Papua New Guinea
AI behavior law: bot and agent disclosure, crawler and training-data rules, automated-agent transactions, and algorithmic decision-making.
Summary
Papua New Guinea's Cybercrime Code Act 2016 (s.6) criminalises intentional access to "protected or non-public" electronic systems without authorisation; publicly accessible websites are likely outside its scope by statutory text. A National Data Governance and Data Protection Policy was finalised in March 2024 and a Data Protection Act was anticipated but had not been enacted as of May 2026. Copyright and Neighbouring Rights Act 2000 provides fair dealing; no sui generis database right; no TDM exception. fast_moving because the expected DPA enactment may change the privacy posture materially.
Automated-access legality
Carried forward from the crawler-law index. Governs whether automated clients may access public websites in this jurisdiction.
| Dimension | Value |
|---|---|
| Authorization test | technical gate |
| Public-page carve-out | yes |
| Terms-of-service browsewrap enforceable | notice dependent |
| Terms-of-service clickwrap enforceable | yes |
| Copyright exception model | fair dealing narrow |
| Text and data mining — commercial status | unsettled |
| Text and data mining — opt-out mechanism | none |
| robots.txt legal weight | non binding notice |
| AI training-specific law | none |
| Privacy regime | none (policy only; Data Protection Act anticipated but not enacted as of May 2026) |
| Trespass to chattels | not recognized |
Last reviewed: 2026-05-23. Confidence: low. Fast-moving area — verify before relying. Not legal advice.