Art. 6 of the Law on Telecommunications requires that all telecommunications operators and persons involved with the telecommunications sector shall provide "telecommunications information and communication technology service data" to the Ministry of Post and Telecommunications. In practice, this gives the Ministry unfettered rights to demand that all telecommunications service providers provide data on their service users. This could operate as an obligation for companies to surrender data without the requirement of a judicial warrant or other safeguards protecting the right to privacy.
Art. 97 of the law permits the secret surveillance of any and all telecommunications where it is conducted with the approval of a “legitimate authority.” There is no definition of what constitutes a “legitimate authority”. This appears to create a power to secretly eavesdrop without any public accountability or safeguards to protect individuals’ right to privacy.

It is reported that some articles of Sub-Decree No. 23 could imply the requirement to provide the government with direct access to personal data collected. Art. 14 establishes that the Ministry of Post and Telecommunications (MPTC) and Telecommunication Regulator of Cambodia (TRC) can monitor the infrastructure, connections, and equipment of the National Internet Gateway (NIG). NIG refers to the gateway where all Internet services must be connected nationally and internationally (Annex 1). NIG operators shall:
- Prepare and maintain technical records, IP Address allocation table, and route identification of traffic transiting through NIG;
- Compile and maintain reports and relevant documents concerning the connections and all Internet traffic;
- Provide other information as required by the MPTC and TRC.

The E-commerce Law establishes a safe harbour regime for intermediaries for copyright infringements. According to Art. 24 of the law, internet intermediaries are not liable for unlawful third-party content on their online platforms. However, they must comply with certain mandatory content removal procedures upon becoming aware of such content (Art. 25). Additionally, pursuant to Art. 27, intermediaries are obligated to comply with an e-commerce code of conduct.

The E-commerce Law establishes a safe harbour regime for intermediaries beyond copyright infringements. According to Art. 24 of the law, internet intermediaries are not liable for unlawful third-party content on their online platforms. However, they must comply with certain mandatory content removal procedures upon becoming aware of such content (Art. 25). Additionally, pursuant to Art. 27, intermediaries are obligated to comply with an e-commerce code of conduct.

It is reported that Cambodia imposes an identity requirement for SIM registration. Anyone wanting to purchase a SIM card has to provide their national ID card or a passport in case of foreigners to activate a new prepaid SIM card.

Clause 7 of the Inter-ministerial Prakas No. 170 requires that all Internet Service Providers (ISPs) who operate in Cambodia have to install software programs and equip themselves with Internet surveillance tools to easily filter and block any social media accounts or pages that run their business activities and/or publicise illegally. In addition, Clause 6 establishes that the Ministry of Information should manage information published through electronic systems, including all news contents or written messages, audio, photos, videos, and/or other means on websites and social media by using the internet in the Kingdom of Cambodia.

According to Clause 7 of the Inter-ministerial Prakas No. 170, the Ministry of Posts and Telecommunication can “block or close the websites and/or social media page which (...) publicise illegally which considered as incitement, breaking solidarity, discrimination, create turmoil by will, leading to undermine national security, and public interests and social order”. It is reported that some of the grounds, notably on "national economy", “public interest” and “national security” are not specifically defined and thus could be interpreted broadly, including to discriminate foreign websites and content providers.
A similar requirement is found in Art. 7 of the Law on Telecommunications, which provides that in the event of “force majeure”, the Ministry of Post and Telecommunications or other relevant ministries may order private telecommunications operators to “take necessary measures.” The Law does not specify the force majeure circumstances compelling discretionary government powers to direct the operation of private companies or what “necessary measures” may entail. It is reported that this provision is vulnerable to abuses, including shutting down social networks and other internet-based services.

It is reported that news and other websites are periodically blocked in Cambodia. For instance, in April 2020, two websites owned by the news outlet TVFB were reportedly blocked by the Telecommunication Regulator Cambodia (TRC), and remain inactive. Additionally, in February 2023, reports surfaced stating that the TRC instructed internet service providers (ISPs) to block access to VOD's news sites in both English and Khmer languages following the Prime Minister's decision to revoke the license of VOD's parent organization. Moreover, in June 2023, there were further reports of the government blocking other news outlets such as Radio Free Asia (RFA), Cambodia Daily, and the public information portal Kamnotra.

Art. 27.2 of the Law on Consumer Protection mandates that any advertising shall be in Khmer language. Furthermore, Art. 9 of Sub-Decree No. 232 requires all commercial advertising of products and services - by any channel - to use Khmer as the primary language. If foreign-language text is used in advertisements, it must comply with the Sub-Decree rules on placement and font size to ensure the Khmer text retains its prominence. It is reported that the Khmer language requirement can be an onerous obligation for some businesses.

Art. 15 of the Law on Telecommunications provides that a license from the Telecommunication Regulator of Cambodia (TRC) and the Ministry of Posts and Telecommunications (MPTC) is required for the provision of VOIP and Internet café services.

Art. 99 of the Law on Telecommunications introduces sentences of six months to two years imprisonment and heavy financial penalties for “any act of producing, installing or distributing software or hidden audio recorders for recording dialogue” without approval from the authorities. It is reported that this unclear provision, which seems to require government approval for any software that can record sound, could potentially criminalise the basic use, sharing, or development of software such as smartphone apps. Additionally, the range of sound-recording hardware concerned with this provision is unclear.

In March 2012, the Cambodia Custom and Excise General Department announced a ban on the import of old computers and spare parts for occupational purposes, except for self-consumption and/or charity, in a minor amount.

It has been reported that Cambodia's Customs and Excise Department engages in non-transparent practices that appear arbitrary. Importers frequently cite problems with undue processing delays, burdensome paperwork, and unnecessary formalities.

It is required that several products sold in Cambodia obtain national certification, although this certification is often based on international standards. Foreign manufacturers must sign an agreement with the Institute of Standards of Cambodia (ISC) to obtain local certification. Any entity can apply for a license that would allow it to use the ISC Certification Mark. The license has a validity of three years, which can be extended for three years at a time, subject to satisfactory operation of the license.

Cambodia is a party to the Patent Cooperation Treaty (PCT).