Sudan is a party to the Patent Cooperation Treaty (PCT).

Sudan has a copyright regime under the law Copyright and Neighbouring Rights Protection and Literal and Artistic Works Act, 2013. However, the exceptions do not follow the fair use or fair dealing model, therefore limiting the lawful use of copyrighted work by others. Arts. 26-32 list the exceptions, which include educational purposes, quotations, transfer or copying from newspapers, copying for legal proceedings, news reports, photocopying in libraries and publishing by mass media.

Sudan has not signed the World Intellectual Property Organization (WIPO) Copyright Treaty.

Sudan has not signed the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.

South Sudan has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

It is reported that all products imported into South Sudan, including electrical and electronic goods, are subject to the Pre-Export Verification to Conformity (PVoC) program and must be accompanied by a Certificate of Conformity (CoC), which is a mandatory clearance document for each consignment. The program covers all products being imported into South Sudan with a value above USD 2,000 and applies to all countries. The objective of the program is to verify conformity to South Sudan standards or other approved standards and technical regulations.

Section 323.4 of the Companies Act stipulates that small companies shall be exclusively owned by South Sudanese nationals. According to Section 323.3, a company qualifies as a small-sized private company if its turnover for the preceding accounting period is below a threshold specified by the government, it employs no more than seven individuals, and its share capital does not exceed an amount prescribed by the government. Furthermore, Section 323.5 mandates that financially capable South Sudanese nationals must hold a minimum of 31% of the shares in medium and large private companies. Section 323.6 defines a medium or large private company as one with share capital not less than an amount prescribed by the government. These regulatory restrictions reportedly extend to sectors pertinent to digital trade, although it is not clear whether it applies to the e-commerce sector.

According to Art. 15 of the e-money Regulation, the e-money service provider must strictly apply KYC procedures based on a risk-based approach that determines the different risk categories in the application of customer identification; mobile money accounts have been categorised in the following three levels:
- Level 1: basic level accounts with simplified KYC, which are subject to lower transaction limits and limited documentation requirements for account opening. They have a maximum balance limit equal to USD 1.000, a daily transaction limit equal to USD 250, and a monthly transaction limit equal to USD 2.000;
- Tier 2: Partial KYC accounts that have higher limits and stricter account opening requirements. They have a maximum balance limit equivalent to USD 4.000, a daily transaction limit equivalent to USD 1.000, and a monthly transaction limit equivalent to USD 8.000.
- Level 3: accounts with complete KYC requirements. Accounts with full KYC have higher limits for corporate and government payments. They have a maximum balance limit equivalent to USD 10.000, a daily transaction limit equivalent to USD 2.000, and a monthly transaction limit equivalent to USD 20.000.

It is reported that the ability to exchange local currency for foreign currency is severely restricted due to South Sudan’s lack of correspondent banking relationships. Some international businesses have complained that the inability to repatriate proceeds has hurt their businesses.

South Sudan does not implement any de minimis threshold, which is the minimum value of goods below which customs do not charge duties.

The Consumers Protection Act 2011 provides a comprehensive framework for consumer protection that also applies to online transactions. According to Art. 2, the purpose of the law is to establish a legal framework for the protection of the interests and welfare of consumers in their dealings with producers and suppliers. In addition, according to Art. 4, the Act applies to any consumer transaction occurring within South Sudan between a supplier and a consumer unless the transaction is exempted under subsection.

South Sudan has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

South Sudan has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

South Sudan does not have a comprehensive regime of data protection in place.

Section 6 of the Cybercrimes and Computer Misuse Provisional Order imposes an obligation on service providers to store for 180 days information relating to communications, including personal data and traffic data of subscribers. A service provider is defined as a public or private entity that provides to users of its services the means to communicate by use of a computer system and any other entity that processes or stores computer data on behalf of that entity or its users (Section 5).