A basic legal framework on intermediary liability beyond copyright infringement is absent in Sri Lanka's law and jurisprudence.
Section 27 of the Online Safety Act establishes a safe harbour regime for intermediaries regarding the dissemination of 'prohibited statements'. It provides that any individual or entity engaged in the provision of services such as internet intermediation, telecommunications, public internet access, computing resources, email, short messaging services (SMS), multimedia messaging services (MMS), or one-to-one live aural communication shall not be held liable for the dissemination of a prohibited statement transmitted through an online platform owned, operated, or controlled by such a provider. Nor shall they be liable for enabling end users to access, via such a platform, a communication link containing a prohibited statement authored by a third party. In addition, where a false or prohibited statement, or other unlawful material, is removed within six months of the Act’s commencement, or where such material has been uploaded or tampered with by third parties, neither the owner of the online account nor the internet service provider shall bear liability in relation to the content in question.
It is reported that the enforcement of the Online Safety Act was halted in January 2025. The Government announced that it would not enforce the Act in its current form and that it would be implemented following modifications.

It is reported that an ICT Agency's decision requires the provision of a citizen’s national identity card number to access to public Wi-Fi hotspots.

Under Section 3 of the “Subscriber SIM Cards (Subscriber Identification Modules - SIM) Regulations No. 01 of 2019”, every operator shall comply with the regulatory measures specified in Schedules I and II for the registration of SIM cards of retail and corporate subscribers, respectively. Under Schedule I, each operator must obtain a duly completed and signed application form from the retail subscriber, including the following mandatory details: national identity card number, permanent address, and new telephone number. Under Schedule II, each operator must ensure that the application is accompanied by a true copy of the certificate of business registration and a list containing the name, national identity card number or driving licence number or passport number, permanent address, and present address of the employees of the corporate subscriber who are obtaining connections under the corporate package.
In accordance with Schedules I and II of the "Subscriber SIM Cards (Subscriber Identification Modules – SIM) Regulations No. 01 of 2019", all licensed digital cellular mobile service providers are mandated to retain subscriber information and furnish such data to the relevant authorities upon request. Notably, the Regulations do not specify a specific retention period for this data.

Reports indicated that several independent and other websites were subject to access restrictions in 2024. In addition, in April 2022, the Telecommunications Regulatory Commission reportedly suspended access to various social media platforms in Sri Lanka at the Ministry of Defence's direction. The services affected included Facebook, YouTube, Twitter, Instagram, and WhatsApp. This suspension was lifted after 15 hours. A similar restriction was imposed in 2019, during which access to platforms such as Facebook, Facebook Messenger, Viber, Snapchat, and Instagram was blocked. Additionally, the use of the TunnelBear Virtual Private Network (VPN) was also restricted.

Pursuant to Sections 11(j) and 49(1)(b) of the Online Safety Act, websites providing social media functionalities to end-users in Sri Lanka are required to register to offer their services. The precise procedures for such registration will be prescribed through regulations enacted under the authority of the Act.
It is reported that the enforcement of the Online Safety Act was halted in January 2025. The Government announced that it would not enforce the Act in its current form and that it would be implemented following modifications.

Sri Lanka has appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

Sri Lanka is not a party to the World Trade Organization (WTO) Agreement on Government Procurement (GPA); however, it has held observer status since April 2003.

Foreign investment in Sri Lanka is governed by the Foreign Exchange Act. The Foreign Exchange Regulations No. 2 of 2021, issued under this Act, specify the types of investments that foreigners may undertake. There are no limitations on foreign ownership in sectors relevant to digital trade. Section A.8 of Part I of the Schedule to the Regulations restricts foreign ownership in mass communications to 40%; however, the term "mass communications" is not defined.

Pursuant to Section 71 of the Intellectual Property Act, where an applicant for the grant of a patent has neither an ordinary residence nor a principal place of business within Sri Lanka, such applicant must be represented by an agent domiciled in Sri Lanka. The name and address of the agent must be included in the application, which shall also be accompanied by a power of attorney duly executed in favour of the agent by the applicant.

It is reported that a shortage of personnel at the National Intellectual Property Office (NIPO) has led to a significant backlog in patent application processing. This staffing inadequacy is reported as the principal factor contributing to delays in application processing.

Sri Lanka is a party to the Patent Cooperation Treaty (PCT).

Sri Lanka maintains a well-defined framework of copyright exceptions, grounded in the principle of fair use, which permits the lawful utilisation of copyrighted material without prior authorisation. These provisions are codified in Sections 11 and 12 of the Intellectual Property Act.

Reports indicate that music and software piracy is prevalent in Sri Lanka. International firms operating within the recording, software, and film industries assert that insufficient protection and enforcement of intellectual property rights significantly undermine their commercial interests in the country.

Sri Lanka has not adopted the World Intellectual Property Organization (WIPO) Copyright Treaty.

Sri Lanka has not adopted the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.