It is reported that a basic legal framework on intermediary liability for copyright infringement is absent in Ecuador's law and jurisprudence.

It is reported that a basic legal framework on intermediary liability beyond copyright infringement is absent in Ecuador's law and jurisprudence.

According to Art. 42 of Personal Data Protection Law, the controller shall perform a Data Protection Impact Assessment (DPIA) when its data processing has been identified as high risk to the rights and freedoms of the data subject, by its nature, context or purposes.

According to Art. 48 of Personal Data Protection Law, the Data Protection Officer must be appointed in the following cases:
- When the processing is carried out by those who make up the public sector in accordance with the provisions of Art. 225 of the Constitution;
- When the activities of the person responsible or in charge of the processing of personal data require a permanent and systematised control due to the volume, nature, scope, or purposes of the processing, as established in this law, the regulations thereof, or in the regulations issued in this regard by the Superintendency;
- When there is large-scale processing of special categories of data, in accordance with the provisions of the regulations of this law;
- When the processing does not refer to data related to national security and defence of the State that are confidential or secret, in accordance with the provisions of the specialised regulations on the matter.

Ecuador has not joined any free trade agreement committing to open transfers of cross-border data flows.

The National Assembly of Ecuador enacted on 26 May 2021 the Personal Data Protection Law, which is the first specific legal regulation about personal data protection. The law is currently in force, however some provisions will enter in force by May 2023.

According to Art. 56 of the Personal Data Protection Law, personal data can be transferred to countries that comply with internationally recognized standards in accordance with the criteria that will be established in the regulation of the law, which are not yet published. When necessary due to the nature of the transfer, the Personal Data Protection Authority may implement ex-post control methods. According to Art. 60 of the law, without prejudice to the provisions of the preceding articles, international transfers or communications of personal data may be carried out in some circumstances including with the explicit consent of the data subject, for the fulfillment of institutional competencies, to comply with a legal or regulatory obligation, and for the performance of a contract between the holder and the controller of the personal data.

It is reported that the "Agencia de Regulación y Control de las Telecomunicaciones" (ARCOTEL), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

Art. 40 of the Organic Telecommunications Law provides that for the granting and renewal of licenses for the provision of telecom services, the Agency on Telecommunication Regulation and Control (Agencia de Regulación y Control de las Telecomunicaciones, ARCOTEL) will consider the need to address: technological development, market evolution, the National Telecommunications Plan, the needs for the sustained development of the sector and of the State and universal access to information and communication technologies, as well as the effective satisfaction of the public or general interest.
Art. 40 also establishes that in the case of applications for the granting of new licenses, it must be evaluated whether any company or group of companies related to the applicant of the license provides the same service or similar services and the effects that the granting of the new license required could have on the market. For this purpose, a sworn statement must be submitted. In this regard, Art. 24 of the Telecommunications and Frequencies Enabling Titles Regulation provides that no license for the rendering of telecommunications services shall be granted to natural or juridical persons that have a valid license for the rendering of the same service of the general telecommunications regime, without prejudice to the application of the criteria set forth in Art. 40 of the Organic Law of Telecommunications.

Ecuador has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

It is reported that in Ecuador a number of telecommunication service providers in rural areas offer internet access services without a license or use licenses that are not suitable for such activity. This includes service providers offering internet services using enabling titles for the provision of different services, e.g. fixed telephony, wireless access, private radio, etc. This reportedly provides an unfair advantage to these providers as they are neither subject to the payment of taxes, nor to the payment of spectrum and concession fees.

Art. 34 of Ecuador’s Organic Telecommunications Law requires telecommunications suppliers with at least a 30% market share to pay 0.5% of their gross revenue to the government and an additional 1% of their gross revenue for each additional 5% market share they hold above 30%. However, Corporación Nacional de Telecomunicaciones (CNT), which is owned by the government, is not included in the calculation of market share and is exempt from the fees.
CNT is the dominant provider of fixed telecommunications services and is the second largest supplier of subscription television services. In addition to the fee exemption, the government of Ecuador maintains policies that favor CNT over other competitors, including exemptions from paying certain license taxes and fees.

It is reported that Ecuador does not mandate functional separation for operators with significant market power (SMP) in the telecom market. However, it is reported that there is an obligation of accounting separation.

According to Art. 313 of the Constitution of the Republic of Ecuador 2008, the State reserves the right to administer, regulate, control, and manage strategic sectors, including telecommunications. Furthermore, according to Arts. 316 of the Constitution of the State and 14. of the Organic Law on Telecommunications, public telecommunications services are provided directly by the State, through public telecommunications companies, or indirectly through delegation to mixed economy companies in which it has a majority shareholding.

The Corporación Nacional de Telecomunicaciones (National Corporation of Telecommunications) is the dominant provider of fixed telecommunication services, and is fully owned by the Ecuadorian Government. It was created by Executive Decree No. 218, which specifically establishes that the Ministry of Telecommunications and the Information Society, representing the State, is the sole shareholder.

La Empresa Pública Municipal de Telecomunicaciones, Agua Potable, Alcantarillado y Saneamiento de Cuenca (Etapa EP, Municipal Public Company of Telecommunications, Drinking Water, Sewage and Sanitation of Cuenca), created by a January 2010 ordinance, is another case in which the telecom operator is a state-owned enterprise. Initially created in February 1948, as Empresa Municipal de Electricidad, Agua Potable y Teléfonos (EMLAT), ETAPA EP provides municipal internet and fixed, wireless and public telephone services.