Equatorial Guinea does not have a comprehensive framework in place that provides effective protection of trade secrets, but there are limited measures addressing some issues related to them. In particular, the country has established provisions addressing disclosure, acquisition or use of confidential information in the course of industrial or commercial activities by third parties in Art. 6 of Annex VIII of the Bangui Agreement, which has been ratified by 17 States, including Equatorial Guinea in 2002.

Equatorial Guinea is not a signatory of the 1996 World Trade Organization (WTO) Information Technology Agreement (ITA) nor the 2015 expansion (ITA II) as it is not a member of the WTO.

According to Law No. 6/1.990 on Special Regime for Investments of Small and Medium Enterprises (SMEs), several fiscal, customs and administrative benefits are established for Equatoguinean SMEs, including preferential access to public bids in the branch of their activity (Art. 18). According to Art. 6, Equatoguinean SMEs are companies with the following characteristics: (i) natural persons of Equatoguinean nationality own them; (ii) their share capital is represented by at least 51% by nationals and the management functions are effectively exercised by nationals; (iii) the annual turnover does not exceed XAF 500,000,000 (approx. USD 835,000). The special regime only applies to certain sectors, which are listed in Art. 8, including manufacturing and graphics services.

It is reported that, in order to register a new domain name under the ".sv" top‑level domain, an individual must be appointed as the administrative contact (that is, the person responsible) for the respective domain name. This individual is required to be a permanent resident of El Salvador.

Decree No. 776 on Consumer Protection Law provides a comprehensive framework for consumer protection that also applies to online transactions. Art. 4 of the Consumer Protection Law provides a taxative list detailing the basic rights of the subjects benefited by the law. In addition, Arts. 21-A and 21-B refer to the obligations of suppliers in e-commerce.

El Salvador has acceded to the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

El Salvador has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

El Salvador has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

It is reported that foreign companies have expressed concerns about the inconsistent and discretionary application of customs regulations and procedures, leading to unpredictable delays and administrative fines. For example, exporting from a duty‑free zone is considered unduly cumbersome, as it requires representatives of both the receiving company and the shipping company to be physically present for the exchange of documents and the release of materials. In addition, the customs valuation process for imports of express shipments remains unclear.

Self-certification is permitted in El Salvador for radio transmission equipment and for compliance with electromagnetic interference (EMI) and electromagnetic compatibility (EMC) requirements, allowing both domestic and foreign companies to demonstrate conformity through a Supplier Declaration of Conformity (SDoC), whereby the supplier or manufacturer attests that the equipment meets the applicable technical and administrative requirements. In practice, the conformity assessment procedures for EMC and EMI rely on such declarations, as there is no obligation to register equipment with the regulatory authority, nor a requirement to undertake testing in an accredited or recognised laboratory; where testing is conducted, the choice of laboratory remains at the discretion of the supplier or manufacturer. Compliance is primarily assessed against standards established by the International Telecommunication Union (ITU).

According to Art. 1 of the Law for the Facilitation of non-commercial online purchases (Decree No. 208), the de minimis threshold, that is, the minimum value of goods below which customs do not charge duties, is USD 300, above the 200 USD threshold recommended by the International Chamber of Commerce (ICC). This applies to purchases made by individuals under the modalities of postal shipments, express delivery or courier companies, small family shipments, and air parcel managers, who are exempt from the payment of import duties and are not subject to compliance with non-tariff requirements.

Art. 44 of the Law for the Protection of Personal Data stipulates that international transfers of personal data are permitted only when the recipient country adheres to the principles set out in this Law or the transfers are conducted through recognised international standards. Where the recipient country lacks an adequate level of protection, the transferring country must ensure compliance with this Law during data processing. Regardless of the recipient country’s protection level, data controllers must adopt appropriate and effective measures to ensure both the proper handling of the transferred data and the security of records at the time of transfer. An exception applies to transfers carried out under Central American Economic Integration treaties, where data transfers may proceed in accordance with the terms legally agreed by member states. In all cases, prior consent from the data subject is required, unless international instruments provide otherwise and such provisions are reciprocally applied among the signatory countries.

El Salvador lacks binding commitments on open transfers of cross-border data flows. Art. 14.5 of the Central America-Dominican Republic-US Free Trade Agreement (DR-CAFTA) incorporates a provision relating to cooperation on the free flow of data. However, this provision is not binding; instead, it proposes collaboration on this issue.