1 privacy and data protection regulation that apply in Republic of Djibouti
Djibouti's first comprehensive data protection framework is part of a broader 156-article Digital Code. It establishes a modern GDPR-style regime with privacy by design requirements, data minimization by default, and 72-hour breach notification. The designated supervisory authority, CNDP, has not yet been established. Penalties reach up to 10 years imprisonment or 5% of turnover.
