Bhutan’s regulatory framework on SIM registration requires mobile network operators to collect and store users’ personal information together with proof of identity. Section 9 of the Code of Practice on Registration of Subscriber Identity Module (SIM) Cards stipulates that issuance of a SIM card requires: (a) a completed registration/application form, including a signed agreement and SIM card usage terms and conditions; and (b) a copy of the subscriber’s identity proof, as follows: (i) Bhutanese nationals: citizen ID card number, or, in the case of minors, the ID of a parent or guarantor; (ii) residents of Bhutan: resident permit number; and (iii) foreigners other than Indian nationals: passport number.
Section 9.2 further obliges service providers to maintain a register of all subscribers, both post-paid and pre-paid, and to keep a corresponding computerised database of this information.

The indicator "7.2.4 - Government Internet shut down in practice" of the V-Dem Dataset, which measures whether the government has the technical capacity to actively make internet service cease, thus interrupting domestic access to the internet or whether the government has decided to do so, has a score of 3 in Bhutan for the year 2024. This corresponds to "Rarely but there have been a few occasions throughout the year when the government shut down domestic access to Internet."

According to Sections 90–93 of the Information, Communications and Media Act, no person shall own or operate an ICT facility, or provide any ICT service, without a valid licence. Section 464 of the Act defines the scope of ICT services, including: (i) broadcasting services, such as mobile satellite and subscription broadcasting; (ii) information technology services, such as webcasting, e-mail, and other electronic services; (iii) Internet Protocol (IP) telephony; (iv) digital library and commercial information services; (v) network-based information and related specialised professional services provided electronically; and (vi) public switched data and other similar services. The Rules and Regulations on ICT Facilities and Services in Bhutan provide further information about this license.

According to Sections 90–93 of the Information, Communications and Media Act, no person shall own or operate a media facility, or provide any media service, without a valid licence. This requirement includes online media as defined in Section 464.

According to Section 6 of the Guidelines for Licensing of OTT Services, individuals or entities with a valid start-up licence may establish and operate an OTT platform for up to five years. Before the end of this period, OTT providers must apply to the Authority for an ICT service licence, which is granted for five years and subject to agreed terms and conditions. Licensed telecom and internet service providers are not required to obtain a separate licence to operate OTT services but must comply with the Guidelines and seek prior approval from the Authority.

According to Section 2.1 of the Rules and Regulations for Publication, no person may publish books, newspapers, and periodicals, whether in physical form or as electronic publications, without holding a valid licence issued by the Bhutan InfoComm and Media Authority (BICMA). Section 2.4 sets out the eligibility criteria for applicants. A licence may be granted only to a person who:
(i) is a citizen of Bhutan;
(ii) is of sound mind;
(iii) is not a political party;
(iv) has not been declared insolvent or convicted of a criminal offence under Bhutanese law, unless their reputation has been restored through due process; and
(v) holds less than 5% of shares in any other media licence issued by the Authority.

Annex I, point (p) of the "Payment Aggregators and Payment Gateways Guidelines 2020" stipulates that entities must adopt preventive measures to ensure that data is not stored on infrastructure subject to external jurisdictions, that is infrastructure located outside the country. This requirement is mandatory for payment aggregators and recommended for payment gateways. Under Section 3, payment aggregators are defined as entities that enable e-commerce platforms and merchants to accept various payment instruments from customers, thereby facilitating the completion of payment obligations without necessitating merchants to develop their own payment integration systems. On the other hand, payment gateways are entities that provide the technological infrastructure to route and facilitate the processing of online payment transactions, without engaging in the handling of funds.

Bhutan has not joined any agreement with binding commitments to open transfers of data across borders.

Bhutan maintains a copyright framework under the Copyright Act of the Kingdom of Bhutan of 2001. The Act does not adopt an open-ended fair use or fair dealing model; instead, it establishes a closed list of narrowly defined exceptions, which restricts lawful use to specific, enumerated purposes. Several of these exceptions, such as those relating to quotation and reproduction for teaching, are expressly conditioned on compliance with the principle of fair practice, requiring that the use be compatible with fair practice and limited to what is justified by the purpose. Arts. 10-17 set out these exceptions, which include private reproduction for personal purposes; quotation; reproduction for teaching; reprographic reproduction by libraries and archives; reproduction, broadcasting and other communication to the public for informational purposes; reproduction and adaptation of computer programs; importation for personal purposes; and the display of works.

Reports indicate that copyright infringement is widespread within the country. Samuh, the first over-the-top (OTT) platform offering video streaming services to Bhutanese audiences both domestically and abroad, has observed that its content is extensively disseminated across social media platforms such as Telegram, WeChat, Facebook, TikTok, and others, resulting in substantial economic losses for the company.

Bhutan has not signed the World Intellectual Property Organization (WIPO) Copyright Treaty.

Bhutan has not signed the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.

Bhutan lacks a comprehensive regime for the protection of trade secrets.

According to Section 51 of the Bhutan Information, Communications and Media Act 2018, the Bhutan InfoComm and Media Authority (BICMA) is mandated to regulate the interconnection and sharing of infrastructure and facilities between or among telecom facility providers. The Rules and Regulations on ICT Infrastructure Sharing 2019 further detail these obligations, requiring service providers to share passive infrastructure with other licensed providers on a “first-come, first-served” basis, and to publish on their websites detailed information regarding infrastructure available for sharing. Infrastructure sharing must be formalised through a written agreement grounded in the principles of neutrality, transparency, non-discrimination, and fair competition. A copy of the agreement must be submitted to BICMA within one month of its signing.

In addition to the sectors where foreign investment is prohibited, the Foreign Direct Investment Regulations 2019 provide that all other sectors, with the exception of certain sectors in Schedules I-III that have ad hoc conditions, are subject to a maximum foreign investor shareholding of 74% (Section 8). The 74% limit therefore applies to virtually all sectors of the economy, including the telecom sector.