LogoRegulatory Alerts
2026-02-17

Digital Services Act 2025

Enacted by the Parliament of Botswana, this legislation establishes a Digital Services Authority to regulate digital service delivery and standardize electronic interactions across public and private entities. It mandates the adoption of secure online platforms, standardized data exchange frameworks, and digital identification systems while ensuring universal accessibility and interoperability. The Act further requires electronic record-keeping, digital document filing, and joint automated procedures, granting the Authority oversight, rule-making, and fee-collecting powers to enforce compliance with existing data protection laws.

Non-Bank Financial Institutions Regulatory Authority logo

Botswana

Non-Bank Financial Institutions Regulatory Authority

Click to view thumbnail

(d) the baseline requirements for critical information and critical national information infrastructure; (e) categories of critical information and critical national information infrastructure; (f) the form of notification to be given by a licensee where there is a change in the ownership of a critical information and critical national information infrastructure; (g) categories of licences of cybersecurity services; (h) manner of hosting of critical information and critical national information infrastructure; (i) the factors to be considered for the hosting of critical information and critical national information infrastructure outside Botswana; (j) the categories of cybersecurity services that may be licensed under this Act; (k) the manner and form for the application for registration of an interception device; and (l) provide for anything required to be prescribed under this Act.

PASSED by the National Assembly this 14th day of August, 2025.

DR. GABRIEL G. MALEBANG, Clerk of the National Assembly.

A.249

No. 22

DIGITAL SERVICES ACT, 2025

ARRANGEMENT OF SECTIONS

SECTION

PART I — Preliminary

  1. Short title and commencement
  2. Interpretation
  3. Application of Act
  4. Conflict with other laws

PART II — Guiding Principles for Digital Services

  1. Guiding principles for digital services

PART III — Digital Services Authority

  1. Establishment of Digital Services Authority
  2. Directions by Minister
  3. Functions of Authority
  4. Cooperation with other bodies

PART IV — Control of Digital Services

  1. Digital Government Plan and Digital Services Plans
  2. Electronic access to digital services
  3. Establishment of Framework for Secure Exchange of Information
  4. Accessibility of digital services
  5. Online unique identification
  6. Electronic means of payment
  7. Required documentation and data sharing
  8. Electronic record keeping
  9. Digitisation of records
  10. Electronic filing of documents
  11. Access to files or records
  12. Joint automated procedures
  13. Information gateway
  14. Electronic Gazette and other publications

A.251

A.252

DIGITAL SERVICES ACT, 2025

Date of Assent: 17.10.2025 Date of Commencement: ON NOTICE ENACTED by the Parliament of Botswana.

An Act to provide for the regulation of digital services; to enhance the management and promotion of digital services and processes; to establish the Digital Services Authority which shall be responsible for the formulation of digital services standards and provide for its functions; facilitate access to digital services to improve service delivery, administrative functions and productivity in order to enhance public access to digital services and information; and provide for matters connected with, or incidental to, the foregoing.

PART I — Preliminary

Short title and commencement

  1. This Act may be cited as the Digital Services Act, 2025, and shall come into operation on such date as the Minister may, by Order published in the Gazette, appoint.

Interpretation 2. In this Act, unless the context otherwise requires — "API" means the Application Programming Interface; "Authority" means the Digital Services Authority established under section 6;

PART V — Open Data

  1. Open data
  2. Requirements for open data and open licences
  3. Promotion of innovation
  4. Enterprise Data Inventory
  5. Information resource management
  6. Information dissemination
  7. Technology portal
  8. Repository

PART VI — Information Systems Security

  1. Information security

PART VII — Miscellaneous Provisions

  1. Audit of public and private bodies
  2. Authority to issue directions
  3. Annual report
  4. Exemption from liability of officers of the Authority
  5. Exemptions
  6. Review of decisions of Authority
  7. Offences and penalties
  8. Regulations
  9. Transitional arrangements

