Eswatini
AI behavior law: bot and agent disclosure, crawler and training-data rules, automated-agent transactions, and algorithmic decision-making.
Summary
Eswatini enacted both the Data Protection Act 2022 and the Computer Crime and Cybercrime Act 2022, both of which came into force on 4 March 2022. The Computer Crime and Cybercrime Act defines "illegal access and illegal remaining" as unauthorised entry into or continued presence in a computer system, requiring the act to be intentional and without lawful excuse. Public websites carry implicit authorisation, narrowing the scope of the offence for public-page crawling. The Data Protection Act 2022 applies to any collection of personal data and is enforced by the Eswatini Communications Commission (ESCCOM). No sui generis database right exists. No TDM exception exists. No scraping-specific case law exists. The overall risk posture is similar to South Africa — low risk for public non-personal-data crawling, moderate for personal data, restricted behind login or technical barriers.
Automated-access legality
Carried forward from the crawler-law index. Governs whether automated clients may access public websites in this jurisdiction.
| Dimension | Value |
|---|---|
| Authorization test | without permission |
| Public-page carve-out | unsettled |
| Terms-of-service browsewrap enforceable | notice dependent |
| Terms-of-service clickwrap enforceable | yes |
| Copyright exception model | fair dealing narrow |
| Text and data mining — commercial status | unsettled |
| Text and data mining — opt-out mechanism | none |
| robots.txt legal weight | non binding notice |
| AI training-specific law | none |
| Privacy regime | Data Protection Act 2022 (Eswatini Communications Commission — ESCCOM) |
| Trespass to chattels | not recognized |
Last reviewed: 2026-05-23. Confidence: medium. Not legal advice.