In a statement, the Authority noted the requirement is enforced under Article 32 of the Data Protection Act and applies to all data controllers and data processors operating within Somalia.
The regulator stated the initiative aims to improve personal information protection and create greater accountability among organizations handling sensitive data.
The DPA confirmed it has started accepting registration applications and will issue certification only to entities that meet the legal and regulatory requirements specified in the law.
According to the directive, companies, government institutions, and other organizations that process personal data must complete the registration process and adhere to obligations governing the collection, storage, use, and sharing of personal information.
The Authority indicated organizations that fail to satisfy the registration requirements may face regulatory action in compliance with the Data Protection Act provisions.
Additional information on registration procedures, eligibility requirements, and application forms can be accessed through the Authority’s official channels. The regulator has also advised organizations seeking clarification to contact its offices or use its official communication platforms during business hours.
The announcement represents a significant advancement in Somalia’s efforts to build a comprehensive data protection framework as digital services and data-driven operations continue to grow throughout the country.