A.253

"content" means any sound, text, still picture, moving picture or other audio-visual representation, tactile representation or any combination of the preceding which is capable of being created, manipulated, stored, retrieved or communicated electronically; "content provider" means a person who provides content services for their own benefit or on behalf of another operator; "content service" means services provided by a content provider for their own benefit or on behalf of another operator; "data" means — (a) any representation of facts, information or concepts in a form suitable for processing in a computer or computer system; (b) any information recorded in a form in which it can be processed by equipment operating automatically in response to instructions given for that purpose; or (c) any programme suitable to a function, and includes traffic data and subscriber information; "data subject" means a natural person who is the subject of personal data; "digital services" means any service that is delivered or accessed through electronic technology and Internet-based platforms; "Digital Services Centre" means a centralised hub that provides or manages a variety of digital services to enhance efficiency and accessibility; "Director General" means the Digital Services Director General appointed in terms of section 6; "Framework for Secure Exchange of Information" means a structured set of guidelines, protocols and technologies that ensure that data shared between parties is protected from unauthorised access, tampering or loss; "information system" means a system of generating, receiving, storing or otherwise processing electronic communications; "Open Data" means data made available by public or private bodies without restriction on use; "public body" means any office, organisation, establishment or body created by or under any enactment or under powers conferred by any enactment; or any organisation, trust, company or body where public moneys are used or government has equity shareholding in it, and includes — (a) a Ministry or Government Department; (b) a local authority; (c) a land board; (d) a statutory body; and (e) any company registered under Companies Act being a company in which the Government or an agency of the Government through holding of shares or otherwise, is in a position to direct the operations of that company; Cap. 42:01

A.254

"private body" means any office, organisation, establishment, body, trust, company or any legal entity which provides goods and/or services in Botswana, irrespective of whether payment is required, where public moneys are not used or government has any shareholding; "register" means a register required to be maintained by a public body under this Act or any other written law or a digital service integrity register developed and maintained in terms of section 17 of this Act; and "unique identifier" means a verifiable electronic representation of a person or entity for accessing digital services.

Application of Act 3. (1) This Act shall apply to public and private bodies in the provision of digital services and which carry out business into or from Botswana, irrespective of the physical location from which the activity is carried out. (2) This Act shall not apply to the provision of digital services by or on behalf of the State, to the extent that adequate safeguards have been provided for or established necessary, where it involves national security, defence or public safety and customs and taxations.

Conflict with other laws 4. (1) In the event of a conflict or inconsistency between the provisions of this Act and any other law on digital services, the provisions of this Act shall take precedence. (2) Notwithstanding the provisions of subsection (1), where there is a conflict between this Act and the Data Protection Act or the Access to Information Act, the Data Protection Act and the Access to Information Act will take precedence. Cap. 43:14 Act No. 16 of 2024

PART II — Guiding Principles for Digital Services

Guiding principles for digital services 5. The guiding principles for the provision of digital services shall include the following — (a) digital services shall focus on the needs of the public and businesses in the delivery of services; (b) driving digital transformation through streamlined, collaborative and integrated business processes; (c) driving digital transformation through the development and utilisation of innovative design and integrated business processes which are streamlined, collaborative and public-focused for the enhancement of service delivery; (d) innovative application of solutions to promote efficiency; (e) integrated provision of digital services which recognise the unique roles and capabilities of public and private bodies; (f) sharing of information among public and private bodies electronically which avoids information duplicity; (g) sharing of infrastructure among public and private bodies to promote innovation and equitable access to resources; (h) ensuring information security for digital services;

A.255

(i) prudent and responsible use of public resources in the implementation of digital services; (j) collaboration between public and private bodies for the promotion and optimisation of sustainable resource utilisation; (k) ensuring universal access across demographics, including persons with disabilities, rural populations and underserved communities, thereby bridging the digital divide; (l) digital services shall be developed with a view toward long-term sustainability, adaptability to emerging technologies and minimisation of environmental impact; and (m) public and private bodies shall ensure that citizens and businesses are required to provide the same information only once, and such information shall be shared and reused as necessary, in accordance with the provisions of the Data Protection Act.

PART III — Digital Services Authority

Establishment of Digital Services Authority 6. (1) There is hereby established, in accordance with the laws governing the public service, an Authority to be known as the Digital Services Authority, which shall be responsible for the regulation of digital services. (2) There shall be a Director General, who shall be a public officer, appointed by the President, on the recommendation of the Minister, on such terms and conditions as may be specified in the instrument of appointment. (3) The Director General shall, be responsible for — (a) the supervision of the day-to-day affairs and the administration of the Authority; and (b) ensuring that the Authority carries out the functions and duties placed upon it in terms of this Act. (4) The other officers of the Authority shall be appointed in accordance with the Public Service Act. (5) A public or private body shall appoint an officer responsible for digital services and digital transformation, and shall notify the Authority of such appointment. (6) An officer appointed in terms of subsection (5), may consult with the Authority where there is doubt as to how the rules or standards applicable to digital services are to be applied.

