Cybersecurity regulation in Honduras (2026)

Liberal Party Deputy José Sabillón filed a draft 'Ley Base del Sistema Nacional de Ciberseguridad' to create a comprehensive framework for combating extortion, hacking, criminal use of devices, and unregulated import of specialized equipment — arguing that heavier prison sentences alone are insufficient without a preventive, technical legal foundation.

Honduras's Institute of Access to Public Information (IAIP), with technical support from the International Development Law Organization (IDLO), formally presented a revised draft Personal Data Protection Law to congressional deputies — Honduras still has no enacted data-protection statute, leaving a major cybersecurity gap.

The Castro administration's Dirección de Gestión por Resultados (DIGER) adopted a ten-programme digital-transformation plan backed by a $49 million IDB investment; one programme is explicitly dedicated to cybersecurity, monitoring, and data protection, committing to enact new cybersecurity and data-protection laws by 2026.

With President Xiomara Castro's inauguration in January 2022, the 'Ley de Estrategia de Ciberseguridad Nacional' — which had cleared two of three required congressional debates — was effectively shelved, leaving Honduras without a standalone cybersecurity statute and without an operational national strategy.

The 'Ley de Estrategia de Ciberseguridad Nacional de Prevención de Campañas de Odio y Discriminación en Redes Sociales' passed its second of three required debates, proposing a 19-institution interinstitutional cybersecurity committee; critics said the hate-speech provisions went far beyond the bill's original security purpose.

The UN Human Rights Office in Honduras (OACNUDH), Artículo 19, and other press-freedom and human-rights groups published a joint declaration condemning the cybersecurity bill, warning that its broad online-speech provisions amounted to prior censorship and imposed disproportionate obligations on website operators, chilling freedom of expression.

Honduras's revised Penal Code took full effect, activating Title XXII ('Security of Networks and Computer Systems') as the country's operative cybercrime framework; it criminalises unauthorised system access, data interference, computer fraud, phishing, identity theft, online child sexual abuse material, grooming and sexting, with sentences of six months to eight years.

The new Penal Code — incorporating roughly 50 new categories of criminal offences including a comprehensive cybercrime title — was officially gazetted by the Tribunal Superior de Cuentas, starting the transition clock to its June 2020 effective date.

Honduras's national Computer Emergency Response Center (CERT-HN), housed within CONATEL and built with Israeli technical experts, became operational, providing threat monitoring, vulnerability analysis, cyber-incident alerts, and cooperation with international peer CERTs — one of the first formal cybersecurity institutions in Central America.

Honduras and Israel signed a landmark $209 million bilateral defense cooperation agreement — the largest in Honduras's history — with approximately $50 million earmarked for cybersecurity: a national risk assessment, an advanced cyber-monitoring and defence centre, information-sharing infrastructure, training programmes, and the construction of CERT-HN, facilitated by Israel's SIBAT defence cooperation directorate.

Honduras enacted foundational legislation governing interception of telecommunications (formalised as Decreto 243-2011), establishing judicial-warrant requirements for lawful intercept of electronic communications; this framework remains the baseline legal authority for state access to digital data and is directly relevant to any cybersecurity enforcement action.