Database

Browse Database

NEPAL

Since March 2023

Pillar Content access  |  Indicator Licensing schemes for digital services and applications
IoT/ M2M Regulatory Framework, 2079
The Internet of Things/Machine-to-Machine Communication (IoT/M2M) Regulatory Framework, 2079, establishes a licensing and authorisation regime in Nepal for specific categories of IoT services. Under Art. 5.3(a), outdoor IoT/M2M services, defined in Art. 3.1(b) as services connected to the internet or a corporate intranet, are treated as value-added services (VAS) and therefore require an authorisation from the Nepal Telecommunications Authority (NTA). The Framework also provides, in Art. 5.4(a)–(c), for a separate special authorisation for IoT/M2M research and development (R&D) activities, limited to non-commercial purposes and granted for a limited period.
Art. 5.2(a) expressly states that indoor/private IoT/M2M services do not require a licence or authorisation. The Framework further indicates that licensed telecommunications operators do not need a separate licence to build and operate IoT/M2M networks. However, if they intend to act as IoT/M2M network providers for end users, they must obtain the Authority’s approval under Art. 5.1(b).
Coverage IoT services

NEPAL

Since January 2025

Pillar Content access  |  Indicator Licensing schemes for digital services and applications
Data Center and Cloud Service (Operation and Management) Directives, 2081 (2025)
Pursuant to Art. 3 of the Data Center and Cloud Service (Operation and Management) Directives, data centre operators and cloud service providers must be listed with the Department of Information Technology before providing services. Any organisation intending to operate a data centre or provide cloud services must submit an application in the format prescribed by the Department. Existing data centre operators at the time the Directive enters into force must apply for mandatory registration in accordance with subsection (2), and existing cloud service providers must apply in accordance with subsection (3), in both cases within six months of commencement and accompanied by the documents specified in the relevant subsection.
Coverage Data centers and cloud services

NEPAL

Since November 2023

Pillar Content access  |  Indicator Licensing schemes for digital services and applications
Directives on the Operation of Social Networking, 2023 (सामाजिक सञ्जालको प्रयोगलाई व्यवस्थित गर्ने निर्देशिका, २०८०)
Under the Directives for Managing the Use of Social Networks, 2023, Nepal operates an authorisation regime based on registration for social network platform operators. Under Art. 3.1, any person, company, or institution intending to operate a social network platform must enlist the platform with the Ministry. The Ministry must issue a public notice for enlistment (Art. 3(2)), and existing platforms must enlist within 3 months of commencement (Art. 3(3)). Operators must apply using the prescribed format and supporting documents (Art. 3(4)–(6)), after which the Ministry issues an enlistment memorandum. Platforms that are not enlisted may be prohibited from operating in Nepal (Art. 3(7)).
In addition, Art. 6 requires the operator to arrange a point of contact in Nepal. Where a platform does not have an office in Nepal, it must establish an office or designate a local contact person.
Art. 2 of the Directive defines SNPs as Internet or information technology-based operating systems available to the public, such as Facebook, TikTok, Viber, Pinterest, WhatsApp, Messenger, Instagram, YouTube, LinkedIn, WeChat, and others, that facilitate the exchange of ideas or information among individuals or organisations and enable the dissemination of user-generated content.
Coverage Social media platforms

NEPAL

Since January 1997, last amended in September 2021
Since 2012, last amended in 2016

Pillar Technical standards applied to ICT goods and online services  |  Indicator Self-certification for product safety
Telecommunications Act, 2053 (1997) (दूरसञ्चार ऐन, २०५३)

Decision No. 3,327 on Type Approval Working Procedure for Customer Premises Radio Telecommunication Equipment, 2016 (TAP-04)
Nepal allows foreign companies to self-certify compliance with radio transmission, electromagnetic interference (EMI), or electromagnetic compatibility (EMC) standards through a Supplier Declaration of Conformity (SDoC).
According to Arts. 13-14 of the Telecommunications Act, 2053, the Nepal Telecommunications Authority (NTA) oversees type approval in Nepal, and compliance with these regulations is mandatory before importing or selling any radio telecommunication Customer Premises Equipment (CPEs) in the country.
Decision No. 3,327 provides further information about the procedure.
Coverage Telecom equipment

