Egypt's digital economy is growing significantly. The information and communication technology sector was Egypt’s fastest-growing industry, with a 14.4% growth rate, in the 2023/2024 fiscal year. In 2024, Egypt ranked 3rd among African economies regarding technology investments, according to the Egyptian Cabinet, and 6th among African economies in the E-Government Development Index. The internet penetration reached 81.9% in 2025, with 96.3 million users. 

To support this digital transformation, the government adopted the ICT 2030 Strategy, which aims to increase the sector’s GDP contribution to 7%, and the Digital Egypt initiative, which includes investments in digital infrastructure, cybersecurity, and digital literacy programs. On the international stage, Egypt collaborates with the United Nations on digital transformation projects and the World Bank, which approved USD 700 million for economic development. Additionally, Egypt engages in digital initiatives within the African Union, including the African Continental Free Trade Area 

But what do Egypt’s domestic digital policies stand for? Our DPA Digital Digest provides a succinct overview of the latest policy and enforcement developments in major policy areas and Egypt-specific points of emphasis.

• Data governance: Egypt implemented the Personal Data Protection Law and expanded cybersecurity regulations.

• Content moderation: Egypt implemented two laws that affect online content and started the process of amending the Child Online Protection Strategy. 

• Competition policy: Egypt applied its general competition law to digital markets, updated merger control rules and issued guidelines on market definition, the assessment of dominant positions, and vertical agreements.

• Artificial Intelligence: Egypt adopted the National AI Strategy and the Egyptian Charter for Responsible AI and participated in several international AI governance initiatives.

• Egypt’s points of emphasis include the taxation of the digital economy and licensing requirements.

Jump directly to the section that interests you most:

Discover the details of Egypt's regulatory approach on our dedicated country page.

Remain up-to-date on new and upcoming developments with our free notification service. 

Written by Maria Buza and Sherif Taha. Edited by Tommaso Giardini.

In October 2020, Egypt implemented the Personal Data Protection Law. The Law specifies that personal data processing requires explicit consent from the data subject or must be legally justified. Data subjects have the right to access and correction regarding their data, to withdraw consent, and to object to data processing, among others. Data controllers and processors must implement measures to ensure data security and confidentiality. In cases of data breaches, data controllers and processors must notify the Personal Data Protection Centre (PDPC) within 72 hours. Additionally, the Law requires entities to obtain a licence to collect, store and process personal data. 

Egypt’s cybersecurity framework is primarily based on the 2018 Anti-Cyber and Information Technology Crimes Law. The Law requires service providers to preserve and store data related to information systems for 180 days, maintain confidentiality and secure data against unauthorised access or damage. In August 2020, the Law’s obligations were supplemented by the Executive Regulation, which set cybersecurity standards, including encryption and secure protocols for digital infrastructure. The regulation also requires providers of critical information infrastructure, including sectors such as energy, electricity, and communications, to register and adhere to specific security measures. Measures include maintaining accurate records of hardware, software, and network configurations and personnel training regarding security protocols. Finally, in February 2024, the Supreme Council for Cybersecurity released the National Cybersecurity Strategy to address growing cyber threats. The strategy specifies plans for updating the legislative framework, strengthening domestic cooperation, and building robust cyber defence systems.

On the international level, Egypt participates in several initiatives related to data governance.

• In October 2024, Egypt endorsed the International Counter Ransomware Initiative Joint Statement, reinforcing commitments to combat ransomware.

• In February 2024, the African Union (of which Egypt is a member) adopted the Digital Trade Protocol to the African Continental Free Trade Area, which includes measures on personal data protection and cross-border data transfers. In February 2022, the African Union adopted the Data Policy Framework, which includes provisions on data protection, cybersecurity, and cross-border data transfers.

• In January 2023, Egypt signed memoranda of understanding with India, Palestine, and Somalia to strengthen cooperation in information and communications technology and cybersecurity.

Egypt does not have a general data localisation requirement. In August 2024, however, the Supreme Council’s Cloud First Policy established the obligation for cloud service providers to store data classified as "top secret" and "secret" exclusively within Egypt. 

Regarding data transfers, the Personal Data Protection Law establishes several mechanisms that are to be detailed in Executive Regulations.

