According to Art. 2 of Resolution No. 153, all entities established in Cuba to carry out export or import activities must be registered in the National Registry of Exporters and Importers. It is reported that there are costs and delays in the process of registering a company as an authorized supplier. While there is no fee to register, companies have reported that total translation and legalization costs in both countries range from US$5,000 to US$10,000, depending on the size of the company and the number of documents required. If the company has not been in business for a period of two years, the registration lapses and the process must begin again.

According to Art. 8 of Decree-Law 370, the Ministry of Communications issues licenses to providers of services related to the computerization of Cuba so that they can project, install, maintain and market computer programs and applications, according to the conditions set forth in the law.

The indicator "6.2.4 - Government Internet shut down in practice" of the V-Dem Dataset, which measures whether the government has the technical capacity to actively make internet service cease, thus interrupting domestic access to the internet or whether the government has decided to do so, has a score of 2 in Cuba. This corresponds to "The government shut down domestic access to the Internet several times this year."

Digital advertisement is administered and managed by Empresa de Telecomunicaciones de Cuba S.A. Advertisers who wish to publish content on the network must use the services of this state company. Other alternatives, also state-owned, are Offer, from the Cuban News Agency (ACN) and the services of Cubavisión International or Radio Taíno. Cuba has an absence of regulation in the field of communication. The most advanced in this regard is the bill on Advertising, Promotion, Public Relations, Institutional Propaganda and Public Good Propaganda drafted by a commission of the former Cuban Association of Publicists and Propagandists (ACPP).

Resolution No. 179/2008 allows the restriction of sites and applications that are contrary to social interests, ethics, and morals and/or threaten State security by public internet access service providers. If providers fail to do so, according to Art. 21, their licenses can be invalidated or their contracts suspended. It is reported that this broadly worded law has been used to block websites like Yahoo, Facebook, Twitter, Telegram, and WhatsApp following the protest on 27 November 2020, which took place after authorities raided the headquarters of Movimiento San Isidro (MSI). Facebook was also intermittently inaccessible, while home and mobile subscribers experienced widespread service outages. Cuban internet users reported that Telegram was inaccessible for approximately five weeks as of October 2020, along with several popular VPNs.

Decree Law 370/2019 prohibits Cuban citizens from hosting their writings on foreign servers, including social media platforms such as Facebook, and prohibits the circulation of "information contrary to social interest, morality, good customs and the integrity of people". It has been reported that this decree has been used to block blogs and independent journalism publications. For example, Empresa de Telecomunicaciones de Cuba S.A. (ETECSA) blocks dissident or independent media outlets and the sites of Cuban activists and dissident organizations, and recently began blocking foreign media outlets that do not focus on Cuban content. The Miami Herald and El Nuevo Herald were blocked as of December 2020. Major Cuban news and journalism sites that are blocked in Cuba include El Estornudo, 14ymedio, Diario de Cuba, Cibercuba, CubaNet, Cuba Encuentro, Periódico Cubano, La Asociación Pro Libertad de Prensa, Gato Pardo, Tremenda Nota, Proyecto Inventario, Rialta and Martí Noticias as of December 2020.

In Cuban “parknets” (the name given to public places from which the Internet can be accessed), a number of websites have reportedly been blocked, including media outlets.

Art. 53 of Decree 42/2021 establishes the permission for the Cuban state communications company to block or suspend the networks used to disseminate information considered false or harmful to "public order".

According to Art. 51 of Decree-Law No. 360, providers and operators must:
- block the sending, receiving or transmission of harmful mass messages that are sent through their networks and use their services;
- Temporarily suspend for up to a month communications between their networks and those established with the networks of foreign operators or providers that do not adopt the necessary measures to prevent the traffic of harmful mass messages, which is notified within 72 hours after to its suspension and, in the same term, report to the Ministry of Communications;
- Temporarily suspend for up to one month the service provided to users responsible for sending harmful mass messages, which is notified within 72 hours after its suspension and, in the same period, informs the Ministry of Communications, the agencies of the Ministry of the Interior or the Office of the Attorney General of the Republic.
In Art. 53, the Decree establishes that any natural or legal person who transports them or mediates in their dissemination or transmission or has influenced their content is responsible for sending harmful mass messages, if through their technical means they had known it and did not avoid its transportation, dissemination, transmission, sending and forwarding.

To access the Internet in Cuba, the user must go to one of the offices of the state-owned Empresa de Telecomunicaciones de Cuba S.A. and sign up for an account at Nauta, the Internet service network. Registration requires payment and presentation of an identity card. With this, the user creates an account with a password and obtains a rechargeable credit card to access the Internet at any point of entry with Wi-Fi.

Art. 60 of Decree-Law No. 360 establishes that computer systems in which access is possible by multiple users should implement a personal and unique user identifier. The article adds that the people to whom user identifiers are assigned are responsible for the actions realised with their user identifier. In the event of termination of the employment relationship or other causes determined by the entity managing the computer system, the user identifier should be eliminated. In all cases, the the traces of use of the access credentials should be preserved for a period of no less than one year.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Cuba's law and jurisprudence.

According to Art. 110.1 (Chapter II ) of the Decree Law No. 389 of 2019, the authorities can carry out electronic surveillance without prior judicial approval and use the information obtained in criminal cases.

A basic legal framework on intermediary liability for copyright infringement is absent in Cuba's law and jurisprudence.

In Cuba, Law 149/2022 regulates the protection of personal data, consolidating the right to privacy provided under Art. 97 of the Constitution of the Republic of Cuba. The Law applies to public and private bodies, introduces the concepts of data owners, with specific rights, as well as responsible persons, and designated persons. Processing of personal data in Cuba is underpinned by 12 personal data protection principles which must be complied with in any such activities. Interestingly, the Law details an extensive definition for personal data and requires the establishment of a data retention regime and even specifies a statutory retention period of five years, if it is not otherwise stated by law for a category of record. Although the Law does not establish a new data protection authority, the Ministry of Justice (MINJUS) is tasked with ensuring compliance and various public bodies are permitted to authorise cross-border transfers of personal data.