According to Art. 2(3) of Law No. 175, the national security authorities may request access/use to all technical capabilities from the service provider (namely mobile operators and technology service providers) and their affiliates. This is for the purpose of enabling the national security authorities to exercise their powers in accordance with Law No. 175. It is reported that this is a generic right, it does not explicitly allow the access and retention of personal data maintained by service providers, however it is expected that the data stored might be accessible to the national security authorities while exercising this right. The main guarantee is that the use of such a right should not violate the inviolability of private life. This right is not further regulated, there are no specific guarantees that limit the national security authorities use of its powers in this regard. There is no specific duration for the power granted.

Art. 3(5) of Resolution No. 151 stipulates that, "The Data Protection Centre shall, upon the request of the national security authorities, notify the controller or processor to amend, delete, not display or provide or handle the personal data, within a specified period of time, according to national security considerations, and the controller or processor shall implement the contents of the notification within the period of time specified therein." It is reported that there are no clear or precise rules as to when the national security authorities can request access to the personal data maintained by the controller/processor. The main requirement is that the request made by the national security authorities to access the personal data must be for the purpose of national security.

The interception of telecommunications in Egypt is permitted under the Telecommunication Regulation Law No. 10 of 2003. The law grants the National Telecommunication Regulatory Authority (NTRA) - a body chaired by the ICT minister and composed of government representatives - the authority to regulate ISPs and mobile network operators. Art. 64 of the law "mandates telecommunications operators to provide all technical equipment, systems, software and communications, which enable the armed forces and national security agencies to exercise their powers within the Law."

According to Art. 16 of the Cabinet Resolution No. 418 of 2020 issuing the executive regulations for the law regulating the press and media and the Supreme Council for Media Regulation promulgated by Law No. 180 of 2018, licensed media and websites must retain all broadcast materials for no less than one year from the broadcast date. They must also deposit a copy of it to the Supreme Council on monthly basis. The term media is defined as any terrestrial or satellite television channel, or wired, wireless or electronic radio station. The term website is defined as the licensed page, link or electronic application through which press, media or advertising content is provided, whether fixed, animated or multimedia, issued under a specific name, with a specific electronic address and domain, and created, hosted or accessed through the international information network (Internet).

Art. 8 of Egypt's Law No. 151 of 2020 Promulgating the Personal Data Protection Law, requires any controller or processor to appoint "a competent employee to be responsible for the protection of Personal Data, inside its legal entity and among its personnel structure. This employee shall be registered in the register designated for the Data Protection Officers at the Center" (Data Protection Center). In addition, according to Art. 5.12, processors outside of the Arab Republic of Egypt are required to appoint a representative in the country.

Article 2.1 of the Anti-Cybercrime Law requires every telecommunications services to maintain records (i.e. logs) for 180 consecutive days. These logs should include, among others, information sufficient to identify the user and information related to the content of the operating system dealt with.

Egypt has not joined any free trade agreement committing to open transfers of cross-border data flows.

Egypt's Law No. 151 of 2020 Promulgating the Personal Data Protection Law is the country's data protection framework. The law was adopted in 2020 and entered into force later in the same year.

Art. 14 of Law No. 151 of 2020 on Personal Data Protection prohibits the transfer of personal data to a foreign country unless the laws of the foreign country guarantee a minimum level of protection that is equal to the level stipulated by Egyptian law. Moreover, the transfer of data abroad requires an authorisation or a license from the Data Protection Centre. Art. 15 enumerates several specific exceptions to the obligation of Art. 14 subject to the express consent of the person concerned with the data or his representative.

Art. 16 of the Executive regulation (Cabinet Resolution No. 418 of 2020) relating to Law No. 180 of 2018 Regulating the Press, Media, and the Supreme Council for Media Regulation (SCMR) requires media outlets and websites to have a backup of their electronic servers within the Arab Republic of Egypt, provided that it is safe and known to the SCMR. The term “media” is defined as “any terrestrial or satellite television channel, or wired, wireless or electronic radio station”.

According to Art. 16 of the Resolution of the Council of Ministers No. 418 of 2020 Issuing Executive Regulations for Law No. 180 of 2018 on Press, Media and the Supreme Council for Media Regulation, all companies having a licence from the Supreme Council for Media Regulation (SCoM) to operate and distribute recorded or live content in Egypt, whether through satellite or the internet, are required to store all content for at least one year in a server that is located at a secure location in Egypt. The location may not be changed without prior approval from the SCoM.

Art. 35 of Egypt's Media Law No. 180 of 2018, and Arts. 5 and 16 of its executive regulation (Cabinet Resolution No. 418 of 2020) stipulate that newspapers must be printed in presses inside the Arab Republic of Egypt and a backup of the electronic servers hosting their electronic copies must be located in a place specified by the newspaper within the Arab Republic of Egypt, provided that it is safe and known to the Supreme Council for Media Regulation (SCMR).

Egypt has a telecommunications authority: The National Telecommunications Regulatory Authority of Egypt (NTRA). However, it is reported that the decision-making process of this entity is not fully independent from the government.

Only Egyptian joint-stock companies incorporated in accordance with the Egyptian law can apply and obtain Internet Service Provider (Class A) and Voice Over Internet Protocol (VOIP) Licenses in Egypt. This entails that ISPs and VOIP services of foreign providers with no commercial presence in Egypt and a minimum Egyptian stocks are not permissible in Egypt.

Egypt has appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.