Jordan Recording Laws: All-Party Consent Rules and Penalties (2026)

Jordan Recording Laws: All-Party Consent Rules and Penalties (2026)

Jordan requires all-party consent for recording conversations, phone calls, and digital communications. Recording without the knowledge and agreement of every participant is a criminal offense under Cybercrime Law No. 17 of 2023, the Jordanian Penal Code No. 16 of 1960, and the Telecommunications Law No. 13 of 1995, all of which build on constitutional privacy guarantees in Articles 7 and 18 of the Jordanian Constitution.

Information last verified on 2026-05-15. This article has not been reviewed by a licensed lawyer. It presents general legal information only.

Jurisdiction scope: This article addresses recording and surveillance law in the Hashemite Kingdom of Jordan under the Jordanian Constitution, Cybercrime Law No. 17 of 2023, Penal Code No. 16 of 1960, Telecommunications Law No. 13 of 1995, and Personal Data Protection Law No. 24 of 2023. It does not address the law of neighboring countries (Israel, Palestine, Syria, Iraq, Saudi Arabia) or the laws of other Middle Eastern states. For a global comparison, see the world recording laws hub.

Jordan's All-Party Consent Standard

Jordan does not use the term "all-party consent" in its legislation. No single statute spells it out that way. But the combined effect of the country's Penal Code, its 2023 Cybercrime Law, its Telecommunications Law, and the Jordanian Constitution is a legal environment that criminalizes any recording made without the knowledge and permission of all parties involved.

The framework is layered. Several statutes overlap, each covering a different dimension of unauthorized recording. That means a single act of recording a phone call without permission could violate the Penal Code, the Cybercrime Law, and the Telecommunications Law simultaneously. Prosecutors can choose which charges to bring, and courts have applied these provisions broadly.

For anyone living in Jordan, traveling there, or conducting business with Jordanian counterparts, the baseline rule is clear: do not record without getting explicit consent from everyone who will be captured on the recording.

Constitutional Foundation: Article 7 and Article 18

Article 18 and the Secrecy of Communications

The starting point for Jordan's recording laws is Article 18 of the Jordanian Constitution. It reads: "All postal and telegraphic correspondence, telephonic communications, and the other communications means shall be regarded as secret and shall not be subject to censorship, viewing, suspension or confiscation except by a judicial order in accordance with the provisions of the law."

That language establishes communications privacy as a constitutional right, not just a statutory protection. Phone calls, text messages, emails, and other forms of digital communication all fall under this umbrella. The constitution permits interference with these communications only through a judicial order, meaning that even law enforcement must obtain court authorization before intercepting or recording.

Article 7 and the Inviolability of Private Life

Article 7 of the Constitution reinforces this by declaring that personal freedom is protected and that any infringement on the rights, public freedoms, or "sanctity of private life" of Jordanians is a crime punishable by law. This provision gives constitutional weight to privacy protections that extend well beyond telecommunications, covering in-person conversations, private meetings, and other interactions where a reasonable expectation of privacy exists.

Together, these two constitutional articles form the legal foundation that every recording-related statute in Jordan builds upon.

Cybercrime Law No. 17 of 2023: The Modern Framework

Background and Passage

King Abdullah II approved the Cybercrime Law on August 12, 2023, and it entered force on September 13 of that year. The law replaced and expanded the previous Information Systems and Cyber Crime Law of 2015, growing from 17 articles to 41 articles. Parliament passed it in under one month, a timeline that drew criticism from civil society groups who said there was no meaningful public consultation.

The Ministry of Digital Economy and Entrepreneurship (MoDEE), formerly the Ministry of Information and Communications Technology (MoICT), oversees the regulatory framework alongside the Telecommunications Regulatory Commission (TRC).

Article 7: Unlawful Interception

Article 7 is the provision most directly relevant to recording and wiretapping. It criminalizes the intentional and unjust interception of data flow, including capturing, obstructing, altering, deleting, or recording the content of communications.

The penalties under Article 7 are structured in tiers:

• Basic offense (interception without disclosure): Six months to one year imprisonment and a fine of 1,500 to 6,000 JOD (approximately USD $2,100 to $8,450).
• If the intercepted content is disclosed, leaked, or used: A minimum of one year imprisonment and a fine of 3,000 to 6,000 JOD.
• If the interception targets communications of an official authority: Temporary hard labor (a minimum of five years) and a fine of 15,000 to 45,000 JOD (approximately USD $21,150 to $63,450).

The third tier is notable. Intercepting government communications carries penalties comparable to serious violent crimes in many legal systems.

