A basic legal framework on intermediary liability for copyright infringement is absent in Peru's law and jurisprudence. In addition, complaints are reported regarding long-standing enforcement problems with the intellectual property (IP) provisions of the Peru-US Free Trade Agreement (Chapter 16, Art. 16.11.29), in particular with respect to the establishment of statutory damages for copyright infringement and trademark counterfeiting, and the notice and takedown and safe harbor system for Internet Service Providers (ISPs). Moreover, this is reiterated with respect to the rules relating to ISP liability in the EU-Peru-Colombia-Ecuador Agreement (Section 29). Finally, the Comprehensive Trans-Pacific Partnership Agreement, Chapter 18, Art. 18.82 includes relevant provisions limiting ISP liability and promoting a safe harbor for ISPs. However, national implementation of intermediate liability rules for service providers is still pending with no clear timetable.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Peru's law and jurisprudence.

The Second Final Supplementary of Decree N. 1182, on preservation of data derived from telecommunications, states that the concessionaires of public telecommunications services and the public entities related to these services must keep the data derived from telecommunications during the first 12 months in computer systems that allow their consultation and delivery online and in real time. At the end of the aforementioned period, they must keep said data for an additional 24 months, in an electronic storage system. The delivery of data stored for a period not exceeding twelve months, is done online and in real time after receiving judicial authorization. In the case of data stored for a period greater than 12 months, it will be delivered within 7 days following the judicial authorization, under responsibility.

According to Art. 13.11 of the First Amending Protocol (which amends the Additional Protocol to the Framework Agreement of the Pacific Alliance), the four parties (Chile, Colombia, Peru and Mexico) commit to allow cross-border information transfers through electronic means, including also the transfer of personal data for business activities. Moreover, in Art. 13.11.bis the parties commit to ban forced localisation of computer facilities in their national territories. Other binding commitments on data flows can be found in Article 14.11.2 of the Comprehensive and Progressive Agreement for Trans Pacific Partnership (CPTPP) and in Art. 13.11.2 of the Peru-Australia Free Trade Agreement.

Peru has a data protection framework in place. Law N. 29,733 aims to assure the fundamental right to the protection of personal data. The Regulation of the Data Protection Law, title III, regulates data treatment, by both public and private entities.

According to Art. 15 of the Peruvian Data Protection Law and Art. 19 of its Regulation N. 003-2013-JUS, personal data can be transferred to other countries whose data protection level is considered to be adequate. If the recipient country does not have an adequate level of protection, the data transmitter must guarantee that the processing of the personal data is made in accordance with the Peruvian legal framework. This provision is not applicable in the following cases:
- when the data subject has granted their consent to the transfer of their data under these conditions;
- the transmission of personal data is conducted within the framework of international judicial cooperation or the application of international trade in this regard;
- international cooperation among intelligence agencies;
- when the personal data is necessary for the execution of a contractual relationship with the data subject;
- when referring to banking and security transfers;
- when the transfer is made for the purposes of protecting, preventing, diagnosing, and providing medical treatment to the data subject.

According to Arts. 1-2 of Law No. 27.336, the Supervisory Body for Private Investment in Telecommunications (OSIPTEL), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

Peru has appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

Peru does not mandate functional separation for operators with significant market power (SMP) in the telecom market. However, there is an obligation of accounting separation since 2019. The Instructions on Accounting Separation in the Telecommunications Sector and the Procedure for Accounting Separation regulate how accounting separation must be made in the telecommunications sector.

There is an obligation for passive infrastructure sharing in Peru to deliver telecom services to end users. It is practiced in the mobile sector and in the fixed sector based on commercial agreements. Art. 12 of Supreme Decree No. 024-20l4-MTC establishes that passive infrastructure providers for mobile public services are obliged to make their infrastructure available to operators of public mobile telecommunications services that require it […]. Law No. 30,083 regulates passive infrastructure providers and creates a framework to allow mobile operators to enter into the market. For this purpose, mobile service businesses must allow access to networks (passive and active infrastructure). These providers must register in the Transports and Communications Department, complying also with Supreme Decree No. 024-2014-MTC.
Moreover, the sharing of passive infrastructure is currently mandatory for Telefónica del Perú S.A.A., as it has been declared an important provider in the wholesale market for internet and data transmission by Resolution of the Board of Directors No. 154-2019-CD/OSIPTEL. In accordance with the provisions of Board of Directors Resolution No. 132-2012/CD-OSIPTEL Likewise, Telefónica del Perú S.A.A. is obliged to share passive infrastructure (poles, ducts, co-location, among others), for which the Basic Offering of Sharing approved by Resolution No. 00039-2016-GG/OSIPTEL applies.

Decision No. 486, Decree No. 1,075, and Decree No. 1,044 provide a framework for effective protection of trade secrets. First, Art. 260 of the Decision No. 486 defines trade secrets and Art. 245 allows requesting precautionary measures to stop an alleged infringement, obtaining or retaining evidence, or ensuring the effectiveness of the action or compensation for damages. Moreover, Art. 3 of the Legislative Decree No. 1,075 considers trade secrets as an element of industrial property, and Art. 13 of Decree No. 1,044 lists trade secrets infringement factual situations. INDECOPI ("Instituto Nacional de Defensa de la Competencia y de la Protección de la Propiedad Industrial") is the competent authority that applies the above-mentioned regulations in proceedings regarding trade secrets.

Peru has ratified the World Intellectual Property Organization (WIPO) Copyright Treaty.

Peru has ratified the World Intellectual Property Organization (WIPO) Performances and Phonogram Treaty.

Copyright is not adequately enforced online in Peru. It is reported that rights holders cite particular concerns with respect to internet piracy. In addition, there are around 280 million visits to 100 illegal domain names regarding streaming, torrent sites, and illegal online broadcasting. Allegedly, there are sites that stream audiovisual works, stream-ripped protected content, broadcast retransmissions, and communicated sports events to the public without the rights holder’s authorization. However, it is reported that efforts to reduce piracy have been significant, both by the Copyright Directorate and the Directorate of Distinctive Signs of INDECOPI (National Institute for Competition and Intellectual Property Defense). In addition, it is reported that the rate of unlicensed software installation in the country was 62% in 2017 (above the 52% rate of the Latin American countries) for an estimated commercial value of USD 190 million.

Peru is a party to the Patent Cooperation Treaty (PCT).