What is AI regulation in Honduras?
AI regulation: countries and regions
Honduras has no dedicated artificial intelligence law, bill or AI regulator as of June 2026. AI is governed indirectly through general rules: constitutional privacy and habeas data protections, the 2006 Transparency and Access to Public Information Law, the telecoms regulator CONATEL, and a national digital government plan. A standalone personal data protection statute remains a draft. Regionally, Honduras participates in a non-binding SICA charter of AI ethics principles.
Reviewed by Jackie, Head of Learning & Development, Levellers · Last reviewed 8 June 2026
What this means
Honduras does not yet have a specific law that defines, classifies or polices artificial intelligence. An academic study published in the University of Honduras law review states plainly that the country has no law or regulation that develops provisions governing AI systems. There is no AI act, no AI bill before Congress, and no agency assigned to supervise AI.
What exists instead is a patchwork of general rules that apply to AI by extension. The Constitution protects honour, privacy and the secrecy of communications, and recognises habeas data (the right to access and correct your personal information). The 2006 Transparency and Access to Public Information Law sets some duties around confidential personal data held by public bodies, overseen by the Institute for Access to Public Information (IAIP). The telecoms regulator, CONATEL, governs networks and spectrum. A digital government plan steers public sector modernisation.
Crucially, Honduras still lacks a comprehensive personal data protection statute. A draft Law on Personal Data Protection and Habeas Data Action, prepared by the IAIP, has been pending in Congress since 2018 and has not passed. This matters because data protection is the legal backbone most other countries use to regulate AI; its absence leaves a significant gap.
Why it matters
For any organisation deploying or buying AI in Honduras, the practical reality is that there is no AI-specific compliance regime to satisfy, but also no clear statutory safe harbour. You cannot point to a national AI law that authorises or constrains a given use; you must instead reason from general principles: constitutional privacy rights, sector rules (especially banking and telecoms), consumer protection, and contract. The United States International Trade Administration puts the practical effect bluntly, noting that this regulatory ambiguity challenges companies looking to develop or deploy AI technologies within the country. Because there is no comprehensive data protection authority with enforcement teeth, the duties that elsewhere shape AI governance (lawful basis for processing, transparency to data subjects, rights to access and rectify, security obligations) are thin and unevenly enforced. That is a risk in both directions: organisations face uncertainty about what is permitted, and individuals have weaker remedies if automated systems harm them. International data flows are also affected, since Honduras lacks an adequacy-style framework, and counterparties in stricter jurisdictions may demand contractual safeguards.
How it works
No dedicated AI statute or regulator
There is no AI law in force in Honduras and no public AI bill in Congress as of June 2026. No institution holds a mandate to license, audit or sanction AI systems as such. The United States International Trade Administration country guide states verbatim that "Artificial Intelligence (AI) is still in its early stages in Honduras, and no specific regulatory framework governs its use." Governance therefore happens through general law and sector rules rather than a purpose-built regime.
Constitutional and habeas data foundations
Article 76 of the Constitution guarantees protection of honour, personal and family privacy and one's own image. Article 100 protects the inviolability and secrecy of communications, subject to judicial order. A constitutional reform to article 182 established the habeas data guarantee, giving every person the right to access information about themselves held in public or private databases and, where needed, to update, rectify or delete it. These are the strongest enforceable privacy rights in the system, but they operate as constitutional guarantees and judicial actions rather than a detailed regulatory code.
Transparency law and the IAIP
The Transparency and Access to Public Information Law (Decreto 170-2006) created the Institute for Access to Public Information (IAIP) and introduced the category of confidential personal data, but only in the context of public bodies and entities handling public funds. It is an access-to-information statute, not a general data protection law, and does not systematically regulate private sector processing or automated decision-making.
The pending data protection bill
The IAIP drafted a Law on Personal Data Protection and Habeas Data Action, modelled in part on the European approach, which would designate the IAIP as the data protection authority and establish rights of access, rectification, cancellation and opposition, database registration and rules on international transfers. The initiative, championed by IAIP Commissioner President Doris Imelda Madrid Zeron and developed with technical support from the International Development Law Organization (IDLO), entered the formal approval process as a bill in 2018. According to legal analysis published in 2022, only 19 of its 96 articles had been approved by 2018, with the third and final debate suspended since April of that year. Until it passes, Honduras has no comprehensive, horizontally applicable data protection statute, which is the layer most AI governance frameworks build upon.
CONATEL and the telecoms layer
The National Telecommunications Commission (CONATEL), created in 1995 under the Framework Law of the Telecommunications Sector (Decreto 185-95), regulates telecoms services, manages radio spectrum and promotes information and communication technologies. It is the closest thing to a digital infrastructure regulator, but its remit is connectivity, competition and spectrum, not artificial intelligence. CONATEL does not regulate AI models or applications.
Digital government strategy and DIGER
The executive's digital agenda is steered by the Direccion de Gestion por Resultados (DIGER), created in 2022, which rectors the Republica Digital policy and the National Digital Government Plan 2023-2026. These instruments focus on connectivity, digital public services, interoperability, open data, digital talent and cybersecurity. They are policy and planning documents, not AI law, and they flag the need to enact data protection and cybersecurity laws rather than regulate AI directly.
Sector rules: credit bureaus
One of the earliest data-handling rules predates the transparency framework: the Regulation for the Authorisation and Functioning of Private Risk Centres (credit bureaus), issued and repeatedly reformed by the National Banking and Insurance Commission (CNBS), which introduced the concept of the data subject in the financial context. This illustrates how, absent a systematic data protection law, governance of data-driven systems sits in scattered sector rules rather than a single regime.