Article 33: Prosecutorial Powers

Article 33, paragraph 1(A) of the Cybercrime Law grants prosecutors and courts the authority to "remove, block, stop, disable, register or intercept the data path" of websites and social media platforms, or to "prevent access to it, or temporarily ban the user or publisher." The scope of these powers has been a focal point for criticism, because the article lacks clear procedural safeguards and does not require advance judicial review in all circumstances.

Voyeurism and Intimate Image Abuse

Article 19, Subsection 1: Publishing Private Recordings

Article 19 of the Cybercrime Law creates a specific offense targeting the non-consensual publication of private recordings. Subsection 1 criminalizes the use of information networks or technology to publish a recording, image, or video of what a person "seeks to keep private," when done with intent to defame, offend, or obtain a benefit.

The penalties for this offense are:

• A minimum of three months imprisonment
• A fine of 20,000 to 40,000 JOD (approximately USD $28,200 to $56,400)
• Prosecution is complaint-based, meaning the affected person must file a complaint to trigger criminal proceedings

This provision covers the act of sharing or distributing a private recording without consent, regardless of whether the original recording was made lawfully. A person who receives a private recording and then distributes it can face prosecution under this subsection even if the sender originally created the recording with consent.

Deepfakes and AI-Generated Media

Article 19, Subsection 2: Manipulated Intimate Content

Article 19, subsection 2 of the Cybercrime Law creates a more serious offense targeting the creation or manipulation of intimate recordings. It criminalizes creating, modifying, or altering intimate recordings or images of a person with defamatory intent or to cause harm.

This subsection directly addresses the phenomenon of deepfake intimate content: using image-editing tools or AI systems to create realistic but fabricated intimate recordings of a real person without their consent.

The penalties are significantly more severe than subsection 1:

• A minimum of two years imprisonment
• A fine of 25,000 to 50,000 JOD (approximately USD $35,250 to $70,500)

Jordan has not enacted standalone deepfake legislation beyond Article 19, subsection 2. As of May 2026, the criminal framework for AI-generated intimate content rests entirely on this provision. Organizations and individuals creating or distributing AI-generated content involving identifiable Jordanian individuals should treat Article 19, subsection 2 as the governing rule.

The Penal Code: Older but Still Active

Article 384: Eavesdropping and Private Life

The Jordanian Penal Code No. 16 of 1960 (as amended) remains in force alongside the newer Cybercrime Law. Article 384 criminalizes breaching the private lives of others through eavesdropping, surveillance, or "any other medium including recording audio."

The penalty under Article 384 is imprisonment for up to three months. If a person commits the offense repeatedly, the penalty is doubled.

While three months may seem light compared to the Cybercrime Law's penalties, Article 384 has a broader reach in some respects. It applies to any form of privacy breach, not just digital interception. Recording a conversation through a wall, using a directional microphone from a distance, or planting a physical listening device in a room all fall within its scope.

Article 356: Disclosure by Telecommunications Workers

Article 356 of the Penal Code addresses a specific category of offenders: employees of telecommunications companies. Anyone who spreads the content of a private call "within the capacities of their position in the telephony service" faces up to six months in prison or a fine of 20 JOD.

This provision dates to a time when telephone operators could listen in on calls. It remains relevant for employees of mobile carriers, internet service providers, and other telecommunications infrastructure companies.

Telecommunications Law No. 13 of 1995

Confidentiality of Communications

Article 56(4) of the Telecommunications Law states: "Telephone calls and private Telecommunications shall be considered confidential matters which may not be violated, under legal liability."

This statutory declaration of confidentiality applies to all communications carried over licensed telecommunications networks in Jordan. Violating it carries a penalty of one month to one year in prison, or a fine of 100 to 300 JOD.

Lawful Interception by Authorities

Article 29(g) of the Telecommunications Law requires licensed network operators to make their facilities "reasonably capable and available for competent authorities to implement judicial orders in respect of judicial and national security requirements." In practical terms, this means that Jordanian telecoms must maintain the technical capacity for government-authorized wiretapping.

The law does not publish detailed procedures for how interception orders are obtained, which has drawn criticism from privacy advocates who argue the lack of transparency enables abuse.

Phone Calls vs. In-Person Conversations

Phone Call Recording

Recording a phone call in Jordan without the consent of all parties violates multiple statutes simultaneously. Article 7 of the Cybercrime Law covers digital interception. Article 384 of the Penal Code covers the invasion of privacy through recording. Article 56(4) of the Telecommunications Law declares phone calls confidential.

