Tunisia

Summary

Tunisia presents elevated and fast-moving risk for web crawling. The data-protection framework is Organic Act No. 2004-63 on Personal Data Protection, overseen by the INPDP (Instance Nationale de Protection des Données Personnelles), which requires prior INPDP authorisation before processing personal data or transferring it abroad; no publicly-available- data exemption applies. Decree-Law No. 2022-54 on Cybercrime introduced broadly-drafted offences — including unlawful data interception, system interference, and a widely-criticised "false information" provision for content disseminated via automated systems. Civil-society organisations (Access Now, ICJ, HuMENA, Amnesty International, Article 19) have documented use of Decree-Law 54 to detain journalists and activists; its vague and overbroad terms create significant uncertainty for operators of automated data-collection systems. There is no EU-style sui generis database right; databases attract only compilation-originality copyright protection under Law No. 94-36 on Literary and Artistic Property. No TDM copyright exception exists. Tunisia has signed but not ratified the AU Malabo Convention. The political context since 2021 (concentration of executive power, 2022 constitution) has increased legal unpredictability; fast_moving is retained.