• Data can be transferred if two conditions are met: (1) the level of protection in the receiving jurisdiction is at least equivalent to that required by the Law, and (2) a licence is obtained from the PDPC.

• Transfers to countries that do not offer the minimum protection level required by Law are allowed if the data subject consents and the transfer meets specific exceptions. These include safeguarding the data subject’s life, protecting legal rights before the judiciary, executing agreements that benefit the data subject, fulfilling international judicial cooperation or legal obligations, enabling money transfers, or complying with international agreements to which Egypt is a party.

The PDPC, established by the Personal Data Protection Law, oversees compliance with data protection regulations. It is responsible for issuing guidelines and licences and for investigating violations of data protection obligations. Currently, there are no public, official sources on guidelines or enforcement action by the PDPC. 

Egypt's content moderation framework is currently based on two laws. 

• The 2018 Anti-Cyber and Information Technology Crimes Law empowers authorities to block websites displaying content that jeopardises national security or the economy. It also criminalises the creation of fake websites, emails, or private accounts that defame individuals or entities.

• The 2018 Law on Press and Media includes content moderation provisions applicable to both traditional and digital media providers. The law prohibits publishing or broadcasting content that incites violence, hatred, or discrimination, or that violates public morals or national security. The Supreme Council for Media Regulation (SCMR) has the authority to take appropriate measures, including blocking or suspending websites or accounts that violate these provisions. Providers must remove and correct content upon SCMR request. 

In September 2022, the Egyptian National Computer Emergency Readiness Team (EG-CERT), in cooperation with the National Council for Childhood and Motherhood (NCCM), initiated the review and amendment process of the Child Online Protection Strategy. The updated strategy will focus on the responsibilities of internet service providers to block harmful content and will involve cooperation with the Public Prosecutor’s Office to take urgent action in response to online threats.

At the international level, Egypt participates in several initiatives regarding online content:

• In February 2024, Egypt joined other African governments in adopting the Association of African Election Authorities' Digital and Social Media Guidelines, which establish standards for the responsible use of digital platforms during electoral processes.

• In June 2023, Egypt was among 71 governments that signed the International Statement to Remove Online Child Sexual Abuse Materials, committing to proactive measures against child exploitation online.

• In May 2024, as a member of the African Union, Egypt adopted the Child Online Safety and Empowerment Policy, which provides a framework for protecting children online while promoting digital literacy and skills.

Content governance in Egypt is primarily overseen by the SCMR, which has the power to monitor media content, issue licences, and enforce content standards across both traditional and digital media. The SCMR can impose penalties ranging from warnings to fines to licence revocations for violations. For digital content specifically, enforcement is supported by provisions in the Anti-Cyber and Information Technology Crimes Law, which empowers authorities to block websites and content deemed to threaten national security, the economy, or public order. Currently, there are no public, official sources on guidelines or enforcement action related to Egypt's content moderation framework.

Egypt has not adopted specific rules regarding competition in digital markets and instead applies the 2005 Law on the Protection of Competition and the Prohibition of Monopolistic Practices. The Law prohibits anti-competitive agreements, prevents entities from abusing dominant market positions, and establishes a merger control regime. The Authority for Protection of Competition and the Prohibition of Monopolistic Practices (ECA) is the primary enforcement body. The Law’s obligations were further expanded by Decree 1316. It specifies rules on merger control and prohibits anti-competitive agreements, such as price-fixing or market division, to prevent market consolidation and protect competition.

On the international level, Egypt participates in regional and international competition initiatives.

• In February 2024, the ECA signed a memorandum with Russia on competition policies enforcement. Previously, the ECA signed memoranda of cooperation with Cyprus, India, Saudi Arabia, South Africa and Oman. 

• In March 2022, Egypt participated in the establishment of the Arab Competition Network, which aims to enable technical cooperation and unify competition policies among Arab countries within the Greater Arab Free Trade Area framework. 

• In February 2022, Egypt joined other African competition authorities in issuing a joint statement on cooperation in the regulation of digital markets. 

• In August 2016, the ECA and the Common Market for Eastern and Southern Africa Competition Commission signed a memorandum on the enforcement of competition rules.

