Tajikistan has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

Tajikistan has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Tajikistan has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

Tajikistan lacks a comprehensive framework for consumer protection that applies to online transactions.

Tajikistan does not implement any de minimis threshold, which is the minimum value of goods below which customs do not charge duties.

It is reported that TajikStandard, the government agency responsible for certifying goods and services and supervising compliance with state standards, lacks experts and appropriate equipment. TajikStandard does not publish its fees for licenses and certificates, or its regulatory requirements.

It is reported that Tajik laws and standards impose mandatory requirements for certification of safety, consumer health, environmental protection and reduction of the potential for damage to consumer property for certain products and services. Products requiring such certification include electronic and radio equipment (to test for electrical and magnetic compatibility and safety).
It is reported that, since 2014, Tajikistan recognizes third-party conformity assessments carried out overseas, by reciprocity. They are mainly from the Commonwealth of Independent States countries with which Tajikistan has signed mutual recognition agreements, and with Uzbekistan under a bilateral agreement. However, it is reported that in practice third-party conformity assessments are not always accepted.

The indicator "6.2.4 - Government Internet shut down in practice" of the V-Dem Dataset, which measures whether the government has the technical capacity to actively make internet service cease, thus interrupting domestic access to the internet or whether the government has decided to do so, has a score of 1 in Tajikistan. This corresponds to "The government shut down domestic access to the Internet numerous times this year."

The teleconferencing software Zoom is reported to have stopped working in January 2021. In the same month but a week earlier, Gmail, Instagram and Facebook became unavailable for two days. A number of VPN services also stopped working in the same period.

It is reported that Tajikistan requires mandatory SIM registration. In addition, it is reported that Tajikistan collects fingerprints from SIM card users.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Tajikistan's law and jurisprudence.

According to Art. 21 of the Law on Electric Communication, users are obliged to comply with the rules established for the use of electric communication services and, when concluding a contract, to present documents confirming the identity of a natural person or the constituent documents of a legal entity. Furthermore, pursuant to Art. 20, operators and providers of electric communications services are obliged to conclude contracts directly with natural or legal persons on the basis of identity documents for natural persons or constituent documents for legal persons. It should be noted that according to Art. 2, a natural person must present a passport (registration certificate for stateless persons) and a state registration certificate for legal persons. Services of electric communication is defined as product of activities of the operator and provider for acceptance, transfer, processing of signals and other types of information through networks of electric communication.

A basic legal framework on intermediary liability for copyright infringement is absent in Tajikistan's law and jurisprudence.

Act No. 1537 provides a comprehensive regime of data protection in Tajikistan.

According to Art. 18.2 of the Personal Data Act, international transfers of data are permitted to countries that provide adequate protection for personal data. However, the law does not provide a definition or description of what constitutes 'adequate protection'. Moreover, cross-border transfers to countries that do not provide adequate protection are possible in the following cases: with the consent of the data subject; where provided by international treaties binding on Tajikistan; for the protection of the rights and freedoms of persons and citizens, if it is impossible to obtain consent; and where provided by law, if it is necessary for the protection of constitutional order, public order, the rights and freedoms of persons and citizens, the health and integrity of citizens, and state security.