Cybersecurity · Suriname

Cybersecurity regulation in Suriname (2026)

ProposedNo comprehensive cybersecurity statute in force. Substantive cybercrime offences sit in the Criminal Code (Wetboek van Strafrecht) 2015; a Privacy/Personal Data Protection Bill is pending in the National Assembly and a national cybersecurity strategy is anticipated under the CARICOM action plan. Lead body: Centrale Inlichtingen- en Veiligheidsdienst (CIVD).Country index 45 · D

Suriname shaded by its cybersecurity status

Suriname has no comprehensive (NIS2-style) cybersecurity law or general breach-notification regime in force as of 2026. It has criminalised cyber-offences via its 2015 Criminal Code (which mirrors the substantive offences of the Budapest Convention, though Suriname is not a Party and its Criminal Procedure Code lacks the corresponding procedural powers), and a Personal Data Protection Bill plus a national cybersecurity strategy are in development but not yet enacted/adopted. Obligations on private entities (incident reporting, mandatory breach notification, critical-infrastructure security duties) are therefore largely absent today.

Key points

No comprehensive cyber law

There is no NIS2-style horizontal cybersecurity law or statutory critical-infrastructure protection regime in force; a more comprehensive national cybersecurity strategy is expected but has not been adopted.

source 1 ↗source 2 ↗

Cybercrime offences in Criminal Code 2015

Suriname's 2015 Criminal Code (Wetboek van Strafrecht) implements the substantive offences of the Budapest Convention (illegal access, interception, data/system interference, etc.), but the Criminal Procedure Code does not yet provide matching procedural/investigative powers.

source 1 ↗

Not a Party to the Budapest Convention

Despite substantive alignment, Suriname has not ratified or acceded to the Council of Europe Convention on Cybercrime (ETS 185).

source 1 ↗

Data protection / breach notification — proposed, not enacted

Suriname has no general personal-data-protection law in force; a Privacy and Personal Data Protection Bill remains under consideration in the National Assembly with no enactment timeline, so there is no horizontal statutory data-breach-notification duty yet.

source 1 ↗source 2 ↗

Institutional set-up

The Central Intelligence and Security Agency (CIVD) is responsible for cybersecurity, and a Cyber Crime Unit is being established within the national police; telecoms/ISP oversight sits with the Ministry of Transport, Communication and Tourism.

source 1 ↗source 2 ↗

Regional and strategy context

Suriname participates in the CARICOM Cyber Security and Cybercrime Action Plan (CCSCAP) and has a National Digital Strategy 2023-2030, but these are policy/coordination frameworks rather than binding cybersecurity obligations.

source 1 ↗source 2 ↗

Suriname - other topics

Crypto & Digital Assets Artificial Intelligence Data & Privacy Digital Payments & Fintech Digital Nomad & Residency Internet & Online Safety Starting a Business

Read in:Spanish French German Portuguese Hindi

Last verified 5/24/2026 · Orientation, not legal advice - verify against the primary sources linked above. Explore the full world map →