Gibraltar Regulatory Authority
The GRA, established under the Gibraltar Regulatory Act 2000, is an independent statutory body. Our principal duty is to further the interests of citizens and consumers where appropriate, by promoting competition and encouraging innovation.
The GRA has a wide range of responsibilities across various sectors and sets and enforces regulatory rules in accordance with Gibraltar and EU legislation. Our remit includes to promote data privacy and uphold information rights, and regulate and enable competition in the electronic communications, broadcasting and postal sectors.
The Data Protection Act 2004 (the “DPA”) designates the GRA, as Information Commissioner, to be the supervisory authority in Gibraltar and is thereby the independent statutory body responsible for the enforcement of data protection law in Gibraltar. The DPA, alongside the General Data Protection Regulation, contains a set of principles that organisations including public bodies and businesses must adhere to, providing a comprehensive and modern framework for data protection in Gibraltar.
Under the Communications Act 2006, the GRA is responsible for regulating the electronic communications sector and is the national supervisory and regulatory authority for telecommunications in Gibraltar. It is tasked with developing effective choice of electronic communications services in Gibraltar for both business and residential customersby facilitating market entry through the issuing of general authorisations and licences. Its remit also includes, fixed-line telephony, internet access/broadband and mobile voice and data services.
The GRA is responsible for regulating media service providers under Gibraltar jurisdiction and carries out its duties under the Broadcasting Act 2012. These include granting and enforcing licences to radio and television broadcasters, investigating complaints about licensed broadcasters, dealing with regulatory matters relating to broadcasting standards, issuing codes of practice and guidance notes, encouraging the promotion of media literacy, publishing information, and providing advice to consumers and broadcasters.
The GRA is responsible for radiocommunications, satellite communications and international co-ordination and administering the regulatory provision of the satellite services industry. Under Part VI of the Communications Act 2006, the GRA is also responsible for the management and control of the electro-magnetic spectrum. Amongst its duties, it carries out regular site inspections of sites known to emit radio waves, with a view to ensuring they operate within recognised safety guidelines.
The GRA is responsible for the granting and enforcement of licences and general authorisations to postal service providers under the provisions of the Post Office Act.
The GRA’s statutory objective is to promote development, issue guidance and enhance competition within the local postal services sector, whilst securing the provision of a competitive universal postal service at an affordable price for all users in Gibraltar. The GRA is also responsible for monitoring the operational developments of the designated universal service provider and monitoring performance against established standards.
Higher Education - University of Gibraltar
The University of Gibraltar (Regulation and Accountability) Regulations 2018 designated the GRA as the Gibraltar Authority for Standards in Higher Education and the Gibraltar Higher Education Commission as provided for in the University of Gibraltar Act 2015. The responsibilities of the Gibraltar Authority for Standards in Higher Education is to establish and safeguard academic standards and provide quality assurance in respect of the university’s academic programmes. The functions of the Gibraltar Higher Education Commission is to monitor compliance with the University’s duties and obligations under the university regulations and to maintain its autonomy and academic freedom.
Cyber Security Compliance
Under the Civil Contingency Act 2007, the GRA is responsible for the security of network and information systems in respect of designated operators of essential services and of designated digital services. Additionally, the GRA is also the single point of contact for the security of network and information systems for Gibraltar. Its remit includes regulating, supervising and enforcing compliance; establishing a list of operators of essential services; investigating breaches; issuing guidance to operators of essential services or digital service providers; drawing up Codes of Practice; recording and reporting incident notifications; and conducting or organising inspections.