In Effect Law Data Protection Context Relevance

Algeria Law 18-07

Law 18-07 on the Protection of Individuals in the Processing of Personal Data

Algeria's data protection law with mandatory DPO requirement added by 2025 amendment and 5-day breach notification.

Jurisdiction

Algeria

Enacted

Jun 10, 2018

Effective

Aug 1, 2023

Enforcement

Autorité Nationale de Protection des Données à Caractère Personnel (ANPDP)

DPO mandatory under 2025 amendment

What It Requires

Transparency

Must disclose AI nature, data practices, or algorithmic decisions

User Rights

Must honor access, correction, and deletion requests

Who Must Comply

This law applies to:

• Data controllers and processors in Algeria
• Entities processing data of Algerian residents
• Cross-border data transfers from Algeria

Capability triggers:

● dataProcessing (required)

● Required ◐ Increases applicability

Who bears obligations:

Data Controller Data Processor

Safety Provisions

• Data Protection Officer mandatory (2025 amendment)
• 5-day breach notification to ANPDP
• Data controller registration required
• Security measures for personal data
• Cross-border transfer restrictions

Enforcement

Enforced by

Autorité Nationale de Protection des Données à Caractère Personnel (ANPDP)

Penalties

criminal liability

Criminal liability

Fines and imprisonment for violations

Primary Source

Journal Officiel Algeria (opens in new tab)

https://www.joradp.dz/FTP/jo-francais/2018/F2018034.pdf

Quick Facts

Binding: Yes
Mental Health Focus: No
Child Safety Focus: No
Algorithmic Scope: No

Why It Matters

Algeria's 5-day breach notification (vs GDPR's 72 hours) creates strict incident response timeline for AI chatbot security incidents.

Recent Developments

2025 amendment made DPO mandatory for all data controllers

Cite This

APA

Algeria. (2018). Law 18-07 on the Protection of Individuals in the Processing of Personal Data. Retrieved from https://nope.net/regs/dz-law-18-07

BibTeX

@misc{dz_law_18_07,
  title = {Law 18-07 on the Protection of Individuals in the Processing of Personal Data},
  author = {Algeria},
  year = {2018},
  url = {https://nope.net/regs/dz-law-18-07}
}

Related Regulations

In Effect ZM • Data Protection

Zambia DPA

Zambia's comprehensive data protection law with special protections for vulnerable persons and DPIA requirements for high-risk processing.

In Effect BW • Data Protection

Botswana DPA

Botswana's modernized data protection law requiring Data Protection Impact Assessment and establishing age 16 for consent.

In Effect SC • Data Protection

Seychelles DPA

Seychelles' modern data protection law requiring DPO for large-scale processing and recognizing Cross-Border Privacy Rules certification.

In Effect RW • AI Safety

First African country to adopt comprehensive national AI policy. Establishes Responsible AI Office (RAIO) under MINICT. Implements RURA ethical guidelines covering beneficence, non-maleficence, autonomy, justice, explicability, transparency. Non-binding framework.

In Effect INTL • Child Protection

UNICEF AI for Children

Most specific international guidance on children and AI. Ten requirements for child-centered AI including development/wellbeing support, data/privacy protection, and safety.

In Effect NP • AI Safety

Nepal AI Policy

Nepal national AI policy establishing governance framework and development priorities. Creates AI Governance Council (chaired by Minister for Communications and IT), AI Regulation Council, National AI Centre, and AI Regulatory Authority. Six pillars including ethics, human resource development, and sectoral application.

Back to all regulations Check if this applies to you

Algeria Law 18-07

What It Requires

Who Must Comply

Safety Provisions

Enforcement

Primary Source

Quick Facts

Why It Matters

Recent Developments

Cite This

Related Regulations

Zambia DPA

Botswana DPA

Seychelles DPA

Rwanda AI Policy

UNICEF AI for Children

Nepal AI Policy