This applies whether the call is carried over traditional cellular networks, VoIP platforms like WhatsApp or Zoom, or landline connections. The law does not distinguish between the technology used to make the call and the technology used to record it. Apps that automatically record calls violate the law unless every party on the call has consented.

In-Person Conversations

Recording a face-to-face conversation without the knowledge of all participants falls under Article 384 of the Penal Code and, if any digital device or information system is used in the process, Article 7 of the Cybercrime Law.

Wearing a hidden microphone, placing a phone in recording mode during a meeting, or using a voice-activated recorder in your bag during a private discussion all constitute criminal conduct. There is no exception for participants who want to record their own conversations for personal reference.

Workplace Recording and Surveillance

Employer Monitoring

Jordan does not have a dedicated workplace surveillance statute. Instead, the general privacy protections of the Constitution, the Penal Code, and the Cybercrime Law apply to the employment context.

Employers who install audio recording equipment in workplaces without informing employees risk prosecution under Article 384 of the Penal Code. Video surveillance with audio capture carries the same risk. CCTV systems that record video only, without audio, occupy a slightly different legal category, but employers should still provide notice to employees. For a broader discussion of employer recording obligations, see our dedicated article.

The Personal Data Protection Law No. 24 of 2023, which took effect on March 17, 2024, adds another layer. It requires that any processing of personal data be based on "explicit and documented" consent that is "specific in terms of duration and purpose." Employers who collect employee data through surveillance systems must comply with these consent requirements or qualify for one of the limited exceptions, such as processing required by law or necessary to protect vital interests. The compliance grace period for existing systems ended on March 17, 2025, meaning employers who had not yet updated their surveillance practices by that date are now subject to enforcement.

Business Call Recording

Companies that record customer service calls, sales conversations, or internal meetings must obtain affirmative consent from all parties before recording begins. An automated message at the start of a call stating "this call may be recorded for quality assurance" is a common practice, but it must clearly allow the other party to opt out or end the call. Proceeding to record after the caller has been informed and continues the conversation is generally treated as implied consent, though best practice is to obtain explicit agreement.

Recording in Public Spaces

General Rule

Jordan's privacy laws do not create a blanket exemption for recording in public spaces. While the expectation of privacy is lower in genuinely public areas, recording a specific individual in public, especially capturing their voice or conversation, can still violate the Penal Code if the person has not consented.

The 2015 predecessor to the Cybercrime Law explicitly prohibited "photography or recording in private spaces without consent." The 2023 law extends digital recording protections more broadly, and Article 19's prohibition on publishing private recordings applies regardless of where the recording was made.

Protests and Public Gatherings

Recording at protests and public gatherings has become a particularly sensitive issue. Security forces have arrested photojournalists covering demonstrations, and the government has used the Cybercrime Law to prosecute individuals who shared footage of public protests on social media. In March 2024, photojournalists Charles Dessi and Abdul Jabbar Zeitoun were arrested while covering demonstrations in Amman against the war in Gaza.

Filming Permits

Commercial filming in Jordan requires a permit from the Royal Film Commission. Most public and heritage sites require specific authorization, with processing times of 5 to 30 days depending on the location. Foreign productions must partner with a local production company or fixer. The permit system applies to organized filming activities, not casual personal photography, but the line between the two is not always clear in practice.

Press Freedom and the Cybercrime Law

A Tool for Repression

The 2023 Cybercrime Law has been called "draconian" by Human Rights Watch, a "tool for repressing journalists" by Reporters Without Borders, and a vehicle for "escalating assault on rights" by Amnesty International. These are not abstract concerns. Authorities have used the law aggressively since it took effect.

Between August 2023 and August 2024, Jordanian authorities charged hundreds of people under the Cybercrime Law for social media posts that criticized government policies, expressed pro-Palestinian sentiment, questioned Jordan's peace agreement with Israel, or called for peaceful protests.

