World Watch/Algeria/Cybersecurity
Language:EnglishSpanishFrenchGermanPortugueseHindi

Cybersecurity · Algeria

Cybersecurity - Algeria

Sectoral rulesPresidential Decree No. 20-05 (2020, amended 2025) establishing CNSSI/ANSSI; Law No. 09-04 (2009, amended 2016) on cybercrime; Law No. 18-07 (2018, amended by Law 25-11, 2025) on personal data protection; Presidential Decree No. 26-07 (2026) on cybersecurity units; National Cybersecurity Strategy 2025-2029 (Decree 25-321)

Algeria has built a layered cybersecurity regime across multiple instruments rather than a single comprehensive statute: a 2009 cybercrime law governs offences and ISP obligations; a 2020 presidential decree created the national governance bodies CNSSI and ANSSI; and a July 2025 amendment to the data-protection law introduced mandatory breach notification. In December 2025–January 2026, Algeria further tightened the framework by approving a five-year national cybersecurity strategy and mandating dedicated cybersecurity units inside all public institutions.

Cybercrime Law (09-04)

Law No. 09-04 of 5 August 2009, amended by Law No. 16-02 of 19 June 2016, defines ICT-related offences, authorises electronic-communications surveillance, obliges service providers to cooperate with authorities and retain data, and created a national committee for preventing and fighting cybercrime.

source 1source 2
National IS Security Governance (Decree 20-05)

Presidential Decree No. 20-05 of 20 January 2020 (amended by Decree 25-298 of 10 November 2025) established the National Council for IS Security (CNSSI) as the strategic body and the National Agency for IS Security (ANSSI) as the technical/operational arm, mandating a CISO in all state information systems.

source 1source 2
Breach Notification Duty (Law 25-11)

Law No. 25-11 of 24 July 2025 amended the data-protection Law 18-07 to introduce mandatory breach notification: organisations must notify the national data-protection authority (ANPDP) and affected individuals within five days of discovering a personal data breach.

source 1source 2
National Cybersecurity Strategy 2025-2029

Presidential Decree No. 25-321 of 30 December 2025 formally approved the five-pillar National Cybersecurity Strategy 2025-2029, covering protection of state digital infrastructure, mandatory security audits for critical sectors (banking, healthcare, energy), capacity building, and sector-specific cybersecurity regulations.

source 1source 2
Cybersecurity Units in Public Institutions (Decree 26-07)

Presidential Decree No. 26-07 of 7 January 2026 requires all public administrations and state-linked organisations to establish internal cybersecurity units, defining their missions, organisational structure, and responsibilities for anticipating and managing cyber risks.

source 1source 2
DZ-CERT and Incident Response

Algeria's national CERT (DZ-CERT), hosted by CERIST, coordinates incident response and exchanges threat intelligence with international CERTs. ANSSI oversees vulnerability disclosure and certification of cybersecurity products; critical infrastructure operators face enhanced incident-reporting obligations to ANSSI.

source 1source 2

Machine-assisted translation · verified 5/24/2026 · orientation, not legal advice. English version →