Art. 10 of Decision No. 48/SP/PC/ARPT/17 stipulates that in the course of carrying out the activity covered by its authorisation to establish and operate hosting and storage services for computerised content, the service provider is obliged to guarantee that customer data is hosted and stored on national territory and to guarantee a backup solution for data hosted or stored. The term "service provider" is defined as any natural or legal person who has been granted authorisation to establish and operate hosting and storage services for computerised content for the benefit of remote users as part of cloud computing services, in compliance with the requirements set out in the legislation and regulations in force.

Art. 6 of Decree No. 20-332 establishes that "the online information activity is subject to the publication through an electronic site, whose hosting is exclusively domiciled, physically and logically in Algeria, with a domain name extension ".dz"."

Art. 10 of Decision No. 48/SP/PC/ARPT/17 stipulates that in the course of carrying out the activity covered by its authorisation to establish and operate hosting and storage services for computerised content, the service provider is obliged to establish its infrastructure on national territory and guarantee that it is set up using equipment incorporating the most recent and proven technologies. Furthermore, the service provider is required to provide services via infrastructures specifically declared for this authorisation. The term "service provider" is defined as any natural or legal person who has been granted authorisation to establish and operate hosting and storage services for computerised content for the benefit of remote users as part of cloud computing services, in compliance with the requirements set out in the legislation and regulations in force.

Art. 44 of Law No. 18-07 provides that the data controller may only transfer personal data to another foreign state upon authorisation of the data protection authority and if that state ensures an adequate level of protection of the privacy and fundamental rights and freedoms of individuals with regard to the processing to which such data are or may be subject. Art. 45, however, provides that, by way of derogation to Art. 44, the data controller may transfer personal data to a foreign State subject to certain conditions, including: if the data subject has expressly consented to their transfer; if the transfer is made pursuant to a bilateral or multilateral agreement to which Algeria is a party; with the authorisation of the national authority; if the transfer is necessary: (a) to safeguard that person's life; (b) the preservation of the public interest; (c) compliance with obligations to ensure the recognition, exercise or defence of a legal right; (d) the performance of a contract between the controller processing and the data subject, or measures pre-contractual agreements taken at the latter's request; (e) the conclusion or performance of a contract concluded or to conclude, in the interest of the data subject, between the controller and a third party; (f) the execution of a mutual legal assistance measure international; (g) prevention, diagnosis or treatment of medical conditions.

Algeria has not joined any agreement with binding commitments to open transfers of data across borders.

Law 18-07 provides a comprehensive regime of data protection in Algeria. It establishes general personal data protection requirements such as express consent, data processing notifications, data subject rights, and restrictions on direct marketing and data transfers.

Art. 11 of Law No. 09-04 requires communication service providers to store, for a period of one year after the registration, data allowing the identification of users of their services and data enabling the recipient(s) of the communication to be identified as well as the addresses of the sites visited. This requirement covers all service providers, defined in Art. 2 to include any public or private entity which offers users the possibility of communicating by means of a computer system and/or a telecommunications system; and any other entity processing or storing computer data for communication services or their users.

According to Art. 3 of Law No. 09-04, subject to the legal provisions guaranteeing the secrecy of correspondence and communications, implementation of technical devices carrying out operations of surveillance of electronic communications, collection and recording in real time of their content as well as searches and seizures in a computer system may be carried out for purposes of protection of public order, for investigations or after judicial request. Art. 4 lists instances when such surveillance may be carried out, including:
- to prevent offences qualified as terrorist or subversive acts and offences against State security;
- when there is information on a probable attack on a computer system representing a threat to public order, national defence, State institutions or the national economy;
- for the purposes of investigations and judicial information when it is difficult to arrive at results relevant to the research in progress without resorting to electronic surveillance;
- in connection with the execution of requests for international legal assistance.

Art. 62 of Law No. 23-12 stipulates that a preference margin is granted to products of Algerian origin and/or to companies under Algerian law whose capital is majority-owned by resident nationals. Art. 111 provides that the terms of application of the provisions of this Law shall be defined by regulation. However, a regulation has not yet been adopted and, according to Art. 112, the previous provisions shall remain applicable until the adoption of the new regulatory texts. Consequently, the margin of preference is granted at a rate of 25%, in accordance with Art. 83 of Presidential Decree No. 15/247 since 2015.

It is reported that Algeria has established a regulatory framework mandating passive infrastructure-sharing obligations in the telecommunications sector, both in mobile and fixed sectors.

Art. 82 of Law No. 23-12 stipulates that foreign companies that submit bids alone unless there are compelling reasons to do otherwise, must subcontract at least 30% of the initial contract amount to companies that are legally domiciled in Algeria. The aforementioned requirement was already in force in Art. 85 of Presidential Decree No. 15/247 since 2015, which is still in force pending the adoption of a regulation for Law No. 23-12.

Algeria is home to three mobile phone and data network operators, namely Djezzy, Algérie Télécom Mobile, and Wataniya Telecom Algérie. The largest of these by subscriptions is Optimum Télécom Algérie, which operates under the brand name of Djezzy, which became fully state-owned in August 2022 after Veon sold its 45.5% stake in Djezzy to the government-controlled Algerian National Investment Fund (Fonds National d'Investissement, FNI). The fixed incumbent, Algérie Télécom Mobile, is also fully state-owned.

Art. 58 of Law No. 23-12 stipulates that contracting authorities must reserve a maximum of 20% of contracts for small or micro-enterprises, start-ups, or any entity designated as such.

It is reported that the State of Algeria has not established functional separation for the operator with significant market power. Yet, Art. 110 and 123 of Law No. 18-04 (Loi No. 18-04 du 24 Chaâbane 1439 correspondant au 10 mai 2018 fixant les règles générales relatives à la poste et aux communications électroniques) provide for accounting separation for operators with significant market power.

Art. 64 of Law No. 23-12 stipulates that the specifications for international calls for competition must provide foreign bidders or subcontractors with a minimum threshold of professional integration of the national workforce and qualified national executives.