Malawi has not joined any free trade agreement committing to open transfers of cross-border data flows.

The Data Protection Act establishes a comprehensive regime for data protection in Malawi. It repeals the data protection provisions contained in the Electronic Transactions and Cyber Security Act, 2016, and designates the Malawi Communications Regulatory Authority (MACRA) as the national data protection authority. The Act applies to the processing of personal data within Malawi, including by entities outside the country that offer goods or services to, or monitor the behaviour of, individuals in Malawi. It excludes processing undertaken solely for personal or household purposes, as well as the mere transmission of data through Malawi. The Act imposes obligations on data controllers and processors, including mandatory registration for those of significant importance. These entities are required to comply with the Act within six months of its commencement, while others are granted a 24-month grace period. MACRA is empowered to investigate potential or actual violations of the Act.

Malawi is a party to the Patent Cooperation Treaty (PCT).

Malawi has a copyright regime under the Copyright Act of 2016. However, the exceptions do not follow the fair use or fair dealing model, therefore limiting the lawful use of copyrighted work by others. Arts. 36-53 list the exceptions, which include personal and teaching purposes; reproduction, translation, adaptation, arrangement or other transformation of a work exclusively for the user’s own personal or private use of a work which has already been lawfully made available to the public; among others.

Malawi has not signed the World Intellectual Property Organization (WIPO) Copyright Treaty.

Malawi has not signed the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.

The Law in Malawi, according to Sections 52 and 53 of the Electronic Transactions and CyberSecurity Act of 2016, requires cryptography services or products to be registered by the Communications Authority. Additionally, the use, importation, and exportation of encryption programs and encryption products is subject to authorisation by the government. In addition, Section 67 of the Act mandates encryption services providers to declare to the Authority the technical characteristics of the encryption means as well as the source code of the software used. Violation of these regulations is a criminal offence punishable by up by imprisonment and a fine.

Malawi has no rules applicable to the protection of trade secrets.

It is reported that there is an obligation for passive infrastructure sharing in Malawi to deliver telecom services to end users. It is practised in both the mobile and fixed sectors based on commercial agreements.

Section 35 of the Communications Act mandates an electronic communications licensee (Network and Application Services) to maintain a shareholding by nationals of at least 20%.

It is reported that the government has a 20% share in Malawi Telecommunications Limited (MTL).

It is reported that Malawi does not require accounting separation for operators with significant market power (SMP) in the telecom market. However, functional separation is legally required.

Malawi has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

It is reported that the Malawi Communications Regulatory Authority (MACRA), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

Section 10 of the Public Procurement and Disposal of Public Assets (Participation by Micro, Small, and Medium Enterprises) Order seeks to promote MSMEs and the marginalised by way of preferences and reservations. The Order sets a minimum threshold of 15% for the procurement of goods and services and 10% for the procurement of works to be granted under a preference scheme to marginalised groups. To ensure compliance with this provision, the law requires procuring and disposing entities to submit annual procurement plans indicating the value and percentage of procurement contracts intended for award to MSMEs and quarterly progress reports.