Nepal
Summary
Law: Individual Privacy Act, 2075 (2018) ('the Privacy Act')
Regulator: There is no general data protection authority.
Summary: Privacy in Nepal is regulated by the Data Act 2079 (2022) (only available in Nepali here) ('the Data Act'), the Privacy Act, and the Individual Privacy Regulation 2077 (2020) ('Privacy Regulation') (only available in Nepali here). The Data Act which entered into force on October 13, 2022, regulates the generation, regulation, storage, and publication of data and outlines obligations for data controllers, producers, and users' of data. The Privacy Act, on the other hand, gives effect to the constitutional right to privacy and includes provisions on data collection, storage, and disclosure, and requires the consent of an individual before collecting their personal information.
Furthermore, Article 28 of the Constitution of Nepal provides individuals with the fundamental right to privacy; while the National Criminal Code 2074 (2017) ('Criminal Code') also contains general provisions relating to privacy and data protection.