Senegal Recording Laws: All-Party Consent Rules (2026)

Senegal Recording Laws: All-Party Consent Rules (2026)

Senegal requires the consent of every person in a conversation before any participant may legally record it. Unauthorized recording violates Article 363 bis of the Penal Code, carries up to five years in prison, and can trigger separate data-protection charges under Law No. 2008-12 with penalties reaching seven years.

Information last verified on May 15, 2026. This article has not yet been reviewed by a licensed lawyer. Consult a Senegalese avocat for advice on your specific situation.

Jurisdiction scope: This article addresses recording and interception law in the Republic of Senegal. It covers the Constitution of Senegal 2001 (revised 2016), the Penal Code as amended by Law No. 2016-29 of November 8, 2016, Law No. 2008-11 on Cybercrime, Law No. 2008-12 on Protection of Personal Data, the Telecommunications Code (Law 2011-01), and the Code of Criminal Procedure as amended. It does not address other West African countries. For country-by-country comparisons, see our world recording laws hub.

How Senegal Regulates Recording: An All-Party Consent System

Senegal is among a relatively small group of countries that require the consent of every participant before a conversation can be legally recorded. The legal framework draws from five main sources: the national constitution, the Penal Code (as amended in 2016), the cybercrime statute of 2008, a dedicated personal data protection law, and the Telecommunications Code of 2011.

For anyone doing business in Dakar, conducting journalism in Senegal, or simply traveling through West Africa, the rules are clear. You cannot record a phone call, capture a private conversation, or intercept electronic communications without either the consent of all parties or a court order. Violations carry real prison time.

This framework reflects a legal tradition shaped by French civil law, where privacy rights carry significant weight. But Senegal has also built its own statutory architecture in response to the growth of mobile telecommunications and digital surveillance across the region. Under President Bassirou Diomaye Faye, elected in March 2024, the government passed a whistleblower protection law and an Access to Information Law in August 2025, but the 2019 proposal to modernize the data protection statute itself had not advanced to enactment as of May 2026.

Constitutional Foundation: Article 13

The bedrock of Senegal's recording laws is Article 13 of the Constitution, adopted on January 22, 2001, and last revised in 2016. The provision reads:

"Le secret de la correspondance, des communications postales, telegraphiques, telephoniques et electroniques est inviolable. Il ne peut etre ordonne de restriction a cette inviolabilite qu'en application de la loi."

Translated: "The secrecy of correspondence and of postal, telegraphic, telephonic, and electronic communications is inviolable. Restrictions to this inviolability may only be ordered through application of the law."

This is not a general privacy aspiration. It is a constitutional mandate. The drafters chose the word "inviolable," which in the French legal tradition signals the highest level of protection. Any law that permits interception or recording must satisfy a specific legal basis. Without that basis, the act is unconstitutional.

Article 13 covers every form of communication: physical mail, telegraphs, telephone calls, and electronic messages including email, messaging apps, and internet-based voice calls. Courts in Senegal interpret this provision broadly. When technology evolves, the constitutional protection extends to cover new forms of communication.

The older provisions of the 1965 Penal Code (Article 167) already addressed the deletion or bad-faith opening of correspondence addressed to third parties, carrying a penalty of six days to one year and fines of 20,000 to 100,000 CFA francs. Those provisions have since been supplemented by the far more comprehensive Article 363 bis regime described below.

The Penal Code: Article 363 bis

What the Law Prohibits

The core criminal provision governing unauthorized recording in Senegal is Article 363 bis of the Penal Code, introduced by Law No. 2016-29 of November 8, 2016. This law substantially amended the original 1965 Penal Code (Law No. 65-60) to address modern privacy threats.

Article 363 bis criminalizes anyone who, by any means whatsoever, voluntarily violates the intimacy of another person's private life. The specific prohibited acts include:

• Capturing, recording, or transmitting words spoken in a private or confidential setting without the speaker's consent
• Fixing, recording, or transmitting the image of a person who is in a private place, without that person's consent
• Disseminating or distributing recordings or images obtained through the acts above

The language is deliberately broad. "By any means whatsoever" covers smartphones, hidden microphones, recording apps, body cameras, drones, and any other device capable of capturing audio or visual content. The law does not distinguish between analog and digital methods.