NEPAL

Since November 2023

Pillar Intermediary liability  |  Indicator Monitoring requirement
Directives on the Operation of Social Networking, 2023 (सामाजिक सञ्जालको प्रयोगलाई व्यवस्थित गर्ने निर्देशिका, २०८०)
Pursuant to Arts. 6 and 7 of the "Directives on the Operation of Social Networking 2023", operators of social network platforms (SNPs) are required to establish a point of contact within Nepal to handle grievances related to platform usage. This designated contact must identify and address content disseminated on social networks that violates the law. Additionally, under Art. 8, SNPs must develop algorithms and implement measures to prevent the dissemination of information that contradicts prevailing laws. According to Art. 3.7, the Ministry of Communications and Information Technology may ban any SNP from operating in Nepal if it does not comply with these requirements.
Art. 2 of the Directive defines SNPs as Internet or information technology-based operating systems available to the public, such as Facebook, TikTok, Viber, Pinterest, WhatsApp, Messenger, Instagram, YouTube, LinkedIn, WeChat, and others, that allow individuals or organisations to exchange ideas or information with each other or to disseminate user-created content.
Coverage Social network platforms

NEPAL

Since November 2023

Pillar Content access  |  Indicator Blocking or filtering of commercial web content
Social Media Management Directive 2080
In 2023, Nepal adopted the Social Media Management Directive 2080, establishing a regulatory framework for the operation and use of social media platforms. Under Section 3(1), any person, company, or institution seeking to operate a social networking platform in Nepal must register the platform with the Ministry of Communication and Information Technology. Sections 3(4)–(6) set out the enlistment procedure, while Section 3(7) authorises the Ministry to ban non-enlisted platforms from operating in Nepal.
In September 2025, the Nepal Telecommunications Authority issued a notice requiring mobile and internet service providers to deactivate 26 social media platforms, including YouTube, Facebook, Instagram, WhatsApp, X and LinkedIn, for non-compliance with the Social Media Management Directive 2080 and a Nepal Supreme Court order. Earlier that year, the Authority also instructed telecom and internet service providers to restrict access to Telegram, following a directive issued by the National Coordination Committee for the Prevention of Money Laundering and Financing of Terrorist Activities. The ban was reportedly justified on the basis of Telegram’s alleged use in online fraud, money laundering and other cybercrimes.
Reports indicate that, except for Telegram, these restrictions were lifted later in 2025.
Coverage Social media platforms

NEPAL

Reported in 2026

Pillar Content access  |  Indicator Presence of Internet shutdowns
Presence of Internet shutdowns
The indicator "7.2.4 - Government Internet shut down in practice" of the V-Dem Dataset, which measures whether the government has the technical capacity to actively make internet service cease, thus interrupting domestic access to the internet or whether the government has decided to do so, has a score of 3 in Nepal for the year 2025. This corresponds to "Rarely but there have been a few occasions throughout the year when the government shut down domestic access to Internet."
Coverage Internet access

NEPAL

Since March 2017, last amended in February 2018

Pillar Content access  |  Indicator Licensing schemes for digital services and applications
Online Media Operation Directive, 2073 (अनलाइन सञ्चारमाध्यम सञ्चालन निर्देशिका, २०७३)
According to Section 3 of the Online Media Operation Directive, online news companies are required to be registered with the Department of Information and Broadcasting to operate.
Coverage Online news

NEPAL

Since June 1995, as amended in March 2022

Pillar Content access  |  Indicator Licensing schemes for digital services and applications
National Broadcasting Regulation, 2052 (राष्ट्रिय प्रसारण नियमावली, २०५२)
The National Broadcasting Regulation was amended in 2022 to incorporate Over-the-Top (OTT) services and internet television within the definition of "other means of communications." With this inclusion, the amended Regulation mandates that OTT and internet television providers obtain licences to operate their services in Nepal. The term "OTT" refers to the broadcasting of content on demand via the internet, encompassing media streaming services delivered through various platforms that utilise internet connectivity. In addition, "internet television" is defined as the regular transmission of self-produced audiovisual programmes via the internet.
Coverage Over-the-top and internet television providers

