El Salvador has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

El Salvador has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

El Salvador has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

Decree No. 776 on Consumer Protection Law provides a comprehensive framework for consumer protection that also applies to online transactions. Art. 4 of the Consumer Protection Law provides a taxative list detailing the basic rights of the subjects benefited by the law. In addition, Arts. 21-A and 21-B refer to the obligations of suppliers in e-commerce.

According to Art. 1 of the Law for the Facilitation of non-commercial online purchases (Decree No. 208), purchases of up to USD 300 made by individuals under the modalities of postal shipments, express delivery or courier companies, small family shipments and air parcels managers are exempt from the payment of import duties and are not be subject to compliance with non-tariff requirements.

It is reported that El Salvador does not restrict self-certification for foreign entities, but only requires compliance with ITU standards. Art. 5 of the Telecommunications Law, on technical standards, states telecommunications equipment shall be subject to the norms and standards recommended by the International Telecommunications Union (ITU) or by other international organizations recognized by El Salvador.
In El Salvador, there is no homologation process for equipment that occupies radio frequencies. But there is a verification and/or analysis of low-power devices (DBP). This process is for all devices that work in any band of the Radio Spectrum and it is analyzed if they are in accordance with the technical conditions stipulated in the National Frequency Allocation Table (CNAF or Cuadro Nacional de Atribución de Frecuencias). The natural or legal person who so requires, since it is not an obligation, may request a review of such devices, attaching the technical documentation necessary for the analysis.
It is reported that the following products need the approval of SIGTEC (Superintendencia General de Electricidad y Telecomunicaciones): RFID devices; WIFI modules; Bluetooth; Zigbee products; Wireless Gateways.

It is reported that private companies express concerns regarding the inconsistent and discretionary application of customs regulations and procedures, resulting in unpredictable delays and administrative fines. For instance, exporting from the duty-free zone is unduly cumbersome, with a requirement that a representative of the receiving company and the shipping company be physically present for the exchange of documents and release of materials.

It is reported that El Salvador imposes an identity requirement for SIM registration. Anyone wanting to purchase a SIM card has to provide their national ID card, or a passport in case of foreigners, to activate a new prepaid SIM card.

A basic legal framework on intermediary liability for copyright infringement is absent in El Salvador's law and jurisprudence. However, Art. 15.11.27 of the Central America - United States - Dominican Republic Free Trade Agreement (DR-CAFTA) of 2013 regulates limitations on the liability of Service Providers for copyright and related rights; as well as Art. 272 of the Agreement with the European Union and Art. 15.69 of the Free Trade Agreement between the Republics of Central America and the Republic of Korea.

A basic legal framework on intermediary liability beyond copyright infringement is absent in El Salvador's law and jurisprudence.

Art. 5 of the Law for the Regulation of Information Services on Credit History of Persons states that the Central Reserve Bank shall have unrestricted access to the databases of public law institutions or private entities containing real-time credit history data information on individuals.

The Salvadoran Congress has approved in 2019 the Personal Data Protection Bill, but it has not been enacted by the President of the Republic. For the time being, there is no comprehensive regulation on data protection and the current rules on personal data protection are contained in special sectoral laws, such as the Consumer Protection Law (amended in 2018), Law for the Regulation of Information Services on the Credit History of Individuals (since 2011), Law on Access to Public Information (since 2011), and Special Law on Computer and Related Crimes (since 2016, amended in 2022).

El Salvador lacks binding commitments on open transfers of cross-border data flows. Art. 14.5 of the Central America-Dominican Republic-US Free Trade Agreement (DR-CAFTA) incorporates a provision relating to cooperation on the free flow of data. However, this provision is not binding but instead proposes collaboration on this issue.

Art. 17 of the Law for the Regulation of Information Services on Credit History of Persons, as amended in September 2021, establishes that legal persons operating as data information agencies have the duty to maintain the database and its backup in the country. A data information agency is defined in Art. 3 as any legal person, public or private, with the exception of the "Superintendencia del Sistema Financiero" (Financial System Superintendency), which is engaged in collecting, storing, preserving, organising, communicating, transferring or transmitting data on the credit history of consumers or clients, through technical procedures, automated or not.

According to Art. 1 of the Decree. No. 808, the Superintendency of Electricity and Telecommunications of El Salvador, which is the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.