Penalties

Anyone convicted under Article 363 bis faces:

• Imprisonment of one to five years
• A fine of 500,000 to 5,000,000 CFA francs (approximately USD $810 to $8,100)
• Or both imprisonment and a fine

These penalties apply to each distinct act. Recording, transmitting, and disseminating are treated as separate offenses. A person who secretly records a conversation and then posts it on social media could face charges on multiple counts.

Scope of "Private" Under Senegalese Law

Senegalese courts follow the French legal tradition in defining what constitutes a "private" conversation or setting. A conversation is private when the participants have a reasonable expectation that their words will not be heard by outsiders. This includes:

• Telephone calls (landline, mobile, VoIP)
• Face-to-face conversations in homes, offices, restaurants, and vehicles
• Discussions during meetings where participants expect confidentiality
• Electronic communications such as email, text messages, and voice notes

A conversation held in a public square where anyone can overhear it may not qualify as private. But a conversation between two people at a table in a restaurant, conducted at a normal volume, generally does.

Cybercrime Law: Interception of Electronic Data

Article 431-12 of the Penal Code

Senegal enacted Law No. 2008-11 on January 25, 2008, as the country's first dedicated cybercrime statute. The provisions of this law were later incorporated into the Penal Code through the 2016 amendment (Law No. 2016-29).

Article 431-12 targets the fraudulent interception of computerized data during transmission. The provision states that anyone who intercepts or attempts to intercept, by technical means, data or information during non-public transmission to, from, or within a computer system faces criminal penalties.

This article covers a wide range of digital interception, including:

• Intercepting email communications in transit
• Capturing data packets on a network
• Using malware or spyware to monitor electronic communications
• Deploying IMSI catchers or similar devices to intercept mobile signals
• Tapping into VoIP conversations

Penalties for Electronic Interception

Violations of Article 431-12 carry:

• Imprisonment of one to five years
• A fine of 5,000,000 to 10,000,000 CFA francs (approximately USD $8,100 to $16,200)
• Or one of these penalties only

The fines are notably higher than those under Article 363 bis, reflecting the legislature's view that electronic interception involves more sophisticated methods and potentially broader harm.

Telecommunications Code and ARTP

Law 2011-01 and Operator Secrecy

The Telecommunications Code (Law No. 2011-01 of February 24, 2011) adds a layer of obligation that operates in parallel with the Penal Code. Article 7 of the Telecommunications Code requires all telecommunications operators and their staff to maintain the secrecy of communications. Violation of this secrecy obligation is an offense independent of the Penal Code recording provisions.

Article 12 of the same code provides the statutory gateway for lawful interception: communications may only be intercepted when ordered by judges or police officers "for the needs of prosecution or investigation, or enforcement of a judicial ruling." This provision reinforces the constitutional requirement that any restriction on communications privacy must have a specific legal basis.

The ARTP's Role

The Autorite de Regulation des Telecommunications et des Postes (ARTP) is the independent administrative authority created in 2002 to regulate telecommunications service providers in Senegal. The ARTP governs licensing, spectrum allocation, and quality-of-service requirements for operators including Orange Senegal, Free Senegal, and Expresso Senegal.

The ARTP does not enforce recording or data protection law directly. That responsibility rests with the CDP for data protection matters and with the courts for Penal Code violations. However, the ARTP's licensing framework obliges operators to implement the secrecy requirements in Article 7 of the Telecommunications Code and to cooperate with lawful judicial interception orders under the Code of Criminal Procedure. In 2024, the ARTP listed strengthening information-systems security and the internet legal framework among its priority projects for the year.

When a telecommunications operator violates secrecy obligations, the ARTP may impose regulatory sanctions on the licensee, while individual actors within the operator may face criminal liability under the Penal Code. The CDP may act separately if personal data is affected.

Personal Data Protection: Law No. 2008-12

Overview

Senegal was one of the first countries in West Africa to adopt comprehensive data protection legislation. Law No. 2008-12 of January 25, 2008, established a legal framework for the protection of personal data and created the Commission de Protection des Donnees Personnelles (CDP) as the independent supervisory authority. The implementing decree (Decree No. 2008-721 of June 30, 2008) specified the CDP's organization and procedures. The framework became fully operational in 2014.

The law governs how personal data, including audio recordings, video footage, and photographs, may be collected, processed, stored, and transmitted.

