Angola

Summary

Angola's data protection framework is governed by Law No. 22/11 of 17 June 2011 (modelled on EU Directive 95/46/EC), enforced by the Agência de Proteção de Dados (APD, operational since October 2019). The APD has issued enforcement actions: in mid-2024 it imposed fines totalling approximately USD 300,000 on multiple companies for data-protection violations including unlawful cross-border transfers and failure to implement appropriate security measures. A draft revision of Law No. 22/11 was under public consultation from March–April 2025, introducing AI-related provisions and modernisations; enactment is expected but had not occurred as of May 2026. The Penal Code (Law No. 38/20 of 2020) incorporates cybercrime provisions including illicit access to and manipulation of data and computer systems, covering all Budapest Convention articles. Publicly accessible pages are not categorically prohibited but the APD has jurisdiction over any collection of personal data including from public sources. No EU-style sui generis database right; Angola is not an OAPI member; original compilations receive copyright protection under national law. No scraping case law identified. Framework is fast-moving given the pending Law 22/11 revision.