Directions by Minister 7. The Minister may give the Authority directions of a general or specific nature regarding the exercise of its powers and the performance of its functions, which directions shall not be inconsistent with this Act or with the obligations of the Authority, and the Authority shall give effect to any such direction. Cap. 26:01

Functions of Authority 8. (1) The functions of the Authority shall be to — (a) develop, promote and manage digital service policies and programmes; (b) develop and enforce strategies and standards that enhance provision and usage of digital services and service continuity;

A.256

(c) promote collaboration in the provision of digital services; (d) promote access to digital services across multiple channels; (e) promote digital services education and capacity building; (f) facilitate content creation by forming partnerships or collaborating with both local and international organisations that provide content services; (g) promote digital services uptake and utilisation; (h) undertake research on, promote the adoption and adaption of new and emerging technologies to promote digital services; (i) develop supportive and enabling shared infrastructure guidelines to ensure equitable access to effective and appropriate provision of digital services; (j) oversee the design of appropriate applications for the support of e-governance and information management systems; (k) identify and ensure that government-created digital assets such as platforms, process models and algorithms and trademarks are protected under the relevant laws; (l) provide high level blueprint to guide the development and provision of digital services; (m) provide technical advice to various digital service projects, programmes and interventions; (n) undertake public protection measures in the consumption of digital services; (o) develop and oversee the implementation of a National Digital Services Strategic Plan; (p) develop and implement the National Digital Government Plan; (q) establish a structured digital services stability management plan; (r) biennially carry out such studies on the implementation of this Act by public bodies, including an update on the state of implementation of digital services by public bodies and publish such results; (s) provide advice, information or policy proposals to the Minister on matters relating to digital services; (t) issue open technical and data standards and publicly documented APIs to enable seamless system integration and platform neutrality across the public and private sectors; and (u) carry out other functions that are necessary for the performance of its functions under this Act. (2) The Authority may, in the provision of services to public and private bodies, levy such fee, as may be prescribed. (3) The Authority shall, within a period of 24 months of the commencement of this Act, establish or accredit Digital Service Centres, to provide assisted access to digital services by the public, to ensure universal access across Botswana.

Cooperation with other bodies 9. (1) In the exercise of its functions, the Authority shall cooperate with public and private bodies in the implementation of this Act. (2) Public and private bodies shall accord the Authority such assistance, as may be necessary, to ensure the proper discharge of the functions of the Authority.

A.257

(3) Subject to the provisions of subsection (1), the Authority shall in the performance of its functions promote digital services, through international cooperation.

PART IV — Control of Digital Services

Digital Government Plan and Digital Services Plans 10. (1) The Authority shall develop and implement a Digital Government Plan for public bodies. (2) The Digital Government Plan shall include — (a) strategies and projects for implementing digital services, including a priority plan for electronic services; (b) strategies and projects for transitioning from legacy systems including a priority plan for the transition; (c) strategies and projects for the management of key digital services infrastructure identified by the Authority; (d) harmonisation requirements for implementation of the strategies and projects under paragraph (a); and (e) any other digital services projects related to the implementation and operation of these services. (3) A private body shall develop a Digital Service Plan that adheres to the standards set out in this Act and under the guidance provided by the Authority. (4) The Authority may issue a Service Catalogue, which provides details of digital services offered by public and private bodies in the Government Gazette.

Electronic access to digital services 11. A private body shall establish an accessible electronic platform in compliance with the standards as set by the Authority, to enable the provision of digital services.

Establishment of Framework for Secure Exchange of Information 12. The Authority shall establish a standardised Framework for Secure Exchange of Information over the Internet, which shall ensure — (a) secure communication online; (b) verification of identities online; (c) data integrity; (d) interoperability; and (e) all other relevant protocols, standards and regulations.

Accessibility of digital services 13. (1) The Authority shall provide a centralised digital platform for accessing all public body services. (2) A public or private body shall develop digital services to be accessible and inclusive, in accordance with the standards set by the Authority. (3) A public and private body shall develop digital services that comply to the accessibility standards set by the Authority, in such form and manner as may be prescribed.

Online unique identification 14. (1) The Ministry responsible for national registration shall provide a digital online platform to verify the unique identifiers for natural persons.

A.258

(2) The Ministry responsible for national registration, shall on an application by a natural person assign a unique identifier to the person, for the purposes of electronic validation of that person's identity.

Electronic means of payment 15. (1) Where a law requires a payment to be made or received, the requirement of the law is fulfilled, if the payment is made or received by secure electronic means and complies with the relevant law. (2) Where a law requires the issuance of a receipt as proof of payment, the requirement is fulfilled if the receipt is in an electronic form and is accessible and intelligible, so as to be usable for subsequent references.

Required documentation and data sharing 16. (1) A public or private body shall, in undertaking an administrative procedure or public function by digital means, ensure that the documents to be presented in accordance with the procedure or function, shall be submitted by digital means. (2) Subject to the provisions of the Data Protection Act, a public or private body with the consent of a data subject, may retrieve the required documentation originating from another public or private body for processing and usage of the personal data for that purpose. (3) Where information has been shared for public function purposes, it may be reshared further by another public or private body for another public function. (4) A public or private body shall avoid the collection of information by a public or private body that is already held by another public or private body. (5) The Authority may operate a system for sharing data collected and managed through electronic systems for the provision of digital services. (6) A public or private body shall ensure that all data collected in terms of this section, is accurate and where necessary is kept up to date. (7) Subject to the provisions of subsection (6), a public or private body shall assume liability for any data collected by such body, that is inaccurate and not up to date.

