According to Art. 17 of Decree No. 100/97, importers of electronic communications equipment must register and obtain validation and authorisation of intent to import from the Telecommunications Regulatory and Control Agency (ARCT).

It is reported that Onatel Burundi is a fully state-owned telecommunications provider. It provides the full range of services, including fixed and mobile voice, broadband and internet.

It is reported that Burundi does not mandate functional or accounting separation for operators with significant market power (SMP) in the telecom market.

There is a requirement to acquire a license from the "Agence de Régulation et de Contrôle des Télécommunications" (ARCT, Regulatory Agency for Telecommunications) for operation in ICT sectors and to gain access to the frequency spectrum. Decree No. 100/97 of 2014 raised the cost of acquiring a telecommunication licence by more than 500% from USD 200,000 to USD 10 Million, as per Art. 33. It is reported that the increase impacts affordability and thus limits access to the internet in Burundi.
The ARCT regulates and licenses foreign companies that provide communication services, including Voice over Internet Protocol (VoIP), issues licenses to Internet service providers (ISPs), and regulates satellite usage, GPS, and VSAT. According to Art. 8 of Decree-Law No. 1/011, the ARCT grants authorisations to operate links, independent private networks, and value-added services provided by public and private operators. However, the government grants authorisations to operate commercial services after technical advice from the ARCT.

Burundi has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

Burundi has a telecommunications authority: "Agence de Régulation et de Contrôle des Télécommunications" (ARCT). However, it is reported that this entity is not fully independent.

Burundi has not joined any free trade agreement committing to open transfers of cross-border data flows.

Burundi has no comprehensive data protection law. However, Decree No. 100/182 of 30 September 1997, laying down organic provisions on telecommunications, contains data protection provisions and imposes confidentiality obligations on personal information (Art. 23-26).

Arts. 29 and 30 of Law No. 100/97 provide that, for public security reasons and judiciary inquiries, telecom operators must provide the full identity and geo-location of their subscribers in real time whenever asked by the Agence de Régulation et de Contrôle des Télécommunications (ARCT, Regulatory Agency for Telecommunications). Failure to identify subscribers attracts a fine of Burundian Francs 5,000,000 (USD 2,000).
In addition, it is reported that Art. 5 of Order No. 540/356 on fighting fraud in the ICT domain gives the "Agence de Régulation et de Contrôle des Télécommunications" (ARCT, Regulatory Agency for Telecommunications) the right to direct any operator to provide the detailed identity of any subscriber. Further, Art. 6 empowers the ARCT to provide a voice server where the operator must divert all phone communications of a user where crime is suspected. The operators must provide a secured web application to the regulator. Art. 9 allows the ARCT to request the full identity of an internet subscriber and their IP address and install IP probes on the technical installations of an ISP. Moreover, Art. 10 obliges operators to comply with any request by the ARCT and its technical partner in order to fight fraud in electronic communications. Failure to cooperate attracts a daily fine of five million Burundian Francs (USD 2,000). The legal text is not available online.

A basic legal framework on intermediary liability for copyright infringement is absent in Burundi's law and jurisprudence. The legal and regulatory framework around intermediary liability is not clear, which is reported to lead to insufficient legal certainty to conduct a wide range of activities, free from the threat of potential liability and the chilling effect of potential litigation. The Burundi Electronic Transaction Law, which has some provisions on intermediary liability, has not yet been promulgated. In addition, there are specific provisions that provide liability for intermediaries. Art. 30 of Law 100/97 of April 2014 on electronic telecommunications provides that operators of electronic communications are fully responsible for fighting fraud in their domains.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Burundi's law and jurisprudence.

Burundi has ratified the World Intellectual Property Organization (WIPO) Copyright Treaty.

Burundi has not signed the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.

Burundi does not have a comprehensive framework in place that provides effective protection of trade secrets, but there are limited measures addressing some issues related to them. These relate to confidential information set out in Law No. 1/13 of July 28, 2009, on Industrial Property in Burundi, with respect to traditional knowledge, established in Sections 254-264 and the preservation of manufacturing or trade secrets by judicial officers in patent court cases (Section 418). In addition, Law No. 1/06, of March 25, 2010, on the Legal Regime of Competition, deals with secrecy or confidentiality requirements for investigators to preserve business/trade secrets they access or acquire from entities during investigations (Sections 15-16).

It is reported that there is an obligation for passive infrastructure sharing in Burundi to deliver telecom services to end users. Moreover, passive infrastructure sharing is practised in the mobile and fixed sectors based on commercial agreements.