Documented Cases

Specific cases illustrate the pattern:

• Hiba Abu Taha, a journalist, was arrested in May 2024 and sentenced to one year in prison for an article criticizing Jordan's interception of Iranian missiles headed toward Israel. She was convicted for using social media to "spread false news" and "insult or defame a governmental authority."
• Ahmad Hassan al-Zoubi, a satirical columnist and founder of the news website Sawalif, was imprisoned in July 2024 and sentenced to one year for criticizing authorities on social media. His health deteriorated in overcrowded prison conditions.
• Moutaz Awwad, a lawyer and activist, was convicted under Article 17 of the Cybercrime Law for posts on X (formerly Twitter) critical of Arab policies toward Israel and fined 5,000 JOD (approximately USD $7,000).
• Ayman Sandouqa, a political activist, was sentenced to five years in prison in January 2025 for a social media post criticizing King Abdullah II's policies toward Israel.
• Omar Al Zayood, publisher of Al Hashmiyah News, was arrested on March 17, 2025 after former Prime Minister Bisher al-Khasawneh complained about a report on his website. Al Zayood was charged with "inaccuracy and insulting the dignity of individuals" under the cybercrime law (Committee to Protect Journalists, March 2025).
• Mohammad Faraj, a journalist with Al-Mayadeen TV, was arrested on December 12, 2025 upon landing at Queen Alia International Airport. As of late December 2025, no charges had been disclosed and he was held without access to family or legal counsel, believed to be held at the General Intelligence Department (Committee to Protect Journalists, December 2025).

In May 2025, authorities blocked 12 online news outlets, including Voice of Jordan, Raseef22, and Middle East Eye, accusing them of "spreading media poison and attacking Jordan and its national symbols."

International Condemnation

The UN Office of the High Commissioner for Human Rights expressed concern about the law's impact on civic space shortly after its passage in August 2023. Access Now led an open letter to King Abdullah calling for the law's repeal. ARTICLE 19, a freedom-of-expression organization, marked the law's one-year anniversary by calling for it to be scrapped entirely.

Jordan fell to 147th out of 180 countries in Reporters Without Borders' World Press Freedom Index for 2025, having dropped 15 places from the prior year and earning a new classification of "very serious" press freedom environment (RSF, 2025). Freedom House's Freedom on the Net 2025 report gave Jordan a score of 47 out of 100, classifying it as Partly Free.

Reports from Freedom House, Amnesty International, and the Committee to Protect Journalists have also documented the use of Pegasus spyware by Jordanian authorities to monitor journalists and activists, raising separate surveillance concerns beyond the scope of the Cybercrime Law itself.

The Anti-Terrorism Law and Surveillance

Expanded Surveillance Powers

Jordan's Anti-Terrorism Law of 2006 grants additional surveillance authority that intersects with recording and wiretapping law. Article 4 permits the Prosecutor General to impose surveillance over a suspect's "residence, movements, and means of communication" based on "reliable information" linking the person to "terrorist activity."

The law does not define what constitutes "reliable information" or "terrorist activity" with precision. The State Security Court, whose prosecutors are military officers, can authorize surveillance, travel bans, searches, and asset freezes without the same level of judicial review required in civilian courts.

Practical Overlap

In practice, charges in many reported cases have been based on a person's WhatsApp conversations or content saved on their phones and computers. This suggests that surveillance authorized under the Anti-Terrorism Law sometimes captures private communications that are then used as evidence, blurring the line between counter-terrorism operations and ordinary law enforcement.

Personal Data Protection Law No. 24 of 2023

The Law and the Council

Jordan's first dedicated data protection statute, Law No. 24 of 2023, was published in the Official Gazette on September 17, 2023, and became enforceable on March 17, 2024. The compliance grace period for organizations to update existing practices ended on March 17, 2025.

Articles 16 and 17 of the PDPL establish the Personal Data Protection Council as the primary policy authority, responsible for approving policies, issuing licenses for data storage and processing activities, setting national standards, and handling complaints. A separate Data Protection Unit operating under the Ministry of Digital Economy and Entrepreneurship (MoDEE) handles day-to-day licensing, investigations, and monitoring.

Consent and Purpose Limitation

The law requires explicit, documented consent for personal data processing, with consent needing to be "specific in terms of duration and purpose." It criminalizes processing data for purposes other than those originally stated.

For recording, the data protection law creates an additional compliance obligation. Any recording that captures personal data, which includes voice recordings, video, and images of identifiable individuals, must comply with the consent and purpose-limitation requirements of the law.

Exceptions to the consent requirement include processing by public authorities for legally assigned tasks, processing for preventive medical purposes, protecting vital interests, preventing or disclosing crime, and processing required by legislation or court decision.

Enforcement and Penalties

Administrative enforcement under Article 21 includes written warnings, license suspension (partial or complete), license revocation, and daily fines of up to 500 JOD per violation day, capped at 3% of the organization's total annual revenues from the previous fiscal year.

Criminal penalties under Article 22 range from fines of 1,000 to 10,000 JOD. Courts may order data destruction or database cancellation on application by the public prosecution.

