Myanmar Cybersecurity Law

Cybersecurity Law 2025 (Law No. 1/2025)

Myanmar's cybersecurity law requiring platforms with 100,000+ users to register and imposing data retention requirements. Enacted post-2021 coup with uncertain enforcement.

Jurisdiction

Myanmar

Enacted

Jan 1, 2025

Effective

Jul 1, 2025

Enforcement

Ministry of Transport and Communications

Post-coup legal environment - enforcement uncertain

DataGuidance Myanmar Overview

Why It Matters

Myanmar's registration and data retention requirements create compliance obligations for AI chatbot platforms reaching scale, though post-coup enforcement environment creates operational uncertainty.

Recent Developments

Enacted 2025 post-coup; legal environment uncertain

At a Glance

Applies to

AI CompanionMental Health AppGeneral Chatbot

Harms addressed

Harassment

Who Must Comply

Platforms with 100,000+ Myanmar users
Internet service providers
Online service operators

Obligations fall on:

Operator — Operates the platform or service

Safety Provisions

Platform registration for 100,000+ users
Data retention requirements
Cybersecurity incident reporting
Government access provisions

Compliance & Enforcement

Penalties

Fines and potential service blocking

Primary Source

DataGuidance Myanmar Overview

https://www.dataguidance.com/

View on map

Myanmar

Focus Areas

General regulation

Cite This

APA

Myanmar. (2025). Cybersecurity Law 2025 (Law No. 1/2025).

Related Regulations

In Effect FJ

Fiji OSA

Fiji's online safety law covering cyberbullying, cyberstalking, and revenge porn with Online Safety Commission oversight and mandatory mediation.

In Effect JP

Japan Revenge Porn Act

Japan's revenge porn law criminalizing distribution of private sexual images (3 years/¥500,000) but does NOT cover deepfakes - significant legal gap.

In Effect MY

Malaysia OSA

Requires licensed platforms to implement content moderation systems, child-specific safeguards, and submit Online Safety Plans. Nine categories of harmful content regulated.

In Effect BN

Brunei PDPO

Brunei's personal data protection order requiring DPIA and imposing penalties up to 10% Brunei turnover or $1M.

In Effect CN

First major revision of China's foundational Cybersecurity Law since 2017. Introduces formal AI governance provisions, significantly increases penalties, and expands extraterritorial application to all cybersecurity violations.

In Effect IN

India DPDP Act

STRICTEST children's provisions in APAC. Children = under 18; verifiable parental consent MANDATORY; PROHIBITION on tracking, behavioral monitoring, targeted advertising to children.

All regulations Check if this applies to you

Last updated January 22, 2026. Verify against primary sources before relying on this information.