Online safety & content laws in Bosnia & Herzegovina (2026)

As of May 2026 BiH has no law governing online platform content moderation or platform liability. IFEX and Council of Europe monitoring document a persistent 'deadlock' due to lack of political will and unresolved disputes between entities over regulatory jurisdiction.

The Communications Regulatory Agency, established 2001, licenses broadcasters and telecom operators and manages spectrum, but its mandate does not extend to regulating social-media or user-generated content on online platforms.

On 6 May 2026 in Sarajevo, public institutions, regulators, media, civil society, and academia agreed on principles for a multi-stakeholder co-regulatory model aligned with the EU Digital Services Act and European Media Freedom Act, under the CoE/EU PRO-FREX programme. Next steps require formalising coordination and drafting legislation — none yet enacted.

As an EU candidate country, BiH is not subject to the Digital Services Act. However, the European Commission has engaged BiH in TAIEX workshops on DSA implementation and Western Balkans alignment, and the May 2026 agreement explicitly targets DSA-compatible co-regulation.

The Law on Personal Data Protection was adopted 30 January 2025 and entered into force 8 March 2025, substantially transposing GDPR principles including protections relevant to children's data online. It does not, however, establish a platform content-moderation or age-verification regime.

No enacted law mandates age-verification for online services or imposes liability on platforms for user-generated content. Children's online safety relies on awareness campaigns and general criminal-law provisions, with no dedicated statutory framework.