DLA Piper Intelligence

Data Protection
Laws of the World

Law

Mozambique
Mozambique

In Mozambique there is no specific legislation on data protection or privacy. However, there are other sources of law that impose some privacy obligations, including:

  • The Civil Code (Decree-Law no. 47344, of November 25, 1966, in force in Mozambique through Edict no. 22869, dated September 4, 1967)
  • The Penal Code (Law n.º 35/2014 of December 31)
  • The Labour Law (Law n.º 23/2007, of August 1)
  • The Electronic Transactions Law (Law n.º 3/2017, of January 9) 

In addition, the Constitution of the Republic of Mozambique provides that all citizens are entitled to the protection of their private life and have the right to honor, good name, reputation, protection of their public image and privacy. Further, Article 71 of the Constitution identifies the need to legislate on access, generation, protection and use of computerized personal data (either by public or private entities); however, implementing legislation has not yet been approved.

Last modified 28 Jan 2019
Law
Mozambique

In Mozambique there is no specific legislation on data protection or privacy. However, there are other sources of law that impose some privacy obligations, including:

  • The Civil Code (Decree-Law no. 47344, of November 25, 1966, in force in Mozambique through Edict no. 22869, dated September 4, 1967)
  • The Penal Code (Law n.º 35/2014 of December 31)
  • The Labour Law (Law n.º 23/2007, of August 1)
  • The Electronic Transactions Law (Law n.º 3/2017, of January 9) 

In addition, the Constitution of the Republic of Mozambique provides that all citizens are entitled to the protection of their private life and have the right to honor, good name, reputation, protection of their public image and privacy. Further, Article 71 of the Constitution identifies the need to legislate on access, generation, protection and use of computerized personal data (either by public or private entities); however, implementing legislation has not yet been approved.

Last modified 28 Jan 2019
Definitions

Definition of personal data

At the moment, the law does not define the concept of 'personal data'.

Definition of sensitive personal data

There is no law defining sensitive personal data. However, the Constitution of the Republic of Mozambique imposes restrictions on recording and handling any individually identifiable information concerning a person’s political, philosophical or ideological beliefs, religious beliefs, membership in a political party or trade union and (particulars) related to the person’s privacy.

Last modified 28 Jan 2019
Authority

There is no data protection authority in Mozambique.

Last modified 28 Jan 2019
Registration

There is no data protection registration requirement in Mozambique.

Last modified 28 Jan 2019
Data Protection Officers

Mozambique law does not require the appointment of data protection officers.

Last modified 28 Jan 2019
Collection & Processing

Under the Constitution of the Republic of Mozambique, individually identifiable information, concerning to political, philosophical or ideological beliefs, religious beliefs, membership in a political party or trade union and (particulars) related to the person’s privacy may not be stored or processed in a database.

Last modified 28 Jan 2019
Transfer

The law does not generally restrict cross-border transfers of personal information. The Constitution of the Republic of Mozambique imposes restrictions on disclosures of personal information to third parties.

Last modified 28 Jan 2019
Security

Under the Electronic Transactions Law (Law n.º 3/2017, of January 9), the person / entity responsible for processing electronic data, must protect personal data against risks, losses, unauthorized access, destruction, use, modification or disclosure.

Last modified 28 Jan 2019
Breach Notification

There is no breach notification requirement in Mozambique.

Last modified 28 Jan 2019
Enforcement

The Penal Code (Law n.º 35/2014 of December 31) provides for certain computer-related crimes, such as intrusion through informatics, which is subject to imprisonment from two to eight years and a one-year fine. There is also the crime of fraud through electronic means, which is subject to imprisonment for at least one year and a corresponding fine.

However, given that Mozambique does not have specific data protection laws nor a specific authority responsible to oversee data protection matters, enforcement of data protection-related matters is minimal.

Last modified 28 Jan 2019
Electronic Marketing

The rules applicable to electronic advertisement and marketing are provided under the Advertisement Code (Decree n.º 38/2016, of August 31) and the Electronic Transactions Law (Law n.º 3/2017, of January 9). 

Under the Electronic Transactions Law, express consent from a recipient is required prior to sending direct marketing communications via automated dialing systems, fax machines and email, unless one of the following applies: 

  • If the sender obtained the contact details of the recipient during the sale or negotiations for the sale of a product or service to the recipient
  • The direct marketing refers to similar products or services to those of the recipient
  • At the moment of initial collection of the data, the recipient was offered the option to refuse of use of his contact details, and decided not to refuse
  • If the recipient did not refuse the use of its data in any subsequent communications  

Under the Advertisement Code, electronic marketing messages should be clearly identified and include sufficient information, so as to allow the common recipient to easily understand all of the following:

  • The nature of the message
  • The advertiser
  • The promotional offers, such as discounts, prizes, gifts and promotional contests and games, as well as the conditions to which they are bound (if applicable) 

All direct marketing message must provide recipients with information about how to opt out of further marketing communications, as well as the identity details of the source from which the contact details of the consumer have been obtained.

Last modified 28 Jan 2019
Online Privacy

Other than the above general rule, there are no other rules applicable to online privacy.

Last modified 28 Jan 2019
Contacts
Eduardo Calu
Eduardo Calu
Managing Partner
SAL & Caldeira Advogados, Lda.
T +258 21 241 400
Last modified 28 Jan 2019