Privacy Law at Western Sahara
Western Sahara is a disputed territory in North Africa, primarily claimed and largely administered by Morocco, though the Sahrawi Arab Democratic Republic (SADR)—a partially recognized state—also claims sovereignty over the region. Because of this political and legal ambiguity, there is no clearly established or independent privacy or data protection law that specifically applies to Western Sahara as a distinct legal jurisdiction.
🧭 Context Matters: Who Controls What?
1. Moroccan-Controlled Areas
Most of Western Sahara is administered by Morocco, which treats it as part of its Southern Provinces.
Therefore, in areas under Moroccan control, Morocco’s national laws apply—including any laws related to privacy and data protection.
Moroccan Privacy Law Overview:
Morocco has a data protection law:
📜 Law No. 09-08 relating to the protection of individuals with regard to the processing of personal data.
Key features of Moroccan Law 09-08:
Establishes legal rules for the collection, processing, and sharing of personal data.
Data controllers must obtain consent from individuals before processing their personal information.
A National Commission for the Control of Personal Data Protection (CNDP) enforces the law.
Individuals have rights to access, correct, and object to the use of their data.
So, in Moroccan-administered parts of Western Sahara, Moroccan data protection law applies.
2. SADR-Controlled Areas
The SADR controls a portion of the territory mostly in the east and south, near the border with Algeria.
The SADR is not a member of the United Nations, though it is a member of the African Union and is recognized by some countries.
The SADR's legal infrastructure is limited, and there is no known formal data protection law or privacy framework in place.
If any privacy protections exist under SADR governance, they would likely be based on general constitutional rights or modeled after laws in allied states (like Algeria), but there is no documented or enforceable comprehensive data protection law in SADR-held areas.
🌍 International Data Flow & Recognition
Because Western Sahara is not recognized as a sovereign state by most of the international community, it is not subject to international privacy frameworks like the GDPR, nor does it benefit from an EU adequacy decision.
Data transfers involving Western Sahara would typically fall under Moroccan jurisdiction when dealing with international businesses or platforms.
🔍 Summary: Privacy Law in Western Sahara
| Area | Governing Law | Data Protection Status |
|---|---|---|
| Moroccan-administered regions | Moroccan Law No. 09-08 | ✔️ Comprehensive privacy law in force; enforced by CNDP |
| SADR-administered regions | No formal law | ❌ No known data protection legislation; limited legal infrastructure |
⚠️ Practical Considerations
For businesses or NGOs operating in Western Sahara, it is safest to adhere to Moroccan privacy law if operating in Moroccan-controlled zones.
In SADR zones, privacy rights are less clearly defined, and any data collection or processing should follow international best practices to mitigate legal and ethical risks.
RELATED Blog
0 comments