Consent Requirements Under Article 33

Article 33 of Law 2008-12 establishes that the processing of personal data is legitimate only when the person concerned gives their consent. A recording of someone's voice or image constitutes personal data under the law, which means that recording falls within the scope of data protection requirements.

Consent can be waived only in limited circumstances:

• Compliance with a legal obligation
• Execution of a task in the public interest or exercise of public authority
• Performance of a contract to which the data subject is a party
• Protection of the data subject's vital interests or fundamental rights

None of these exceptions gives private individuals or businesses a general right to record without consent.

Penalties for Data Protection Violations

The Penal Code, as amended by Law 2016-29, contains a series of articles (431-17 through 431-27) that impose criminal penalties for violations of the data protection law. The penalties are severe:

• Article 431-17: Processing personal data without required formalities carries one to seven years in prison and fines of 500,000 to 10,000,000 CFA francs
• Article 431-22: Collecting personal data by fraudulent, disloyal, or unlawful means carries the same penalties
• Article 431-27: Collecting personal data that could damage a person's reputation or privacy and transmitting it without authorization carries one to seven years in prison and fines of 500,000 to 10,000,000 CFA francs

These provisions apply directly to unauthorized recording. A voice recording is personal data. Capturing it without consent is fraudulent collection. Sharing it is unauthorized transmission. Each step triggers separate criminal liability.

Judicial Interception: When the Government Can Listen

The Authorization Process

Senegalese law permits lawful interception of communications, but only under strict judicial oversight. The Code of Criminal Procedure, as amended by the cybercrime reforms, grants investigating magistrates the authority to order interception of communications when the necessities of a criminal investigation require it.

The process works as follows:

1. An investigating judge must issue a written order authorizing the interception
2. The order must specify the target, the means of interception, and the duration
3. The authorization is limited to a period of two to four months
4. Renewal requires a new case-by-case determination and cannot be granted automatically
5. The order is not subject to appeal

Article 677-38 of the Code of Criminal Procedure

Article 677-38 allows magistrates to use appropriate technical means to collect or record, in real time, data relating to the content of communications transmitted by computer systems within Senegalese territory. The article also empowers judges to compel service providers to assist in collecting or recording the relevant data, within their technical capabilities.

Article 677-39 extends these powers to criminal investigation officers (officiers de police judiciaire) who may carry out interception operations when conducting investigations or executing delegated court powers.

Telecommunications operators and internet service providers are required to cooperate with judicial interception orders. The formal request comes from the public prosecutor (procureur de la Republique) and is directed to the operators. Service providers must maintain confidentiality about the existence of any interception; breach of that confidentiality triggers professional-secrecy penalties under the Penal Code.

Limits on Government Surveillance

Despite these powers, Senegalese law imposes constraints. Interception orders cannot be open-ended. The two-to-four-month window forces investigators to justify continued surveillance at regular intervals. Judges must also order intermediaries to preserve data integrity and, under Article 677-35, can require data preservation for up to two years when there is reason to believe stored data may be lost or modified.

Article 677-37 addresses what happens when seizure of physical storage media is not desirable. In those cases, the judge may use technical means to secure or isolate data within a system rather than confiscating the hardware.

Phone Calls vs. In-Person Conversations

Recording Phone Calls

Recording phone calls in Senegal without the consent of all parties is illegal. This applies to:

• Personal mobile and landline calls
• Business telephone conversations
• VoIP calls through WhatsApp, Zoom, Teams, and similar platforms
• Call center recordings and automated systems

There is no one-party consent exception. Even if you are a participant in the conversation, you cannot record it without informing and obtaining the agreement of the other person. Businesses that record customer service calls must provide clear notice and obtain affirmative consent before the recording begins.

Recording In-Person Conversations

The same prohibition applies to face-to-face conversations. Article 363 bis covers words spoken in a private or confidential setting. Wearing a hidden microphone to a meeting, leaving a voice recorder running in your pocket, or using a smartwatch to capture audio all constitute criminal conduct.

The key question is whether the conversation is "private." If two people are having a quiet discussion in an office, a home, or even a secluded corner of a cafe, that conversation is private. Recording it without both parties' knowledge triggers criminal liability.

