It is reported that the de minimis threshold, that is the minimum value of goods below which customs do not charge duties, is USD 20, below the 200 USD threshold recommended by the International Chamber of Commerce (ICC).

Law No-08-PR-2015 establishes a safe harbour regime for intermediaries for copyright infringements. Art. 92 prescribes for immunity of internet intermediaries provided that the service provider: (a) is not the source of the transmission; (b) does not select the recipient of the transmission; (c) does not select or modify the information that is the subject of the transmission. Under Art. 94, an intermediary service provider is not responsible for the information stored at the request of a recipient of the service provided that:
- the service provider has no actual knowledge of the illicit nature of the activity or information
- the service provider, as soon as it has such knowledge, following voluntary checks or based on serious information communicated by a third party, acts promptly to remove the information or to restore access to it impossible.
In addition, when the intermediary service provider becomes aware of the illicit content, Art. 95 mandates that they should communicate it immediately to the certification authority, which in turn approaches the public prosecutor to take necessary measures to seize the data. As long as the judicial authority has not made any decisions on the matter, the service provider can only take measures to prevent access to the information. A similar degree of safe harbour is provided under Art. 55 of Law No. 09 of 2015 on Cybersecurity and the fight against Cybercrime.

Law No-08-PR-2015 establishes a safe harbour regime for intermediaries beyond copyright infringements. Art. 92 prescribes for immunity of internet intermediaries provided that the service provider: (a) is not the source of the transmission; (b) does not select the recipient of the transmission; (c) does not select or modify the information that is the subject of the transmission. Under Art. 94, an intermediary service provider is not responsible for the information stored at the request of a recipient of the service provided that:
- the service provider has no actual knowledge of the illicit nature of the activity or information
- the service provider, as soon as it has such knowledge, following voluntary checks or based on serious information communicated by a third party, acts promptly to remove the information or to restore access to it impossible.
In addition, when the intermediary service provider becomes aware of the illicit content, Art. 95 mandates that they should communicate it immediately to the certification authority, which in turn approaches the public prosecutor to take necessary measures to seize the data. As long as the judicial authority has not made any decisions on the matter, the service provider can only take measures to prevent access to the information. A similar degree of safe harbour is provided under Art. 55 of Law No. 09 of 2015 on Cybersecurity and the fight against Cybercrime.

Chad does not have comprehensive trade secret legislation. Yet, there are provisions addressing disclosure, acquisition or use of confidential information in the course of industrial or commercial activities by third parties in Art. 6 of Annex VIII of the Bangui Agreement ratified by 17 French-speaking States, including Chad, since 2002.

According to Art. 95 of Law No. 14 of 2014, telephone operators and internet access providers are required to ensure the identification of their subscribers. If they do not comply, they are liable to the criminal and pecuniary sanctions.

It is reported that there is an obligation for passive infrastructure sharing in Chad to deliver telecom services to end users. It is practised in the mobile and fixed sectors based on commercial agreements.

Law No. 006/PR/2008 defines the regulation of foreign investment in Chad. It has been reported that certain sectors are closed or restricted de facto under this legislation. These include fixed telephony services, which are reserved for state enterprises. It is also reported that the only limit on foreign control is on ownership of companies deemed related to national security. Art. 11 stipulates that private investments are permitted in Chad, subject to specific provisions designed to ensure that the State's economic and social policy is respected, particularly regarding the protection of health, safety and public hygiene, social protection and environmental protection.

Groupe Sotel Tchad, the main fixed-line operator, is reportedly fully state-owned.

It is reported that Chad mandates functional and accounting separation for operators with significant market power (SMP) in the telecom market.

Airtel Chad and Tigo Chad have stated that they were obliged to comply with orders from the government to shut down the internet and limit access to social media in certain regions of the country for a period of 16 months. The operators stated that this obligation emanated from their license conditions with the ARCEP (the regulatory authority for electronic communications and postal services), which require them to cooperate with government authorities and, if necessary, restrict access to the networks in the interest of national security. The text of the agreements is not publicly available.

Chad has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

Chad has a telecommunications authority: Electronic Communications and Postal Regulatory Authority (ARCEP). However, it is reported that this entity is not fully independent.

Processing of special categories of data (including sensitive data) is prohibited unless consent of the data subject is obtained (Chapter V of Law No. 007/PR/2015 on the Protection of Personal Data). According to Art. 52, authorisation of the "Agence Nationale de Sécurité Informatique et de Certification Électronique" (ANSICE) is mandated to process this data. It is not clear how this requirement affects the capacity of companies to transfer data across borders.

Art. 29 of Law No. 007/PR/2015 on the Protection of Personal Data prohibits the transfer of personal data to a country that is not a member of the Economic and Monetary Community of Central Africa (CEMAC) or the Economic Community of Central African States (ECCAS) unless that state ensures a sufficient level of protection of the privacy, freedoms and fundamental rights of individuals. Certain exceptions apply (Arts. 30-33). Before any transfer of personal data abroad, it is required that the data controller informs the regulatory authority, the National Agency for Information Security and Electronic Certification (ANSICE).

Chad has not joined any free trade agreement committing to open transfers of cross-border data flows.