Data Privacy Tool
You may also be interested in our Data Privacy Scorebox to assess your organization's level of data protection maturity.
Currently, there is no data protection law in Libya. However, Articles 12 and 13 of the Constitution 2011 guarantee the right to a private life for citizens and the confidentiality of correspondence, telephonic conversations and other forms of communications except where required by a judicial warrant respectively. In other words, there is no detailed information concerning privacy systems in Libya that protect individuals when their data is processed. With regard to privacy protection, there are some provisions in the Libyan Penal Code (1953) that provide general protection for private correspondence and homes from any interference by others. These articles provide that the public servants who commit an offence against private correspondence will face imprisonment of no less than six months. Also, there are some articles in the Act No 4 (1990) on the National System for Information and Documentation, which governs the government’s collection of personal data for conducting research for social and economic reasons. This Act provides some provisions which require government entities to take some steps to protect the collected data, such as prohibiting the government from forcing individuals to give their data in order to conduct its research. However, these articles do not provide protection to personal data when individuals process their data. Also, the Central Bank of Libya regulated general criteria for protecting personal data which is available online. However, this is applicable to only Libyan banks.
Definition of Personal Data
There is no definition of personal data as per Libyan Law.
Definition of Sensitive Personal Data
There is no definition of sensitive personal data as per Libyan Law.
There is no data protection authority.
There are no registration requirements relating to personal data.
There is no data protection officer requirement as per Libyan Law.
There are some articles in the Act No 4 (1990) on the National System for Information and Documentation, which governs the government’s collection of personal data for conducting research for social and economic reasons. This Act provides some provisions which require government entities to take some steps to protect the collected data, such as prohibiting the government from forcing individuals to give their data in order to conduct its research. However, these articles do not provide protection to personal data when individuals process their data. Also, the Central Bank of Libya regulated general criteria for protecting personal data which is available online. However, this is applicable to only Libyan banks.
Not applicable.
Not applicable.
There is no breach notification requirement in Libya.
It should be noted that recently, the Libyan House of Representatives enacted Law No.5 2022 concerning Combating Cyber Crimes in September 2022. In accordance with this law cybercrime is defined as “every act committed through the use of computer systems, the international information network, or other information technology means in violation of the provisions of this law.”
This law has brought in some form of enforcement regarding breaches of copyright, with fines and prison sentences to be enacted in such a case. The sentence for copyright infringement is a prison sentence of no less than one year, and a fine of no less than 1,000 Dinars.
There is no specific law governing electronic marketing.
There is no specific online privacy legislation.