Eswatini has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

It is reported that the Eswatini Communications Commission (ESCCOM), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

Section 32.1 of the Data Protection Act provides that if a Southern African Development Community (SADC) Member State has transposed the requirements under the SADC Model Law on Data Protection, the transfer of data is permitted. SADC is an economic block covering 16 countries in Southern Africa. Moreover, the transfer is permitted where the recipient establishes that the data is necessary for the performance of a task carried out in the public interest or pursuant to the lawful functions of the data controller or where the recipient establishes the necessity of having the data transferred and there is no reason to assume that the data subject's legitimate interests might be prejudiced by the transfer or the processing in the Member State (Sections 32(1)(a) and (b)).
In addition, Section 33 of the Act permits the transfer of personal information to other recipients if an adequate level of protection is ensured in the country and the data is transferred solely to permit processing authorised by the controller. Apart from the above requirements, transfers of personal data are permitted where the data subject has unambiguously given their consent to the proposed transfer; the transfer is necessary for the performance of a contract between the data subject and the controller or the implementation of pre-contractual measures taken in response to the request of the data subject, among others (Sections 33(4)(a-f)).

Eswatini has not joined any free trade agreement committing to open transfers of cross-border data flows.

The Data Protection Act provides a comprehensive regime of data protection in Eswatini. The Act is Eswatini's first comprehensive privacy legislation governing the collection, processing, and disclosure of personal data. Moreover, the Act outlines the responsibilities of the Eswatini Communications Commission, as well as the requirements for processing personal information, including retention periods and data security requirements. In addition, the Act provides for several data subject rights, such as the right to access and correct personal information, and includes general provisions on unsolicited electronic communications, as well as automated decision-making. Before this law, data protection was covered by sectoral laws, including the Swaziland Communications Commission (Subscriber) Regulations, Swaziland Commission (Consumer Protection) Regulations, 2016, and the Financial Institutions Act.

Section 10.2 (a) and (b) of the Electronic Communications (Subscriber Registration) Regulations on Data protection provides that personal information shall be stored by the licensee for a period of five years after a customer has cancelled a contract with the licensee or where the licensee has ended the services provided to the customer. In this Regulation, in accordance with Section 2 (Interpretation), licensee means any electronic communications service licensed by the Eswatini Communications Commission (ESCCOM) for the provision of electronic communications services in Eswatini.

A basic legal framework on intermediary liability for copyright infringement is absent in Eswatini's law and jurisprudence.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Eswatini's law and jurisprudence.

It is reported that Eswatini imposes an identity requirement for SIM registration. Anyone wanting to purchase a SIM card has to provide their national ID card or a passport in case of foreigners to activate a new prepaid SIM card.

It is reported that during the political unrest in 2021, all social media platforms and online messaging applications on the "MTN eSwatini" network, including Facebook and WhatsApp, were blocked for a duration of about a week and later restored again. "MTN eSwatini" issued a notice to all its subscribers informing them that an order has been issued by the Regulator to restrict these services. MTN eSwatini is a subsidiary of the MTN Group, Africa's leading cellular telecommunications company.

The indicator "6.2.4 - Government Internet shut down in practice" of the V-Dem Dataset, which measures whether the government has the technical capacity to actively make internet service cease, thus interrupting domestic access to the internet or whether the government has decided to do so, has a score of 2 in Eswatini for the year 2023. This corresponds to "The government shut down domestic access to the Internet several times this year."

In accordance with the provisions of Sections 10, 11, 13 and 40 of the Electronic Communications Act, the Minister of Information, Communications, and Technology promulgated the Electronic Communications (Licensing) Regulations and the Electronic Communications (Importation, Type Approval and Distribution of Communications Equipment) Regulations. In accordance with Regulation 16 of the Importation, Type Approval and Distribution of Communications Equipment Regulations, it is unlawful for any individual or entity to supply, import or distribute radio communications equipment unless they have been granted a licence by the Commission as specified in Section 41.1 of the Act. Furthermore, Regulation 4 of the Licensing Regulations empowers the Commission to issue a general licence for the importation, distribution or sale of electronic communications equipment. The Commission may grant any number of licences to an applicant who meets the criteria set out in the application and the general licence conditions.

Eswatini has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

The Eswatini Post and Telecommunications Corporation (EPTC) is entirely owned by the government, with no local or foreign firms holding equity shares in the corporation. Sections 3-5 of the Swaziland Post and Telecommunications Corporation Act establish the corporation and its governing structures in accordance with the Public Enterprises (Control and Monitoring) Act (PEA).
According to Section 53 of the Electronic Communications Act, EPTC shall have the exclusive right of establishing, constructing, maintaining and operating the national telecommunications backbone infrastructure within the country.

The Public Enterprises (Control and Monitoring) Act (PEA) has no specific provisions that prohibit the appointment of foreigners as board members or directors in government-owned enterprises. However, there has never been an instance where a foreigner was appointed to be either a chief, director or board member of a government enterprise. It is reported that, when one looks at the architecture of the appointment process for members of the board for government enterprises, it is clear that the intention is not to have foreigners forming part of the boards of these entities. The Board members are appointed by the responsible Minister in consultation with the Standing Committee, which is comprised of Cabinet Ministers (Sections 2 and 6).