Public Spaces and Photography

Senegalese law does not create a blanket prohibition on recording in public spaces. The restriction under Article 363 bis applies to "private places" and "private or confidential" words. Filming a public event, a street scene, or a political rally does not automatically violate the law.

However, there are important boundaries:

• Focusing a camera on a specific individual and recording their words or image in a way that invades their privacy can still violate Article 363 bis, even in a public location
• Under the data protection law, capturing someone's image constitutes collecting personal data, which requires a legitimate basis
• Publishing or distributing someone's image without their consent can trigger liability under Article 431-27 of the Penal Code

Photographing or filming government buildings, military installations, and certain sensitive infrastructure may also be restricted under separate national security provisions.

Recording Police and Public Authorities

The Legal Framework for Filming Officials

Senegalese law contains no statute that explicitly grants citizens a right to film police officers or other public officials in the exercise of their duties. Equally, no provision of the Penal Code or the Telecommunications Code creates a categorical prohibition on filming public officials in public spaces.

The relevant question is whether the recording occurs in a "private place" under Article 363 bis. A police officer conducting a checkpoint on a public road, or a gendarme managing a crowd on a public street, is generally acting in a public capacity in a public place. That conduct would not ordinarily qualify as a "private" situation protected by Article 363 bis.

However, several practical risks attach to filming law enforcement in Senegal.

2024 Incidents and Practical Risks

During the 2024 election period, Senegal saw documented incidents involving authorities restricting media recording. In May 2024, gendarmes stopped a three-person journalist team from Senegal7, seized their phones and cameras, and prevented them from filming PASTEF protesters in Dakar's Sacre-Coeur neighborhood. During February 2024 protests over the delayed presidential election, at least 25 journalists were attacked, detained, or subjected to tear gas while reporting. Authorities did not cite specific statutory provisions in most of these incidents; they relied on physical force and verbal orders.

Separately, the government restricted social media and mobile internet access in June 2024 and again in July 2024, citing the need to stop "dissemination of hate and subversive messages." These restrictions directly limited citizens' ability to upload or distribute recordings of public events.

Practical Guidance

Citizens and journalists filming public officials in Senegal should understand the following:

• No statute explicitly criminalizes filming police in public spaces, but physical seizure of devices occurs in practice without legal basis
• Recordings made in public may still be subject to data protection obligations if published; distributing footage of identifiable individuals requires a legitimate basis under Law 2008-12
• The 2017 Press Code (adopted under Law No. 2017-27) governs journalist activities and defines press offenses; journalists accredited under this code have stronger procedural standing when contesting equipment seizures, though enforcement is inconsistent
• Anyone whose recording equipment is seized without a judicial order may file a complaint with the procureur de la Republique, as warrantless seizures lack the authorization required under the Code of Criminal Procedure

The situation under the Faye administration remains fluid. While President Faye pledged media freedom reforms ahead of his March 2024 election, documented incidents of journalist intimidation continued through 2024 and into 2025.

Voyeurism and Intimate Image Offenses

Senegal has no standalone voyeurism statute. The protections against non-consensual intimate recording operate through Article 363 bis of the Penal Code, which covers any recording of a person's image in a private place without that person's consent.

Under Article 363 bis, the following conduct is criminal:

• Photographing or filming a person in a bathroom, bedroom, changing room, or any place where they have a reasonable expectation of privacy, without their knowledge
• Using a device placed under clothing or in a position designed to capture intimate images
• Distributing such images once captured

The penalty for each act is one to five years in prison and fines of 500,000 to 5,000,000 CFA francs. Because capturing, storing, and distributing are each separate acts under the statute, a person who films and then shares intimate images without consent faces stacked charges.

Article 431-27 adds a further layer: transmitting personal data (including intimate images) that could damage someone's reputation or privacy without authorization carries one to seven years in prison and fines of 500,000 to 10,000,000 CFA francs. This provision covers what many jurisdictions call "non-consensual pornography" or "revenge porn."

The CDP may also act if the images constitute personal data that has been unlawfully processed. In such cases, the CDP can issue orders requiring deletion, impose administrative fines of up to 100,000,000 CFA francs, and refer the matter to the public prosecutor.

Deepfake and AI-Generated Content

As of May 2026, Senegal has no dedicated legislation addressing deepfakes, synthetic media, or AI-generated representations of real people. The 2019 draft bill proposing a new data protection authority (APDP) acknowledged artificial intelligence as an area requiring regulation, but that bill had not been enacted under either the Sall or Faye governments.

