What is AI regulation in Cote d'Ivoire?
AI regulation: countries and regions
Cote d'Ivoire has no dedicated artificial intelligence law. AI is governed indirectly, chiefly through Law No. 2013-450 of 19 June 2013 on the protection of personal data, enforced by the telecoms and ICT regulator ARTCI, which also acts as the data protection authority. A national AI strategy (SNIA 2030) sets policy direction and promises new institutions and an ethics label, but it is guidance, not binding law.
Reviewed by Jackie, Head of Learning & Development, Levellers · Last reviewed 8 June 2026
What this means
There is no statute in Cote d'Ivoire that regulates AI as such. If you build or deploy AI systems in the country, the binding rules that apply to you today are general ones: the personal data protection law, sector regulation, the constitution, and the criminal code. The most directly relevant of these is Law No. 2013-450 of 19 June 2013, which controls how personal data is collected and used and is enforced by the Autorite de Regulation des Telecommunications/TIC de Cote d'Ivoire (ARTCI), the body designated as the country's data protection authority.
Alongside this binding law sits a policy layer. In March 2025 the Ministere de la Transition Numerique et de la Digitalisation presented a national AI strategy, the Strategie Nationale de l'Intelligence Artificielle a l'horizon 2030 (SNIA 2030), built on three pillars: investment, inclusion and governance. It plans new bodies and an AI ethics certificate, but as a strategy it creates ambitions and projects rather than enforceable legal duties.
Cote d'Ivoire also sits inside a regional and continental framework. It has ratified the African Union's Malabo Convention on cyber security and personal data protection, it is bound by the Economic Community of West African States (ECOWAS) data protection instrument, and it operates against the backdrop of the African Union Continental AI Strategy adopted in 2024.
Why it matters
For organisations, the practical point is that "no AI law" does not mean "no rules". If your AI processes personal data about people in Cote d'Ivoire, you are squarely within Law No. 2013-450: you may need to declare the processing to ARTCI or obtain prior authorisation, you must respect purpose limitation and security duties, and individuals hold rights against you. The law also contains a provision relevant to automated systems: a person has the right not to be subject to a decision taken solely on the basis of automated processing that produces significant or harmful legal effects for them. That clause reaches into automated scoring, profiling and similar AI uses without ever naming AI.
The strategy layer matters for planning. The SNIA 2030 signals where binding rules are likely to come from next, including a promised ethics and certification scheme and new institutions. Organisations that align early to data protection compliance and to the strategy's stated ethical direction will face less disruption when firmer rules arrive.
How it works
The binding core: Law No. 2013-450 and ARTCI
The operative legal instrument is Law No. 2013-450 of 19 June 2013 on the protection of personal data. It applies to automated and non-automated processing of personal data carried out on Ivorian territory by public or private bodies. It defines personal data broadly (any information relating to an identified or identifiable natural person), treats categories such as health, biometric, racial, political and religious data as sensitive, and sets core principles of fair and lawful collection, purpose limitation, proportionality, accuracy, limited retention and security. ARTCI, the telecoms and ICT regulator, is designated as the data protection authority and is an independent administrative authority with investigative and sanctioning powers.
Declaration, authorisation and individual rights
Most processing must be declared to ARTCI before it begins; ARTCI issues a receipt. More sensitive processing (for example genetic or health data, judicial data, or use of a national identification number) requires prior authorisation. Individuals have rights of access, objection, rectification and erasure. Importantly for AI, the law gives a person the right not to be subject to a decision based solely on automated processing producing significant or harmful legal effects. Cross-border transfers are permitted only to countries offering an equivalent or higher level of protection.
How ARTCI reaches AI through Article 47
Article 47 of Law No. 2013-450 tasks ARTCI, as the protection authority, with ensuring that the use of information and communication technologies does not harm or threaten the freedoms and privacy of users on national territory. ARTCI has used this mandate to study advanced technologies. It ran a public consultation and information-gathering exercise on biometrics, video surveillance, artificial intelligence and drones, inviting digital-economy actors to complete questionnaires. This is how AI is currently supervised in practice: through a data protection authority applying a 2013 statute to new technology, rather than through bespoke AI rules.
The policy layer: SNIA 2030
The Strategie Nationale de l'Intelligence Artificielle (SNIA 2030) was officially handed over by the Minister of Digital Transition, Ibrahim Kalil Konate, to Prime Minister Robert Beugre Mambe on 13 March 2025, after eight months of preparation, in view of its adoption by the government and a subsequent launch. It was developed under the Ministere de la Transition Numerique et de la Digitalisation with participation from more than 1,500 Ivorians, including public administration officials, private sector representatives, academics and civil society, alongside technical and financial partners. Its governance pillar promises a legal and ethical framework, the creation of a National Committee for AI and Data Governance, a future National AI Agency (Agence Nationale de l'Intelligence Artificielle, ANIA), and a "SafeAI" certification scheme for AI systems. According to a ministry official, the Safe IA label is to be developed in partnership with UNESCO to frame ethical uses of the technology, though this partnership is stated in interviews rather than written into the strategy text. These institutions and the certificate are planned, not yet operational, and the strategy is a guidance document rather than enforceable law.
Regional and continental context
Cote d'Ivoire ratified the African Union Convention on Cyber Security and Personal Data Protection (the Malabo Convention) on 3 April 2023; the Convention entered into force on 8 June 2023. The country is also bound by the ECOWAS Supplementary Act on personal data protection (2010). At continental level, the African Union Continental AI Strategy, endorsed by the AU Executive Council during its 45th Ordinary Session in Accra, Ghana, on 18 and 19 July 2024, is non-binding guidance that encourages member states to develop national AI strategies and to lean on data protection authorities for AI oversight, a pattern Cote d'Ivoire's approach fits closely.
