlawful eavesdropping or surveillance and breach of privacy of messages and frames such conducts as misdemeanors.

Moreover, various pieces of legislation in the financial sector address the protection of personal information. In particular, the Banking Act 1987 [17MIRC Ch.1] refers broadly to 'information,' the Income Tax Act 1989 [48MIRC Ch.1] provides for the secrecy of all information concerning individual taxpayers, in relation to the Secretary of Finance and every employee of the Department of Finance, and the Anti-Money Laundering Regulations, 2002 includes provisions governing customer information.

Furthermore, the Marshall Islands has participated in international discussions related to cybersecurity and is a member of the Pacific Cyber Security Operational Network which aims to strengthen cybersecurity across the Pacific.