Zimbabwe has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

Zimbabwe has a telecommunications authority: The Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ). However, it is reported that this entity is not fully independent.

Section 8 of the Postal and Telecommunications (Subscriber Registration) Regulations of 2014 stipulated that subscriber information in the telecom sector must not be transferred outside the Republic of Zimbabwe. An amendment in 2019 introduced new provisions. According to the revised Section 8, if transferring subscriber information to a foreign host becomes necessary or unavoidable for operational purposes, the service provider must ensure that the data is encrypted to prevent it from being read by the foreign host. The local service provider is required to retain the encryption keys to prevent unauthorised access. Additionally, before entering into any storage arrangement, the service provider must submit a report on data protection measures and hosting agreements to the relevant authority. In addition, the service provider must obtain clear, affirmative consent in writing from the subscriber for the transfer of personal data and must not sell, trade, or share the transferred data.
Reports indicate that the approvals of the regulators for data transfers are evaluated on a case-by-case basis.

Sections 28 and 29 of the Cyber and Data Protection Act establish a framework for the cross-border transfer of data. Data can be transferred to countries that offer adequate protection. In addition, data can be transferred if it is in the public interest to do so. The data subject must provide consent for their information to be transferred. However, this consent may also be implied or offered ambiguously.
Moreover, Section 11 of the Cyber and Data Protection Act prohibits the processing of sensitive personal information unless with the consent of the data subject or where processing is for legitimate purposes. Sensitive data, according to Section 3, includes social, political, and cultural information, as well as health and genetic information, and any information which may be considered as presenting a significant risk to the rights of the data subject.

Zimbabwe has not joined any free trade agreement committing to open transfers of cross-border data flows.

Zimbabwe has a comprehensive regime of data protection in place: the Cyber and Data Protection Act [Chapter 12:07] was promulgated with the policy objective of data privacy and protection of all data collected by Data Controllers both within and outside Zimbabwe depending on the location of the means used to process the said data. The Act seeks to shield the privacy of such information and regulate the way in which such information is stored, used and disclosed.

Zimbabwe has a clear regime of copyright exceptions that follows the fair dealing model, which enables the lawful use of copyrighted work by others without obtaining permission. Part III of the Copyright and Neighbouring Rights Act lists the exceptions, which include the use with purposes of research or private study, educational use of copyright material, criticism, review, or news reporting, among others.

It is reported that copyright is not adequately enforced online in Zimbabwe. Pirating of books, videos, music, and computer software is reported to be common in the country.

Zimbabwe has not signed the World Intellectual Property Organization (WIPO) Copyright Treaty.

Zimbabwe has not signed the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.

Section 11 of the Interception of Communications Act allows security and law enforcement agencies to impose disclosure requirements in respect of encrypted information where they believe that a key to encrypted information is in the possession of that person and that a disclosure requirement is necessary in the interests of national security, to prevent or detect a serious criminal offence, or in the interests of the country’s economic well being. Failure to comply is a criminal offence punishable by imprisonment, a fine, or both.

Zimbabwe has no rules applicable to the protection of trade secrets.

It is reported that there is an obligation for passive infrastructure sharing in Zimbabwe to deliver telecom services to end users. It is practised in both the mobile and fixed sectors based on commercial agreements.

Zimbabwe is not a party to the World Trade Organization (WTO) Agreement on Government Procurement (GPA), nor does it have observer status.

According to Art. 7.1 of the Broadcasting Services Act, no person shall provide a broadcasting service or operate as a signal carrier in Zimbabwe except in accordance with a broadcasting licence or a signal carrier licence. A broadcasting licence shall authorise the licensee to provide several classes of broadcasting services, including narrowcasting, datacasting, and webcasting (Art. 7.2). However, pursuant to Art. 8.1, a broadcasting licence shall be issued only to individuals who are citizens of Zimbabwe or to a corporate body in which a controlling interest is held, whether through any individual, company association or otherwise, by one or more individuals who are citizens of Zimbabwe.