The existing legal framework provides partial coverage:

• Article 363 bis covers the recording or transmission of an image of a real person in a private place. Whether it extends to AI-generated images that appear to depict a person in a private place is unsettled; no published court decision has addressed the question.
• Article 431-27 prohibits transmitting personal data that could damage reputation or privacy without authorization. A deepfake video depicting a real person in a compromising or false scenario could constitute "damaging personal data," though the argument requires the synthetic image to be classified as personal data under Law 2008-12, which treats information relating to an identified or identifiable person as personal data.
• Article 431-22 covers the collection of personal data by fraudulent or unlawful means. Using a real person's biometric data (such as voice prints or facial images) to train a generative model without consent could potentially fall within this provision.

Organizations and individuals deploying AI tools that generate representations of real people in Senegal should treat the existing framework as a floor, not a ceiling, and monitor the legislative process for a modernized data protection statute.

Workplace Recording and Employee Surveillance

Employer Obligations

Senegalese employers who wish to implement surveillance systems in the workplace must comply with the data protection framework overseen by the CDP. The requirements include:

• Informing employees before any surveillance system is implemented
• Consulting with employee committees regarding monitoring devices
• Completing prior formalities with the CDP for surveillance cameras, biometric systems, and entry/exit tracking
• Providing employees access to their personal data upon request

Employers cannot secretly record employees' conversations, monitor personal phone calls, or install hidden cameras. Surveillance must be proportionate to the legitimate purpose it serves, and employees must know about it in advance.

CCTV and Surveillance Camera Requirements

Workplaces that install CCTV systems must display visible notices indicating that the area is under surveillance. Footage captured by surveillance cameras that lack proper signage is inadmissible in court proceedings. This rule directly incentivizes transparency.

The CDP has taken the position that it must authorize the processing of personal data through surveillance devices before they are deployed. Failure to obtain this authorization constitutes a violation of Law 2008-12 and can trigger criminal penalties under Articles 431-17 through 431-22.

Employee Consent and Power Imbalance

Consent from employees is complicated by the inherent power imbalance in an employment relationship. An employee who is told to consent to monitoring may feel they have no genuine choice. Senegalese law addresses this by requiring that surveillance serve a legitimate, documented purpose beyond mere monitoring of employee behavior.

Acceptable purposes include physical security of premises, protection of sensitive assets, and prevention of criminal activity. General performance monitoring through audio or video recording is far more difficult to justify.

Civil Liability for Unauthorized Recording

Criminal prosecution is not the only avenue for victims of unauthorized recording in Senegal. The civil law framework, operating through the principles of the OHADA Uniform Act on General Commercial Law and Senegal's Code of Obligations, permits injured parties to seek damages alongside or independent of criminal proceedings.

CDP Complaint Pathway

Any person whose personal data has been unlawfully collected or processed may file a complaint with the CDP. The CDP may:

• Issue an injunction requiring the data controller to cease the processing and delete unlawfully obtained recordings
• Impose administrative fines of 1,000,000 to 100,000,000 CFA francs (approximately USD $1,600 to $162,000)
• Refer the matter to the public prosecutor for criminal investigation

This administrative pathway is often faster than a criminal proceeding and does not require the victim to identify a specific article of the Penal Code that was violated.

Civil Damages

A victim of unauthorized recording may also initiate a civil action for damages under general delict principles. The plaintiff must establish: an act (unauthorized recording or transmission), harm (reputational damage, emotional distress, financial loss), and causation. Senegalese civil courts have broad discretion in assessing damages; there is no statutory cap on civil recovery for privacy violations.

Because criminal and civil proceedings can run concurrently in the Senegalese legal system, a victim may file a CDP complaint, a criminal complaint to the procureur, and a civil damages action simultaneously, seeking injunctive relief, administrative fines, criminal sanctions against the perpetrator, and compensatory damages.

Cross-Border Recordings and Data Transfers

Convention 108 Accession

Senegal was the 50th state to accede to the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data ("Convention 108"), a significant milestone for West African data governance. Convention 108 establishes baseline principles for data protection including purpose limitation, data quality, proportionality, and security. Senegal's accession signals alignment with international data protection standards even without EU adequacy status.