Data subjects whose personal data is processed in violation of the law may pursue civil compensation claims separately through competent courts, without those claims being precluded by any administrative penalties imposed on the same violator.

Data controllers must notify affected data subjects within 24 hours of discovering a breach and report to MoDEE's unit within 72 hours with full breach details.

Civil Liability for Unauthorized Recording

Criminal Penalties Are Not the Only Risk

An unauthorized recording in Jordan exposes the person who made it to both criminal prosecution and civil liability. These are separate legal tracks that can run simultaneously.

Under the PDPL, any person whose personal data was processed without valid consent may file a civil compensation claim against the data controller. The claim is independent of any administrative fine or criminal prosecution the controller may face. Courts assess compensation based on actual damages suffered by the data subject.

Under the Penal Code and general principles of Jordanian civil law, a person whose privacy has been invaded through unauthorized recording may also pursue civil damages on parallel grounds. The existence of a criminal conviction under Article 384 of the Penal Code is not required to sustain a civil claim, though a conviction strengthens the civil case.

Practical Implications for Businesses

Organizations that record customer interactions, employee conversations, or meeting participants without proper consent face the prospect of multiple simultaneous enforcement actions: a complaint-based criminal prosecution, an administrative action by MoDEE, and a civil compensation claim by the affected individual. Jordan's overlapping statutory framework means that a single recording incident can trigger liability under three separate legal regimes.

Cross-Border and Diaspora Applicability

Jordanian Law and Activity Outside Jordan

Jordan's Cybercrime Law applies extraterritorially in certain circumstances. Article 2 of the law extends jurisdiction to offenses committed outside Jordan when the perpetrator or victim is Jordanian, or when the offense affects a Jordanian information system or network.

In practice, Jordanian authorities have used the Cybercrime Law to pursue criminal charges against Jordanian nationals based abroad for social media posts made on platforms hosted in other countries. This means that Jordanian expatriates and diaspora members who post commentary about Jordan online are not necessarily protected by their physical location outside the country.

Recordings Made Abroad Used in Jordan

If a recording was made lawfully in another jurisdiction (for example, under a one-party consent rule) but is later shared with parties in Jordan or used in Jordanian proceedings, Jordanian law governs its admissibility and the legality of its distribution within Jordan. A recording that is legal where it was made may still expose its creator to liability under Article 19 of the Cybercrime Law if it is subsequently distributed in Jordan without the subject's consent.

Foreign Nationals Operating in Jordan

Foreign nationals present in Jordan are subject to Jordanian law for all conduct occurring within the country. Business travelers, journalists, and foreign correspondents who routinely record interviews or meetings in their home countries must obtain consent from all Jordanian parties before recording anything inside Jordan.

Penalties Summary

Business Compliance Checklist

Organizations operating in or with Jordan should take these steps:

• Audit all recording systems. Identify every system that captures audio or video, including phone systems, conferencing tools, CCTV, and customer service platforms.
• Obtain documented consent. Before recording any call, meeting, or interaction, secure explicit consent from all parties. Document the consent in writing or electronically as required by the Personal Data Protection Law.
• Update call recording scripts. Ensure automated phone systems clearly inform callers of recording and provide an opt-out mechanism before the conversation begins.
• Train employees. Staff should understand that recording conversations, even on personal devices during work hours, can result in criminal prosecution.
• Review surveillance policies. Workplace CCTV and monitoring systems must comply with both the Penal Code's privacy provisions and the Personal Data Protection Law's consent requirements. The PDPL grace period ended March 17, 2025; non-compliant systems are now enforcement targets.
• Restrict data use. Recordings collected for one stated purpose cannot be repurposed without obtaining fresh consent specific to the new use.
• Plan for breach response. PDPL requires notifying affected individuals within 24 hours and reporting to MoDEE within 72 hours of discovering a data breach involving recordings or personal data.
• Consult local counsel. Jordan's overlapping statutes create a legal landscape where the interaction between laws is not always straightforward. Businesses with significant operations in Jordan should retain Jordanian legal counsel for compliance guidance.

Disclaimer

This article presents general legal information about recording laws in the Hashemite Kingdom of Jordan as of May 15, 2026. It is not legal advice and does not create a lawyer-client relationship. The law described here reflects publicly available statutes, constitutional provisions, and secondary analysis current as of the date above. Jordanian law can change; courts may interpret provisions differently from the summaries here. Anyone facing a recording-related legal issue in Jordan, or anyone making decisions that depend on the precise requirements of Jordanian law, should consult a lawyer licensed to practice in Jordan.