Answer ... (a) Internet (e-commerce)

Internet (e-commerce) falls under regulatory remit of the Gibraltar Regulatory Authority (“GRA”), which acts as the national supervisory and regulatory authority for telecommunications (including in data protection) in accordance with EU law.

(b) Mobile (m-commerce)

Mobile (m-commerce) similarly falls within the GRA’s regulatory scope (see 3.1(a)).

(c) Big data (mining)

Although there are no specific regulatory frameworks governing big data in Gibraltar, data mining may fall within the scope of the EU General Data Protection Regulation (2016/679) (the “GDPR”) if data is processed, due to the processing of data being governed by the GDPR. The Data Protection Commissioner (which is the statutory body responsible for the enforcement of data protection laws including the GDPR) is the GRA.

(d) Cloud computing –

Depending on the proposed activity, cloud computing may fall under Gibraltar’s Communications Act 2006; if this is the case, as in questions 3.1(a) and 3.1(b) the activity will fall within the regulatory remit of the GRA.

(e) Artificial intelligence

There are no specific regulatory frameworks governing artificial intelligence in Gibraltar.

(f) Distributed ledger technology (Blockchain, cryptocurrencies)

See question 1.2.