No EU adequacy decision under the GDPR has been issued for Senegal. This means that European entities transferring personal data (including audio or video recordings) to Senegal must rely on alternative mechanisms such as Standard Contractual Clauses or binding corporate rules.

ECOWAS Framework

The Economic Community of West African States adopted a Supplementary Act on Personal Data Protection in 2010. Member states that have domesticated this act facilitate intra-ECOWAS data transfers. Senegal's CDP treats transfers among African Data Protection Association member states as presumptively adequate. For transfers outside the ECOWAS region, the CDP must authorize the transfer on a case-by-case basis after evaluating whether the recipient country's legal framework provides a sufficient level of protection.

Practical Implications for Cross-Border Recording

Several scenarios arise frequently in practice:

• A foreign company that records customer service calls with Senegalese customers must obtain all-party consent (applicable under Senegalese law as the place where the recorded party is located), register the recording system with the CDP, and ensure that recordings transferred outside Senegal have a CDP-authorized transfer basis.
• A journalist based outside Senegal who records an interview with a Senegalese source over WhatsApp should treat Senegalese all-party consent rules as applicable, particularly if the journalist intends to publish or broadcast the recording.
• An organization that stores recordings of Senegalese individuals on servers outside the ECOWAS region requires CDP authorization for that cross-border transfer of personal data.

Enforcement: The CDP and Its Limitations

How the CDP Operates

The Commission de Protection des Donnees Personnelles, established by Law 2008-12, functions as an independent administrative authority. Its mandate includes:

• Receiving and processing complaints about data protection violations
• Conducting inquiries and investigations
• Issuing warnings and notices to data controllers
• Imposing sanctions for violations of the data protection law
• Advising the government on data protection policy

The CDP has the power to enter premises, examine records, and require data controllers to provide information about their processing activities. In the first quarter of 2025, the CDP processed 105 files, including 83 declarations, 19 authorization requests, and 3 re-registrations. It issued 78 declaration receipts and 21 authorizations during that period and published its first quarterly enforcement report on April 16, 2025. This output suggests a more active and transparent enforcement posture than in prior years.

Enforcement Challenges

Despite signs of growing activity, the CDP still faces structural constraints. Enforcement resources remain limited relative to the scale of digital activity in Senegal. Many businesses, particularly small and medium enterprises, are unaware of their obligations under Law 2008-12. And individuals who have their conversations recorded without consent may not know that administrative remedies exist alongside criminal complaints.

The proposed Personal Data Protection Bill of 2019 aimed to create a successor authority (APDP) with expanded civil society representation and explicit coverage of AI, cloud computing, and biometric data. As of May 2026, that bill has not advanced through the National Assembly. The Faye government's August 2025 legislative agenda focused instead on a whistleblower protection law and an Access to Information Law, leaving the 2008 data protection statute in force without modernization.

Penalties Summary

Business Compliance Checklist

Organizations operating in Senegal should take the following steps to comply with the country's recording and data protection laws:

• Register with the CDP. Any entity that processes personal data must complete prior formalities with the Commission de Protection des Donnees Personnelles before deploying recording or surveillance systems.
• Obtain explicit consent for call recording. Before recording any business call, secure clear consent from all parties. Automated systems must include a consent prompt at the beginning of the call.
• Post surveillance notices. Display visible signage in all areas covered by CCTV or audio recording systems. Footage from unsignposted locations is inadmissible in court.
• Inform employees. Brief all staff about surveillance systems before implementation. Consult with employee representatives where required.
• Limit data collection. Collect only the personal data necessary for a documented, legitimate purpose. Do not record conversations or capture images beyond what the stated purpose requires.
• Secure stored recordings. Implement technical and organizational measures to protect recorded data from unauthorized access, as required by Article 71 of Law 2008-12.
• Assess cross-border transfers. If recordings of Senegalese individuals will be stored or processed outside the ECOWAS region, obtain CDP authorization before the transfer.
• Train personnel. Ensure that employees who handle recording equipment or personal data understand their obligations under Senegalese law.
• Monitor legal developments. Track the status of the proposed Personal Data Protection Bill and any amendments to the Penal Code or cybercrime legislation under the Faye government.

