Art. 17 of Law No. 1/2016 stipulates that any mechanism or system for storing, archiving, structuring and accessing citizens' personal data (referred to as "ficheros" in the law, that is "databases") may be created by private initiative only with the appropriate concession or administrative authorisation from the competent authority. In addition, according to Arts. 19 and 20, the project must be notified in advance to the Data Protection Authority, which must include the following information:
- The purpose of the database and its intended use;
- The persons or categories of persons from whom personal data are to be obtained or who are required to supply them;
- The address and location of the database;
- The basic and technical structure of the file and a description of the types of personal data it contains;
- The established procedure for obtaining personal data;
- The conditions governing the communication of personal data and their communication to third parties;
- The bodies or persons responsible for the database;
- The bodies to which the rights of access, rectification, cancellation and opposition may be exercised;
- The security measures in place, with an indication of the level applicable, whether basic, medium or high;
- The registration and notification data.

Equatorial Guinea requires licences for imports of goods valued at over 50,000 CFA francs (approx. USD 83). This must be done through an authorised bank, and pre-shipment inspection is required for most goods. Companies in Equatorial Guinea have indicated that the need to obtain prior authorisations or licences for imports is one of the most cumbersome parts of the trade process and that licences have an ad valorem cost of up to 10% of the trade value.

It is reported that foreign investors must comply with local content rules, which vary by sector. A certain percentage of local content must be included in goods and technologies produced by companies with foreign investors. In addition, local content rules require that foreign workers not exceed 10% of the total workforce. It is also reported that local content rules are applied inconsistently, creating disincentives for foreign investment.

It is reported that there is a requirement for prior authorisation or licences issued by the Ministry of Trade for all exports. Businesses in Equatorial Guinea have identified this requirement as the most cumbersome part of the trade process. All traders are also required to register with the Ministry of Trade. The country's export regulations and procedures also lack transparency, and official trade data and information are not readily available. These challenges are reported to be problematic for shipping companies, small traders and traders of non-traditional products.

Art. 18 of Law 7/2005 establishes that all telecommunications apparatus, terminals, equipment and systems require a certificate of approval for connection to the network and for the provision of any telecommunications service or activity to be issued in the manner established by regulation of the Regulatory Authority. The same article stipulates that no telecommunications equipment or system may be imported or marketed in any manner whatsoever without the appropriate approval certificate. Within the framework of these legal provisions, the Regulation on the Approval of Telecommunications Equipment, Devices and Systems was adopted in 2012.
Art. 2 of the Regulation on the Approval of Telecommunication Equipment, Devices and Systems in the Republic of Equatorial Guinea establishes the general regime, requirements, procedures, deadlines, characteristics and conditions for the approval of telecommunications equipment, apparatus and systems, as well as their installation in Equatorial Guinea with the objective to avoid electromagnetic interference and to ensure electromagnetic compatibility with other uses of the frequency spectrum. Art. 10 stipulates that the "Oficina Reguladora de las Telecomunicaciones (ORTEL)" may use the following mechanisms to carry out approval processes: technical tests carried out by ORTEL or homologation in laboratories accredited by ORTEL if the equipment or device has not been subject to approval. If the equipment or device has been approved abroad, ORTEL will validate and certify the approval through the recognised certification of a third country. Art. 21 provides that ORTEL acknowledges the validity of technical specifications, certificates of conformity, or documents of compliance with international technical regulations from international organisations and laboratories listed in Annex II of the Regulation.

Chapter I of Title II of Regulation No. 02/18/CEMAC/UMAC/CM of the Central African Economic and Monetary Community (CEMAC) provides that companies and individuals resident in CEMAC countries must obtain authorisation from the Bank of Central African States (BEAC) to hold offshore and onshore foreign currency accounts. If the BEAC does not act on the application within 30 days, it is deemed to have been approved. It is reported that these regulations force most companies to maintain their bank accounts in XAF rather than a foreign currency.

According to the Instruction No. 8/GR/2019 issued by the Governor of the Bank of Central African States to facilitate the interpretation and implementation of the Economic and Monetary Community of Central Africa (CEMAC) Regulation 02/18/CEMAC/UMAC/CM, there is a limit of 1 million XAF (approx. USD 1,700) per month and per person for the remote settlement of transactions, including online payments. According to Arts. 7-8, justification needs to be provided above this limit. The Instruction provides guidance on the provision of Art. 34 of the Regulation, which implements certain limits for using electronic payment instruments outside the CEMAC and applies to the six CEMAC member states, including Equatorial Guinea.

The Revised Bangui Agreement is a regional intellectual property law that is not only a regional convention applicable in all member states but also serves as a national intellectual property law in Equatorial Guinea and each of the other member states. The Revised Bangui Agreement contains provisions on copyright in Annex VII: Chapter IV (Limitations to Economic Rights) and establishes a regime of copyright exceptions. However, the exceptions do not follow the fair use or fair dealing model, therefore limiting the lawful use of copyrighted work by others.

Art. 42 of Law No. 1/2017 states that service providers and recipients shall have an obligation to provide the government with all the information and collaboration necessary for the exercise of their legal powers, allowing their agents and inspecting or controlling personnel access to their facilities, the consultation of any documentation and the manipulation of their electronic equipment, systems and applications. The need for a court order is not specified in the law. Service providers are defined as the natural or legal persons who provide communication or information services via the Internet or the information society.

Equatorial Guinea has not signed the World Intellectual Property Organization (WIPO) Copyright Treaty.

Art. 41 of the Ministerial Order No. 3/2020 states that the judicial authority and other bodies authorised by Equatoguinean legislation can authorise interception by telecom licence holders, subject to public service obligations. Obligated subjects must configure their equipment in such a way as to facilitate access by authorised agents to all communications transmitted, generated for transmission or received by the subject of a lawful interception, as well as to the traffic data associated with these communications. Also, Art. 42.6 provides that where obliged entities apply compression, encryption, digitisation or any other type of encoding to communications subject to lawful interception, they shall hand over those communications without the effects of such processes, provided that they are reversible. In addition, Art. 42.7 stipulates that interception must take place in real-time. Art. 42.3 also stipulates that the obligated parties must communicate to the authorised agent, among other data, the identity or identities of the subject of the interception measure and the other parties involved in the electronic communication.
According to 6 and Art. 34 of the Ministerial Order, the companies subject to public service obligations include fixed telephony, broadband, 2G, 3G, 4G and 5G mobile telephony and data services. In addition, carrier services for the provision of voice, data and broadband, as well as broadcasting services and their respective networks, are also considered essential.

Equatorial Guinea has not signed the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.

It is reported that the government requires internet service providers, whether local or foreign, to turn over source code.

Equatorial Guinea does not have a comprehensive framework in place that provides effective protection of trade secrets, but there are limited measures addressing some issues related to them. In particular, the country has established provisions addressing disclosure, acquisition or use of confidential information in the course of industrial or commercial activities by third parties in Art. 6 of Annex VIII of the Bangui Agreement, which has been ratified by 17 States, including Equatorial Guinea in 2002.

Art. 31 of the Ministerial Order No. 3/2020 requires economic agents operating public networks to facilitate access to their network centres and allow facility sharing.