Data protection & privacy laws in Haiti (2026)

Haiti lacks a standalone GDPR-style data-protection statute. DLA Piper's Data Protection Laws of the World confirms no comprehensive data-protection regime is currently in place and that no dedicated supervisory authority has been established.

The new Haitian Penal Code (adopted 2020, implementation deferred; transitional council adoption confirmed June 2025) includes Articles 437–442 on secrecy of communications and Articles 981–984 creating criminal offences for unlawful automated personal-data processing, failure to inform data subjects, and failure to rectify or delete inaccurate data.

An Arrêté fixing general rules on the protection of personal data ('Arrêté fixant les règles relatives à la protection des données à caractère personnel') was published in the official gazette Le Moniteur No. 87 on 15 May 2018, providing executive-level baseline data rules predating any enacted legislative framework.

The OMRH (Office of Human Resources Management, part of the Haitian government) published a draft 'Loi sur la protection des données personnelles'. Separately, the government's communication portal circulated a bill combining a national identity card scheme with personal-data protections, signalling legislative intent without enacted law.

Haiti has established no independent data-protection authority. Enforcement of the limited existing rules must rely on the general prosecutorial apparatus under the Penal Code; there is no regulator to whom data subjects can file complaints or that can conduct investigations.

UNCTAD's Global Cyberlaw Tracker monitors data-protection legislation status across 195 countries. The Haiti country page reflects the absence of comprehensive enacted data-protection legislation, consistent with the fragmented legal landscape described here.