According to Art. 26.1 of the E-Commerce Law, e-commerce service providers and intermediaries must obtain e-commerce permits or licenses from the Ministry of Commerce (MOC) in addition to the general business registration. According to Art 26.2, the licensing regime has two categories: (1) an e-commerce permit (for individual persons and sole proprietorships) and (2) an e-commerce license (for legal persons and branches of foreign companies). In August 2020, Cambodia issued Sub-Decree No. 134, an implementing regulation of the E-Commerce Law, clarifying that a license is required for legal persons and branches of foreign companies carrying out the following activities: e-commerce web services, e-commerce platform services, online market services, online auction website services, and other similar services provided through software or smart devices for the promotion of e-commerce (Art. 5.1). In addition, pursuant to Art. 5.2 of the Sub-Decree, an E-Commerce permit is required for natural persons and sole proprietors that operate a business via electronic system in Cambodia (including those who conduct business via social media and electronic systems to supply or sell/purchase goods and services).
According to Arts. 6 and 7 of Sub-Decree No. 134, for issuance of an e-commerce license or permit, business and tax registration is required. Art. 29 of the e-Commerce Law also requires the provision of the name, registered address, and contact number/email address of the business entity in Cambodia. Moreover, Art. 7 of the Sub-Decree also states that, in cases where the intermediary is a legal entity or foreign branch, it must enter into a contract with the service providers regarding the requirement to provide minimum information.
The E-Commerce Law broadly defines e-commerce service providers and intermediaries (Annex). An e-commerce service provider is defined as a "person who uses electronic means to supply goods and/or services except for insurance establishments". On the other hand, intermediary "refers to a person who provides the services of sending, receiving, transmitting or storing services of the electronic communication, either on a temporary or permanent basis, or provides other services relating to the electronic communication, including the following persons: a person representing the sender, receiver, transmitter, or the custodian; telecommunication service providers; network service providers; internet service providers; search engines providers; online payment service providers; online auction service providers; online marketplaces service providers and internet commerce service provider".

Art. 116 of the Law on the Patents, Utility Model Certificates and Industrial Designs states that where an applicant’s ordinary residence or principal place of business is outside the Kingdom of Cambodia, the applicant shall be represented by an agent residing and practising in the Kingdom of Cambodia and fulfilling the prescribed requirements. In addition, it is reported that Cambodia’s patent authority lacks sufficient funding and expertise to examine patent applications.

Art. 43 of the Law on the Patents, Utility Model Certificates and Industrial Designs establishes that the patent owner can institute court proceedings against any infringer, or anyone who performs acts which make infringement likely to occur. Upon request of the patent owner, or by a licensee in certain circumstances, a court may grant an injunction to prevent infringement or imminent infringement, award damages, or any other remedy provided for by law (Art. 126). However, Art. 47 states that the Cambodian Government has the right to exploit a patented invention itself, or allow third parties to do so, for the purpose of promoting ‘public interests’ including national defence, nutrition, health and development.

According to Art. 26 of the Financial Institutions Law, only local banks are allowed to take part in banking and financial services, including online banking and financial services.

It is reported that the de minimis threshold, that is the minimum value of goods below which customs do not charge duties, is USD 75, below the 200 USD threshold recommended by the International Chamber of Commerce (ICC).

It is reported that registering a ".com.mm" or ".net.kh" domain name requires a local company or subsidiary in Myanmar.

The Electronic Transaction Law 2004 (as amended in 2014) provides a comprehensive framework for consumer protection that also applies to online transactions. This was amended by the Law Amending the Electronic Transactions Law 2014, providing for the amendment of offences and penalties for anyone who commits any offence by using electronic transaction technology (Arts. 33-36).

Myanmar has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Myanmar has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

Myanmar has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

It is reported that certain exports require regime approval through an export license, issued by the Department of Trade under the Ministry of Commerce, based on recommendations from relevant ministries, agencies, and business associations. Specifically, for telecommunications equipment, the designation of the Ministry of Transport and Communications (MoTC) as a Bureau of Industry and Security (BIS) entity on 6 March 2023 has introduced restrictions on the export of most network equipment to the MoTC, unless a specific telecommunications equipment export license is obtained.

The Law on Standardisation Art. 9 allows foreign departments or organisations to issue a certificate of standard certification and quality recommendation by applying to the department assigned to perform in the matter of standardisation by the Ministry of Science and Technology.

Myanmar does not have a comprehensive regime in place for all personal data. However, the Constitution of the Republic of the Union of Myanmar and the Law Protecting the Privacy and Security of Citizens set out provisions for the protection of privacy and security of communications. These are supplemented by sectoral legislation, such as the Telecommunications Law 2013, which contains provisions related to the confidentiality of personal information.

Art. 27 of the Electronic Transactions Law requires personal data administrators to retain personal data for a specified period before destruction. However, the regulation does not define the exact duration for which the data must be retained.