NEPAL

N/A

Pillar Telecom infrastructure & competition  |  Indicator Presence of an independent telecom authority
Presence of an independent telecom authority
It is reported that the Nepal Telecommunications Authority (NTA), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.
Coverage Telecommunications sector

NEPAL

Since March 2023

Pillar Cross-border data policies  |  Indicator Ban to transfer and local processing requirement
IoT/ M2M Regulatory Framework, 2079
Section 9.4 of the IoT/M2M Regulatory Framework stipulates that personally‑indefinable information (that is, data that cannot be used to identify a specific individual) must be stored exclusively within Nepal. Moreover, at least one copy of all relevant data must be stored within Nepal. However, the provision does not specify what 'relevant data' is. Furthermore, the same provision encourages 'complete data localisation', which is also not clarified.
Coverage IoT/M2M providers

NEPAL

Since June 1995, as amended in March 2022

Pillar Cross-border data policies  |  Indicator Infrastructure requirement
National Broadcasting Regulation, 2052 (राष्ट्रिय प्रसारण नियमावली, २०५२)
Pursuant to Rule 7A of the National Broadcasting Regulation, licensed over-the-top (OTT) operators offering services to customers or generating revenue within Nepal are obligated to establish a cache server in Nepal. These operators are required to register customers on a server located in Nepal before granting access to their content and must retain detailed customer information. Additionally, all transaction records must be securely stored on a Customer Management System Server. However, the regulation does not clearly define the term "Customer Management System Server" or specify whether such a server must be physically situated within Nepal and directly managed by the OTT service providers. The regulation defines OTT as the broadcasting of content on demand via the internet, encompassing media streaming services delivered through various platforms utilising internet connectivity
Coverage Over-the-Top service providers

NEPAL

Since January 2025, entry into force in January 2025

Pillar Cross-border data policies  |  Indicator Infrastructure requirement
Data Center and Cloud Service (Operation and Management) Directives, 2081 (2025) (डाटा सेन्टर र क्लाउड सेवा (सञ्चालन र व्यवस्थापन) निर्देशन, २०८१ (२०२५))
Section 3.7 of the "Data Center and Cloud Service (Operation and Management) Directives, 2081 (2025)" provides that, in the context of government data centres and cloud service provision, the security agencies of the government of Nepal are mandatorily required to use data centre and cloud services operated by the Integrated Data Management Center. According to its official website, the Integrated Data Management Centre operates under the Department of Information Technology and serves as the government of Nepal's implementing agency. Furthermore, Section 3.9 stipulates that, upon the commencement of the Directives, government bodies operating data centres and cloud services on a departmental or agency basis shall transfer such facilities to the government data centre within the timeframe specified by the steering committee; however, where a government body submits a request, supported by sufficient justification, to operate a primary or secondary site, the steering committee may grant consent for the operation of such a site based on its suitability.
Coverage Public sector

NEPAL

Since September 2018

Pillar Cross-border data policies  |  Indicator Conditional flow regime
Individual Privacy Act, 2075 (वैयक्तिक गोपनीयता सम्बन्धी ऐन, २०७५ )
Section 12.4 of the Privacy Act requires the consent of the data subject for the disclosing, making public, or transferring of the following data: details relating to a medical examination; details relating to property and income; further information relating to employment; details relating to family matters; biometric data and fingerprints; signatures or electronic signatures; further information concerning the political affiliation and voting; and further information about profession and business. The term 'transfer' may signify the transfer of personal data outside Nepal, thereby requiring specific consent from the individual. However, there is no clear evidence about the applicability of this requirement to cross-border data transfers.
Coverage Horizontal

NEPAL

N/A

Pillar Cross-border data policies  |  Indicator Participation in trade agreements committing to open cross-border data flows
Lack of participation in agreements with binding commitments on data flows
Nepal has not joined any agreement with binding commitments to open transfers of data across borders.
Coverage Horizontal

Report issue     Report new measure