Sections 31 and 32 of the Personal Data Protection Act permit the transfer of personal data outside Tanzania only on the following circumstances: a) to a country with an adequate personal data protection legal system (i.e. essentially equivalent levels of protection to that within Tanzania) provided the recipient has proven (i) such transfer is necessary for important reasons of public interest or any other legitimate purpose or (ii) the importance of the transfer and there is no reason to assume that the transfer or processing in the recipient country may prejudice the subject's legitimate interests. The data collector or processor must carry out a prior data protection impact assessment on the need to transfer personal data and ensure the recipient of the data only processes the relevant information in the data and for the purpose for which the data was transferred; b) to any other country with appropriate safeguards on the security and protection of personal data provided the data is transferred to be processed for a purpose approved by the data subject, unless the data subject has consented to such transfer, or the transfer is necessary:
- For the performance of a contract between the data subject and the data collector or the implementation of pre-contractual measures taken at the request of the data subject.
- For the conclusion or performance of a contract concluded or to be concluded in the interest of the data subject between the collector and another person.
- For any public interest or the establishment, exercise or defence of a legal claim.
- To protect the vital interests of the data subject.
- In accordance with a law aimed at giving information to the public, which affords an opportunity for public consultation in general or anyone with a legitimate interest to submit their comments in accordance with a procedure laid down by law.

Tanzania has not joined any free trade agreement committing to open transfers of cross-border data flows.

The Personal Data Protection Act provides a comprehensive regime of data protection in Tanzania. It contains detailed provisions imposing obligations on data controllers and data processors, including requirements associated with data security and international data transfers, and establishes the Personal Data Protection Commission.

Section 13 of the Online Content Regulations (2020) requires internet cafe operators to:
- keep a proper service user register and ensure every person using internet service is registered upon showing a recognised identity card;
- install surveillance cameras to record and archive activities inside the cafe.
The images recorded by a surveillance camera and the register of users recorded shall be kept for a period of 12 months.

According to the Electronic and Postal Act of 2010, the licensee of a telecommunications licence is required to store subscriber communication data for one month, after which the data must be submitted to the Tanzania Communications Regulatory Authority. Section 91 specifies that: "(1) There shall be a database kept within the Authority in which all Subscriber Information shall be stored. (2) The Authority shall be responsible for monitoring and supervising the information stored under sub-section (1). (3) Every application services licensee shall be required to submit to the Authority, once a month, a list containing its subscribers' information. (4) The Authority shall issue guidelines on the details of subscriber information to be submitted."

Section 22 of the Electronic and Postal Communications (Licensing) Regulations stipulates that foreign investment in the telecommunications sector is restricted to a maximum of 75%

TTCL (Tanzania Telecommunications Company Limited) is a state-owned telecommunications company in Tanzania that offers fixed-line, mobile, broadband internet, and data services. The company also has a fibre optic network throughout the country, enabling it to offer high-speed connectivity services to businesses and homes. TTCL has been a key player in the expansion of Tanzania's telecommunications infrastructure and the promotion of internet access and other telecommunications services throughout the country.
TTCL was privatised in February 2001, when a Consortium MSI of the Netherlands and Detecon of Germany acquired 35% shares of the company from the Government of Tanzania. However, the Government of Tanzania fully repossessed TTCL ownership by 100% from June 2016. Tanzanian government owns 40% of Bharti Airtel. The Government of Zanzibar (a partly self-governing state in Tanzania) owns a 15% stake in Zanzibar Telecom (Zantel).
It is reported that the government's effort to privatise TTCL has stalled. TTCL has been given management of the national fibre backbone and will service all districts; private operators must contract for service with TTCL. In addition, investors report that though the government has authorised some private companies to build terrestrial fibre networks, governing regulations remain unclear and inconsistently applied.

It is reported that Tanzania mandates functional and accounting separation for operators with significant market power (SMP) in the telecom market.

According to Art. 26 of the Electronic and Postal Communications Act 2010, as amended in 2017 by the Finance Act (2017), licensees holding Network Facilities and Network Service licenses are required to offer at least 25% of their shares to the public—both local and foreign—through an Initial Public Offering (IPO) on the Dar es Salaam Stock Exchange (DSE). If a licensee fails to meet the prescribed 25% threshold of issued and paid-up share capital following the IPO, the Capital Markets and Securities Authority, in consultation with the Minister responsible for Capital Markets and considering market conditions, will issue directives to guide the licensee on how to achieve the 25% shareholding requirement. This requirement is also confirmed in Section 22(a) of the Licensing Regulations (2018).
Additionally, the application and initial licensing fees vary depending on the type of license and coverage area—International, National, or Regional. According to the first schedule of the Electronic and Postal Communications (Licensing) Regulations, the fees for Network Services are as follows: International coverage requires an application fee of USD 10,000, an initial license fee of USD 300,000, and a renewal license fee of USD 400,000; National coverage requires an application fee of USD 5,000, an initial license fee of USD 600,000, and a renewal license fee of USD 750,000; Regional coverage requires an application fee of USD 2,000, an initial license fee of USD 23,100, and a renewal license fee of USD 26,500.

Section 20 (b) of the Electronic and Postal Communications (Licensing) Regulations, 2018, establishes that an applicant for the individual license shall submit to the Authority a business plan together with other documents as provided for under the Licensing Regulations.

Tanzania has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

It is reported that the Tanzania Communications Regulatory Authority (TCRA), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

Section 57 of the Finance Act of 2021 stipulates that tax-related data must be stored on a primary server located within the boundaries of Tanzania. The legislation further establishes that storing such data outside the country constitutes an offence. The Act defines a primary data server as a server that stores data generated or collected by a taxable or liable person in the regular conduct of their business activities.

Section 22 of the Electronic and Postal Communications (Licensing) Regulations stipulates that foreign investment in the telecommunications sector is restricted to a maximum of 75%.

Under the Patents (Registration) Act Cap 217 R.E 2002, foreigners may obtain the same protection as nationals of Tanzania. However, according to Art. 18 of the law, applicants not residing in Tanzania must appoint a patent attorney domiciled in the country to represent the applicant before the Patent Office. In addition, according to Art. 26, foreign parties may pay the required fees only through a patent agent domiciled in Tanzania.