Font size






The GRA, established under the Gibraltar Regulatory Authority Act 2000, is an independent statutory body. Our principal duty is to further the interests of citizens and consumers where appropriate, by promoting competition and encouraging innovation.

The GRA has a wide range of responsibilities across various sectors and sets and enforces regulatory rules in accordance with Gibraltar legislation. Our remit includes to promote data privacy and uphold information rights, and regulate and enable competition in the electronic communications, broadcasting and postal sectors.

The GRA Board consists of the following appointed members:

Mr John Paul Rodriguez

Mr Kieran Power

Mr Anthony Provasoli

Mr Francis Lopez


Organisation and Staffing

The GRA is divided into Divisions, each with their own structure and responsibilities. The Divisions are managed by Heads:




John Paul Rodriguez
Director of Legal & Regulation
Maurice Hook
Director of Information Rights & Operations
Bradley Tosso
Head of Spectrum & Operations
Joseph Torres
Head of Finance & HR
Jennie Baglietto
Head of Information Rights
Joelle Hernandez
Head of Broadcasting, Higher Education & CSC Regulation
Peter Hyde
Head of Communications & Postal Regulation
Stewart Brittenden


Under the Communications Act 2006, the GRA is responsible for regulating the electronic communications sector and is the national supervisory and regulatory authority for telecommunications in Gibraltar.

It is tasked with developing effective choice of electronic communications services in Gibraltar for both business and residential customersby facilitating market entry through the issuing of general authorisations and licences. Its remit also includes, fixed-line telephony, internet access/broadband and mobile voice and data services.


The Data Protection Act 2004 (the “DPA”) designates the GRA, as Information Commissioner, to be the supervisory authority in Gibraltar and is thereby the independent statutory body responsible for the enforcement of data protection law in Gibraltar.

The DPA, alongside the General Data Protection Regulation, contains a set of principles that organisations including public bodies and businesses must adhere to, providing a comprehensive and modern framework for data protection in Gibraltar.


The GRA is responsible for regulating media service providers under Gibraltar jurisdiction and carries out its duties under the Broadcasting Act 2012.

These include granting and enforcing licences to radio and television broadcasters, investigating complaints about licensed broadcasters, dealing with regulatory matters relating to broadcasting standards, issuing codes of practice and guidance notes, encouraging the promotion of media literacy, publishing information, and providing advice to consumers and broadcasters.


The GRA is responsible for the granting and enforcement of licences and general authorisations to postal service providers under the provisions of the Post Office Act.

The GRA’s statutory objective is to promote development, issue guidance and enhance competition within the local postal services sector, whilst securing the provision of a competitive universal postal service at an affordable price for all users in Gibraltar. The GRA is also responsible for monitoring the operational developments of the designated universal service provider and monitoring performance against established standards.


The University of Gibraltar (Regulation and Accountability) Regulations 2018 designated the GRA as the Gibraltar Authority for Standards in Higher Education and the Gibraltar Higher Education Commission as provided for in the University of Gibraltar Act 2015.

The responsibilities of the Gibraltar Authority for Standards in Higher Education is to establish and safeguard academic standards and provide quality assurance in respect of the university’s academic programmes. The functions of the Gibraltar Higher Education Commission is to monitor compliance with the University’s duties and obligations under the university regulations and to maintain its autonomy and academic freedom.


Under the Civil Contingency Act 2007, the GRA is responsible for the security of network and information systems in respect of designated operators of essential services and of designated digital services.

Additionally, the GRA is also the single point of contact for the security of network and information systems for Gibraltar. Its remit includes regulating, supervising and enforcing compliance; establishing a list of operators of essential services; investigating breaches; issuing guidance to operators of essential services or digital service providers; drawing up Codes of Practice; recording and reporting incident notifications; and conducting or organising inspections.


The Freedom of Information Act 2018

The Freedom of Information Act 2018 provides public access to information held by public authorities. It is based on the principle that people have a right to know about the activities of these public authorities, unless there is a good reason for them not to. The default position is therefore to only keep information private when there is good reason to.

This is achieved by obliging public authorities to publish certain information about their activities and giving members of the public the right to request information held by them.

Under the Freedom of Information Act 2018, the GRA, with powers conferred upon the Information Commissioner, has regulatory responsibilities and provides an advisory service with regard to matters covered by the Act.

The Freedom of Access to Information on the Environment Regulations 2005

The Freedom of Access to Information on the Environment Regulations 2005 provides public access to environmental information held by public authorities. Environmental information includes, amongst other things, the state of the elements (such as water, soil and land), factors (such as noise, radiation and water) likely to affect those elements and measures and activities affecting or likely to affect those elements and factors. It may also include relevant reports and analyses as well as the state of human health and safety.

The Regulations are derived from European law, namely the European Council Directive 2003/4/EC on public access to environmental information and provide regulatory responsibilities to the GRA.