Côte d'Ivoire has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

Art. 163 of Ordinance No. 2012-293 provides that telephone operators and Internet service providers are required to identify their subscribers. Art. 3 of the Decree No. 2017-193, adopted pursuant to Ordinance No. 2012-293, requires telecom operators and service providers to identify their subscribers through the collection and storage of identification data. Under Art. 13, the identification data collected includes photo, date and place of birth, profession, email and physical address, plus the biometric national identity card or biometric national driving licence or biometric passport, which all enclose fingerprints, photo, signature, names, and parentage. In addition, Art. 28 introduces measures to ensure the identification of all cybercafé users.

According to Art. 8 of Decree No. 2014-105, the supply or importation of a cryptology means not exclusively ensuring authentication or integrity control functions, is subject to a prior declaration to the Autorité de Régulation des Télécommunications/TIC de Côte d'Ivoire (ARTCI, Telecommunications/ICT Regulatory Authority of Côte d’Ivoire). The modalities of this prior declaration are established by the ARTCI's decision. In this regard, the service provider or the person providing or importing a cryptology means must make a description of the technical characteristics of this cryptology available to the ARTCI.

Côte d'Ivoire has not joined any agreement with binding commitments on data flows.

Law No. 2013-450 provides a comprehensive regime of data protection in Côte d'Ivoire, addressing matters such as prior authorisation for processing sensitive data, defining consent as a central principle, necessitating data protection officer appointments, and providing restrictions on data transfers.

Under Art. 15 of Decree No. 2017-193, telecom operators and service providers are required to collect and keep copies of documents and data relating to subscribers’ identification throughout the duration of their subscription and, at least three years from the end of the subscription.

Law No. 2013-450 provides for the creation of a correspondent for the protection of personal data, who is a person enjoying qualifications to perform such missions and is the independent natural or legal person designated by the responsible person (the natural or legal person, public or private, any other body or association which, alone or jointly with others, takes the decision to collect and process personal data and determines the purposes thereof) to oversee the responsible person's obligations under the Law and ensure compliance with the Law (Art. 12). More information about this role can be found in Order No. 511/MPTIC/CAB. There are no requirements to carry out a Data Protection Impact Assessment in the Law No. 2013-450. However, it is reported that the Telecommunications/ICT Regulatory Authority of Côte d'Ivoire (ARCTI) is beginning to impose it as a good practice for any sensitive data processing.

Art. 3 of the Decree No. 2017-193 requires telecom operators and service providers to identify their subscribers through the collection and storage of identification data. Art. 14 specifies that “subscriber data is kept up to date and can only be accessed by third parties in the event of an investigation or judicial information, upon written request from the competent judicial authority and by agents appointed by the Telecommunications/ICT Regulatory Authority of Côte d’Ivoire (ARTCI, "Autorité de Régulation des Télécommunications/TIC de Côte d'Ivoire") as part of their control mission, in accordance with the regulations in force”. As a result, personal data appears to be accessible to the authorities also without a court order.

A basic legal framework on intermediary liability for copyright infringement is absent in Côte d'Ivoire's law and jurisprudence.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Côte d'Ivoire's law and jurisprudence.

Under Art. 16 of Decree No. 214-105, competent administrative or judicial authorities can access secret codes of encrypted data upon request to the Telecommunications Regulatory Agency of Cote d'Ivoire (ARTCI) or order decryption of data through the help of ARTCI.

Côte d'Ivoire does not have comprehensive trade secret legislation. Yet, there are provisions addressing disclosure, acquisition or use of confidential information in the course of industrial or commercial activities by third parties in Art. 6 of Annex VIII of the Bangui Agreement ratified by 17 French-speaking States, including Côte d'Ivoire since 2002.

Côte d'Ivoire encourages infrastructure sharing under Art. 35 of the Ordinance No. 2012-293 and makes it compulsory for SMP operators in the market for co-location (Art. 49). It is reported that passive infrastructure sharing is practised in both the mobile and fixed sectors.

The State of Côte d'Ivoire holds 5% in the capital of the leader in mobile telephony in Côte d'Ivoire (ORANGE CI).

Côte d'Ivoire does not mandate functional separation for operators with significant market power (SMP) in the telecom market. However, Art. 45 of Ordinance 2012-293, relating to telecommunications and information and communication technologies, lays down the principle of accounting separation of operators and powerful suppliers.