Sierra Leone has signed but not ratified the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Sierra Leone does not apply the de minimis rule, that is the minimum value of goods below which customs do not charge duties. According to Section 24 of the Customs Act, levies are charged and collected on all goods imported into the country. Also, the value of an imported good is not a criteria for exemption, according to Section 11 of the Goods and Services Tax Act. It is however reported that there is an informal threshold of USD 100.

All imports to Sierra Leone may be inspected by the Sierra Leone Standards Bureau (SLSB), which is the authority in charge of standards, certification, and accreditation under the Standards Act of 1996. The Bureau checks the certificate of conformity and labeling requirements and may perform field tests before issuing clearance to customs for the release of the goods.
In July 2009, pre-shipment inspection of all imports has ended. From this date, all shipments into the country are subjected to a Destination Inspection System (DIS) to test and inspect the imported good to ensure they meet national and international environmental, health and safety standards. Third-party testing results and certifications are not accepted, and the inspection must be done by the government-appointed entities. The government-appointed companies to conduct the inspection has been changed a couple of times. Importers are responsible for payment of the inspection fee.

According to Section 41 of the Telecommunications Licensing Regulations, type-approval certification from the Commission is required before telecommunications companies can import electronic communications equipment to be used on their networks. The companies are required to comply with the regulations of the Commission in this regard. Self-certification for imported goods, including ICT goods such as radio transmission, electromagnetic interference (EMI) or electromagnetic compatibility (EMC), is not allowed since July 2009 when the requirement for destination inspection was enacted.

The Telecommunications Subscribers Regulations (Sections 6 and 7) mandates service provider to register subscriber details before new SIM cards or other subscription services are activated. Existing subscribers are also required to be registered not later than six months from the effective date of the regulation.

Sierra Leone has a safe harbour regime in place for intermediaries beyond copyright infringements. Section 22 of the Electronic Transactions Act exempts intermediaries from the legal responsibilities and liabilities associated with any illegal and harmful activities performed by their users on their platforms or through their networks, if they are unaware of these activities, do not financially benefit from the activities, and if they remove/restrict the content within a reasonable amount of time after discovering the activities.

According to Section 3 of the Telecommunications Subscribers Regulations, telecommunications service providers are required to implement a system to obtain, record, and store information about their subscribers.

Sierra Leone has a safe harbour regime in place for intermediaries for copyright infringements. Section 22 of the Electronic Transactions Act exempts intermediaries from the legal responsibilities and liabilities associated with any illegal and harmful activities performed by their users on their platforms or through their networks, if they are unaware of these activities, do not financially benefit from the activities, and if they remove/restrict the content within a reasonable amount of time after discovering the activities.

Section 22 of the Telecommunications Subscribers Regulations noted that personal information of subscribers may be released to law enforcement agencies with a written request of a senior officer of the security/law enforcement agency. The request has to be sent to the Commission stating the information needed and the purpose, according to Section 24. There is no specific provision that this request has to go through a judicial process.

Sierra Leone does not have a comprehensive data protection law. However, there are provisions for data protection in the legal frameworks governing the operations of some sectors. For example, in the telecommunications sector, Section 78 of the Telecommunications Act makes it a criminal offense for anyone engaging in the provision of telecommunications services to disclose to any unauthorized person information or data s/he comes across as part of his lawful duty in respect of any customer or user of the telecommunications services. Also, Section 21 of the Telecommunications Subscriber Regulations states that a licensed service provider shall take reasonable steps to ensure the security and confidentiality of subscriber’s registration, and prevent corruption, loss or unauthorised disclosure of the information. There are also provisions of data protection in the financial sector. Section 35 of the Lenders and Borrowers Act states that a lender or a person who acts on behalf of a lender shall not disclose information obtained from a borrower unless the information is required under any other law or by a court of competent jurisdiction.

Section 19(4) of the Telecommunications Subscribers Regulations provides that the service provider shall, on a monthly basis or at such regular interval as the Commission may specify, transmit to the Commission all subscribers information captured in their subscribers registers within the preceding month or such period as stipulated by the Commission in accordance with these Regulations. Section 20 of the Regulations also mandates licensed operators to capture, record and transmit to the central subscribers information database the particulars of all its sales. The regulations do not specifically say for how long the data may be stored, it only mentioned the frequency at which the data should be transmitted to the Commission. However, Section 32(1-2) of the Regulations states that a subscriber intending to utilise one or more mobile universal integrated service cards, fixed telephone lines or internet connections that has been registered in its name, for allocation to a third party shall, before handing over a universal integrated service card or providing access to any telecommunication service, record the particulars and the date on which the utilisation commenced and the period for which the communications service shall be utilised by the third party. This information registered shall be stored for a minimum period of three years.

According to Section 22 (3-4) of Telecommunications Subscribers Identification and Registration Management Regulation, the transfer and utilisation of subscribers' data outside the country are subject to the provision of justification for the data use, the approval of the Commission, and the assurances of the security and confidentiality of the data/information.

Sierra Leone has not joined any free trade agreement committing to open transfers of cross-border data flows.

Section 19(1-2) of the Telecommunications Subscribers Identification and Registration Management Regulation empowers the National Telecommunications Commission to establish and maintain a central electronic database of communications service subscribers, in which all subscribers' information shall be stored. The database shall be housed either within the Commission or in another location as may be determined by the Commission.
As Section 22(3-4) provides that the transfer and utilisation of subscribers' data outside the country are subject to specific approvals, it is expected that the location of the central electronic database should be in the territory of the country.

It is reported that the National Telecommunications Commission (NATCOM), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.