The ECA has issued several guidelines on obligations related to competition. 

• In July 2024, the ECA released guidelines on vertical agreements, addressing distribution practices, supplier-customer relationships, and vertical restraints.

• In May 2024, the ECA issued guidelines outlining how it defines relevant markets and assesses market dominance in competition cases.

In November 2023, the ECA released guidelines outlining conditions for exemptions from obligations regarding competition.

Egypt has not yet adopted laws or regulations specifically governing the development and use of Artificial Intelligence (AI).

In April 2023, the National Council for AI adopted the Egyptian Charter for Responsible AI. The charter mandates that AI systems should not harm individuals, especially vulnerable groups, and must comply with Egyptian laws. It also stresses the importance of human oversight, risk management, and the involvement of qualified, diverse teams in AI development. Additionally, the charter encourages international collaboration, capacity building, and the support of innovative AI applications that benefit the economy and society. The charter is subject to annual reviews and public consultations to ensure its relevance and effectiveness.

Previously, in July 2021, the National Council for Artificial Intelligence released the National AI Strategy, outlining the vision and goals for AI development and implementation in Egypt. In December 2024, the Minister of Communications and Information Technology announced that it would issue a second version of the strategy. 

At the international level, Egypt endorsed several international initiatives on AI governance.

• The African Union, of which Egypt is a member, adopted the Continental AI Strategy for digital transformation and the AI Governance Framework, as well as a cooperation agreement on AI research and development with China. 

• In February 2024, the Digital Trade Protocol to the African Continental Free Trade Area was adopted. It requires parties to facilitate the adoption and regulation of emerging and advanced technologies, aligning with public policy and security interests, and to develop governance frameworks ensuring ethical, trusted, safe, and responsible use.

There are currently no public, official sources on enforcement action or guidelines related to Egypt's AI framework.

Egypt has addressed both direct and indirect taxation of the digital economy.

In June 2023, Law No. 30 introduced thresholds for identifying a permanent establishment for direct tax purposes in Egypt. A permanent establishment is now deemed to exist when a non-resident entity provides services in Egypt for more than 90 days within 12 months. Additionally, the definition was broadened to cover contract facilitation.

Egypt introduced a 14% value-added tax (VAT) on digital and electronic services in September 2016. In January 2022, the VAT framework was amended to simplify the registration of non-resident providers and establish special economic zone projects. In June 2023, Egypt implemented VAT regulations for non-resident providers of digital and remote services. Remote services include supplies of digital content, online games, applications, software, website design, and publishing services, as well as legal, accounting, and consultancy services. VAT obligations vary by transaction type: for business-to-business supplies, the Egyptian business must apply the reverse charge mechanism, with no VAT responsibility for the non-resident. For business-to-consumer supplies, the non-resident provider is responsible for VAT collection and remittance.

Egypt established a licensing regime for telecommunications, cloud computing, and other emerging technologies through multiple regulatory frameworks.

In December 2022, Egypt amended the 2003 Telecommunication Regulation Law, requiring entities to obtain a permit from the National Telecommunication Regulatory Authority (NTRA) to import, manufacture, assemble, possess, use, operate, install, or market telecommunication equipment. The establishment and operation of telecommunication networks requires a licence from the NTRA. 

The NTRA adopted licensing frameworks for various telecommunications services:

• In July 2024, the NTRA implemented a regulatory framework for foreign satellite operators providing telecom services in Egypt. Operators and resellers must obtain permits and licences, submit technical and company details, pay an annual fee, and provide a financial guarantee to operate within the country. 

• In November 2020, the NTRA released rules for awarding telecom network and service licences, including guides for Class A and B Internet services, global peering, Arabic domain name registration, and value-added mobile services.

For emerging technologies, Egypt implemented targeted regulatory frameworks:

• In August 2024, the Supreme Council of Digital Society's Cloud First Policy entered into force, introducing licensing requirements, public procurement access regulations, and interoperability requirements for cloud service providers.

• In May 2022, the NTRA established a regulatory framework requiring entities to obtain a licence to establish data centres. 

• In January 2021, the NTRA adopted the Internet of Things (IoT) Framework, setting licensing requirements and non-discrimination requirements for IoT operators and mobile service providers.