Disclaimer

This article presents general legal information about recording and data protection law in the Republic of Senegal. It does not constitute legal advice and does not create an attorney-client relationship. The laws described were verified as of May 15, 2026, based on sources including the Senegalese Constitution, the Penal Code as amended through Law No. 2016-29 of November 8, 2016, Law No. 2008-12 on Protection of Personal Data, Law No. 2008-11 on Cybercrime, and the Code of Criminal Procedure. Laws change; always verify the current version of any statute through the Official Journal of Senegal (Journal Officiel) or the primature.sn legislative repository. For advice on a specific legal situation in Senegal, consult a licensed Senegalese avocat.

Authorities Cited

1. Constitution of the Republic of Senegal (2001, revised 2016), Article 13. https://www.constituteproject.org/constitution/Senegal_2016
2. Constitution de la Republique du Senegal, Full Text (Government of Senegal). http://sigif.gouv.sn/app/uploads/2016/12/constition-senegal.pdf
3. Senegal Penal Code (Law No. 65-60 of 1965, as amended by Law No. 2016-29 of November 8, 2016), Articles 167, 363 bis, 431-12 to 431-27. https://primature.sn/publications/lois-et-reglements/code-penal
4. Law No. 2008-11 on Cybercrime (January 25, 2008), WIPO Lex. https://www.wipo.int/wipolex/en/legislation/details/6226
5. Law No. 2008-12 on the Protection of Personal Data (January 25, 2008), WIPO Lex. https://www.wipo.int/wipolex/fr/legislation/details/6229
6. Decree No. 2008-721 of June 30, 2008, Implementing Regulations for Law 2008-12. https://www.cdp.sn/textes-legislatifs
7. Commission de Protection des Donnees Personnelles (CDP), Official Website. https://www.cdp.sn/
8. Senegal Code of Criminal Procedure (Law No. 65-61 of 1965, as amended), Articles 677-35 to 677-39. https://justice.sec.gouv.sn/wp-content/uploads/2020/11/code-procedure-penal.pdf
9. Senegal Penal Code Articles 431-12 to 431-16 (UNODC SHERLOC). https://sherloc.unodc.org/cld/fr/legislation/sen/code_penal/titre_iii_-_chapitre_ii/articles_431-12_a_431-16/articles_431-12_431-16.html
10. Senegal Penal Code Articles 431-17 to 431-22 (UNODC SHERLOC). https://sherloc.unodc.org/cld/fr/legislation/sen/code_penal/titre_iii_-_chapitre_ii/articles_431-17_a_431-22/articles_431-17_431-22.html
11. Autorite de Regulation des Telecommunications et des Postes (ARTP), Official Website. https://artp.sn/en
12. Senegal Cybercrime and Data Protection Framework (Council of Europe Octopus Community). https://www.coe.int/en/web/octopus/country-wiki-ap/-/asset_publisher/CmDb7M4RGb4Z/content/senegal
13. Surveillance Law in Africa: Senegal Country Report (Institute of Development Studies). https://opendocs.ids.ac.uk/opendocs/bitstream/handle/20.500.12413/16893/Senegal%20Country%20Report.pdf
14. Overview of Intermediary Liability in Senegal (CIPESA). https://cipesa.org/2021/06/overview-of-intermediary-liability-in-senegal/
15. Human Rights Watch, World Report 2024: Senegal. https://www.hrw.org/world-report/2024/country-chapters/senegal
16. Committee to Protect Journalists, Senegal Protests 2024. https://cpj.org/2024/02/at-least-25-journalists-attacked-detained-or-tear-gassed-in-senegal-protests/
17. DLA Piper, Data Protection Laws of the World: Senegal. https://www.dlapiperdataprotection.com/index.html?t=law&c=SN
18. CIPESA, Senegal to Review Data Protection Law (January 2020). https://cipesa.org/2020/01/senegal-to-review-data-protection-law/
19. Global Information Society Watch, Senegal Country Report. https://www.giswatch.org/en/country-report/communications-surveillance/senegal
20. ECOWAS Supplementary Act on Personal Data Protection (2010). Referenced via World Bank Regulating Digital Data in Africa (2024).

Related Articles

• World Recording Laws Hub
• Is It Illegal to Record Someone?
• Can an Employer Record Conversations Without Consent?
• Data Privacy Laws

---

Last updated: May 15, 2026. Statutes cited reflect their in-force version as of May 15, 2026.