Examples
A fintech startup in Abidjan deploys an AI credit-scoring model that uses customers' personal and transaction data. Before launch it must engage ARTCI under Law No. 2013-450, declaring or seeking authorisation for the processing, and it must respect the prohibition on decisions taken solely by automated means that produce significant or harmful legal effects, which means building in human review of adverse decisions.
A retailer installs AI-driven video analytics and facial recognition at store entrances. Because biometric data is sensitive under Law No. 2013-450, this requires prior authorisation from ARTCI, and the deployment falls within the type of advanced technology ARTCI has already studied under its Article 47 mandate covering biometrics, video surveillance, AI and drones.
A government agency planning an AI tool for public services aligns its project with the SNIA 2030 governance pillar, anticipating the planned National Committee for AI and Data Governance and the proposed "SafeAI" certificate, while still meeting its existing binding duties under the data protection law.
Common misunderstandings
"Cote d'Ivoire has an AI law." It does not. There is no dedicated AI statute or AI bill in force. AI is governed indirectly through data protection law, sector rules and the constitution.
"The SNIA 2030 is binding regulation." It is a national strategy and policy document. It sets direction, projects and institutions to be built, but it does not itself impose enforceable legal obligations on AI developers.
"There is a dedicated AI regulator." There is not. ARTCI is the telecoms, ICT and data protection regulator, and it reaches AI through the data protection law. The promised National AI Agency (ANIA) does not yet exist.
"Data protection law says nothing about automated decisions." It does. Law No. 2013-450 gives individuals a right not to be subject to a decision based solely on automated processing producing significant or harmful legal effects.
"Cote d'Ivoire has not joined any international AI or data framework." It has ratified the Malabo Convention, is bound by the ECOWAS data protection instrument, and sits within the African Union Continental AI Strategy context.
Risks and boundaries
The central boundary is that there is no dedicated AI framework in Cote d'Ivoire yet. What exists is a general data protection law from 2013, applied to AI by analogy and through ARTCI's broad Article 47 mandate, plus a policy strategy that is not law. This leaves gaps: there are no AI-specific risk tiers, no statutory AI impact assessment, no AI conformity certification in force, and no AI sandbox established in law.
The status of the strategy should be stated carefully. Official Ivorian sources describe the SNIA 2030 as handed over to the Prime Minister on 13 March 2025 in view of its adoption by the government, with adoption framed as a subsequent step; some secondary sources (for example Agence Ecofin and Ivoire-Newsroom) loosely describe it as "adopted in March 2025", but no Council of Ministers communique confirming formal adoption was located. The promised institutions (the National Committee for AI and Data Governance, ANIA) and the "SafeAI" certificate are planned and not yet operational. A reported investment envelope of more than 1,000 billion CFA francs, stated by Stephane Kounandi Coulibaly, Director of Innovation, Startups and Private Sector at the Ministry of Digital Transition, covers the AI and data-governance strategies combined over 2025 to 2030 and stems from a ministry official rather than from the strategy text. Anyone relying on these points should treat them as policy intentions that could change.
What to do next
Treat data protection as your live compliance baseline. Map any AI that touches personal data of people in Cote d'Ivoire, then determine whether you owe ARTCI a declaration or need prior authorisation, especially for sensitive or biometric processing.
Build human oversight into automated decisions now. The right not to be subject to decisions based solely on automated processing is already in force, so design adverse-decision review into scoring, profiling and similar systems.
Watch the strategy's institutions. Track the creation of the National Committee for AI and Data Governance, the National AI Agency (ANIA) and the "SafeAI" certificate, and prepare to align governance and documentation when they materialise.
Use international anchors. Given the Malabo Convention, the ECOWAS instrument and the African Union Continental AI Strategy, organisations operating regionally should standardise on strong data governance and risk-based AI practices that travel across West African markets.
Have a question or a suggestion, or want to understand how we research and review these guides? Read about our editorial standards and how to reach us.
FAQs
Does Cote d'Ivoire have a specific AI law?
No. There is no dedicated AI statute or bill in force. AI is regulated indirectly, mainly through Law No. 2013-450 of 19 June 2013 on personal data protection, enforced by ARTCI.
Who regulates AI and data in Cote d'Ivoire?
ARTCI, the Autorite de Regulation des Telecommunications/TIC de Cote d'Ivoire, is the telecoms, ICT and data protection authority. It supervises AI through the data protection law and its Article 47 mandate over advanced technologies.
What is the SNIA 2030?
It is the national AI strategy presented to the Prime Minister in March 2025, built on investment, inclusion and governance pillars. It is a policy document, not binding law, and it proposes new institutions and an ethics certificate.
Does Ivorian law restrict automated decision-making?
Yes. Law No. 2013-450 gives individuals the right not to be subject to a decision taken solely on the basis of automated processing that produces significant or harmful legal effects for them.
Has Cote d'Ivoire ratified the Malabo Convention?
Yes. It ratified the African Union Convention on Cyber Security and Personal Data Protection on 3 April 2023, and the Convention entered into force on 8 June 2023.
Is there an AI impact assessment requirement?
There is no AI-specific statutory impact assessment in force. Data protection obligations and ARTCI authorisation requirements apply instead, and the SNIA 2030 signals a future ethics and certification framework.
What should companies deploying AI do now?
Comply with the data protection law, declare or seek authorisation from ARTCI where required, build human review into automated decisions, and monitor the strategy's planned institutions and certification scheme.