Regional context: SICA and UNESCO
As a founding member of the Central American Integration System (SICA), Honduras participates in the Regional Digital Strategy (ERDI), under which a Charter of Ethical Principles for the Use and Development of Artificial Intelligence in SICA was developed and, per the SICA portal in February 2026, approved by the ERDI Ad Hoc Group. The project was led by the Dominican Republic under its rotating presidency of the group, represented by Amparo Arango of the telecoms regulator INDOTEL. This is a non-binding soft-law instrument of shared ethical principles, not an enforceable regional regulation, and it does not create direct legal obligations in Honduras. Honduras is also a UNESCO member state and is therefore covered by the UNESCO Recommendation on the Ethics of Artificial Intelligence, adopted by acclamation by 193 member states on 23 November 2021, another non-binding instrument. Neither creates AI law enforceable against organisations in Honduras.
Examples
A bank deploying an AI credit-scoring tool: there is no AI statute to comply with, but the bank operates under National Banking and Insurance Commission supervision and the credit-bureau regulation that introduced the concept of the data subject, plus constitutional habeas data rights. The practical governance comes from sector rules and contract, not an AI law.
A public institution adopting automated decision tools: it falls under the Transparency Law's confidential personal data rules and the DIGER-led digital government plan, and should align with the SICA ethics charter and UNESCO principles as good practice. The national statistics institute (INE) has publicly explored AI for official statistics through regional cooperation, treating adoption as a capacity question rather than a regulated activity.
A company processing personal data to train or run an AI service: with no comprehensive data protection law in force, it must rely on constitutional privacy guarantees, any applicable sector rules, and contractual commitments. Counterparties in stricter jurisdictions often impose their own data protection terms to fill the gap.
Common misunderstandings
"Honduras has an AI law." It does not. There is no AI statute and no AI bill in Congress as of June 2026.
"CONATEL regulates AI." CONATEL regulates telecommunications, spectrum and connectivity. It has no mandate over AI systems.
"Honduras has a GDPR-style data protection law." It does not. The comprehensive data protection bill has been pending since 2018. The 2006 Transparency Law is an access-to-information statute focused on public bodies, not a general data protection regime.
"The SICA ethics charter is binding regulation." It is a non-binding soft-law framework of shared principles approved by a technical working group, not an enforceable regional law.
"No AI law means AI is unregulated and anything goes." General law still applies: constitutional privacy and habeas data rights, sector rules, consumer and contract law. The absence is of a dedicated regime, not of all legal limits.
Risks and boundaries
This article describes the state of law and policy as of June 2026 and is not legal advice. The central boundary is that Honduras has no dedicated AI framework: confirmed is the absence of an AI statute, AI bill and AI regulator. Pending is the comprehensive personal data protection bill, which has been stalled since 2018 and could change the picture substantially if enacted, because it would create a data protection authority and enforceable data rights. Uncertain is the timing and content of any future AI policy or law; political plans have floated the idea of a technology and AI law, but no such instrument has been adopted. The SICA charter and UNESCO recommendation are non-binding. Enforcement of even the existing constitutional and transparency protections is widely regarded as weak, so the practical level of protection is lower than the formal rights suggest.
What to do next
Do not wait for a Honduran AI law to build governance. Treat general law as the floor: map your AI uses against constitutional privacy and habeas data rights, sector rules (especially financial and telecoms), and consumer and contract obligations. Adopt a recognised external framework voluntarily, such as the UNESCO ethics recommendation or risk-based approaches used elsewhere, to give your governance structure and credibility. Build data protection by design now, anticipating that the pending bill, if enacted, will introduce access, rectification, cancellation and opposition rights, database registration and transfer rules. For cross-border work, use contractual data protection safeguards because Honduras lacks an adequacy framework. Monitor Congress for movement on the data protection bill and any technology or AI legislation, and watch DIGER and SICA outputs for policy signals. Document your AI impact assessments and human oversight measures, since these will likely become expectations under any future regime.
Have a question or a suggestion, or want to understand how we research and review these guides? Read about our editorial standards and how to reach us.
FAQs
Does Honduras have an artificial intelligence law?
No. As of June 2026 there is no dedicated AI law in force and no AI bill before Congress. AI is governed indirectly through general law and sector rules.
Is there an AI regulator in Honduras?
No. No institution has a mandate to license, audit or sanction AI systems. CONATEL regulates telecommunications, not AI.
Does Honduras have a data protection law?
Not a comprehensive one. The Transparency Law of 2006 covers confidential personal data held by public bodies, and the Constitution provides habeas data rights, but the comprehensive data protection bill has been pending in Congress since 2018.
Who would be the data protection authority if the bill passes?
The draft designates the Institute for Access to Public Information (IAIP) as the body responsible for personal data protection.
What is CONATEL's role?
CONATEL is the national telecommunications regulator, created in 1995. It manages spectrum, regulates telecoms services and promotes connectivity and information technologies. It does not regulate AI.
Does any regional framework bind Honduras on AI?
No binding one. Honduras participates in the SICA Regional Digital Strategy and an associated non-binding charter of AI ethics principles, and it is covered by the non-binding UNESCO ethics recommendation.
Can organisations use AI legally in Honduras today?
Yes. There is no prohibition. Use is governed by general law, including privacy and habeas data rights, sector rules and contract, rather than a dedicated AI regime.
What should businesses do given the gaps?
Build governance on general law and a recognised voluntary framework, adopt data protection by design, use contractual safeguards for cross-border data, and monitor the pending data protection bill.