Electronic record keeping 17. (1) A public or private body shall keep its records in a secure electronic form. (2) A public or private body shall ensure that where records are kept in an electronic form, appropriate technical and organisational measures are implemented in accordance with the technological standards as shall be determined by the Authority, to ensure that the principles of orderly record keeping and legal requirements for the duration of maintenance of records are observed. (3) Where a public body is mandated to keep a public register under any law, it shall ensure that such register is kept in an electronic format in accordance with this Act. (4) The Authority shall develop and maintain a digital services integrity register, in such manner and form as may be prescribed, which shall record the availed digital services provided by public and private bodies.

A.259

Digitisation of records 18. (1) A public or private body shall, when digitising its records, ensure that the digitisation is in accordance with the technological standards determined by the Authority. (2) A public or private body shall, when digitising its records, ensure that the pictorial and text content of the electronic document corresponds to the paper documents. (3) The Authority may, on the request of a public or private body, waive the requirement to digitise its documents, where the digitisation would entail disproportionate efforts.

Electronic filing of documents 19. (1) Where a public or private body pursuant to this Act or any other law, accepts the filing of documents or requires that documents be created, written or retained, issues a permit, licence or provides a manner of payment, shall — (a) accept the filing of such documents in an electronic form; (b) issue such permits, licences or approvals in an electronic form; or (c) make or receive payment in an electronic form. (2) A person shall not, where a law allows information to be presented or retained in an electronic form, demand that the information that the person presents be received in an electronic form by a public or private body, otherwise than as specified or required by that public or private body.

Access to files or records 20. A public or private body shall, where a right to inspect a file or record exists, grant access to files by — (a) displaying the electronic documents on a screen; (b) ensuring the secure transmission of electronic documents; (c) permitting electronic access to the content of the files; or (d) providing a print-out of the documents concerned.

Joint automated procedures 21. (1) A public or private body may implement joint automated procedures with other public or private bodies to enable data processing in or from an electronic data store. (2) Where joint automated procedures under subsection (1) are also intended to enable data retrieval by other bodies, the retrieval procedures, shall in relation to the protection of personal data, be implemented in accordance with this Act and the Data Protection Act. (3) The participation of other public or private bodies in joint automated procedures shall only be undertaken, where it is appropriate with due regard to a data subject's legitimate interests and the tasks to be performed by the participating public or private bodies. (4) A public or private body shall, before establishing or effecting substantial changes to a joint automated procedure, specify the following, in writing — (a) the procedure to be applied and the bodies responsible for defining, amending, developing and complying with organisational and technical specifications for the joint automated procedure; and (b) the participating bodies responsible for ensuring the legality of collecting, processing and using data, respectively.

A.260

(5) An officer responsible for digital services appointed by a public or private body, shall be responsible for the coordination and implementation of this section. (6) The officer under subsection (5) shall cause to be prepared guidelines for the coordination of joint automated procedures, which guidelines shall be made available for inspection by the Authority. (7) Subject to the provisions of this Act, the Data Protection Act, the Cybercrime and Computer Related Crimes Act, the Cybersecurity Act and any other relevant law, a public or private body may commission another body to collect, process and use personal data for the joint automated procedure.

Information gateway 22. (1) For the purposes of this section, "information gateway" means a secure platform allowing access for public bodies to exchange information and data sharing between systems for the provision of digital services. (2) The Authority shall develop and administer the information gateway. (3) A public body providing information through the gateway shall ensure the relevance and clarity of the information, and that it is organised in a user-centric manner. (4) The Authority may establish the requirements and procedures for access to the information gateway by public bodies.

Electronic Gazette and other publications 23. (1) For the purposes of this Act, the office of the Government Printer shall develop and maintain an electronic Gazette. (2) Where any law provides that a rule, regulation, bye-law, notification or any other matter shall be published in the Gazette or other publication, the requirement shall be deemed to have been satisfied if that rule, regulation, order, bye-law, notification or any other matter is published in the Gazette or e-Gazette or electronic publication: Provided that, where any rule, regulation, order, bye-law, notification or any other matter is published in the Gazette or e-Gazette or any other publication, the date of publication shall be deemed to be the date of the Gazette or other publication which was first published in any form. (3) A public or private body shall publish any information meant for public consumption or contribution in an electronic format or platform. Cap. 08:06 Act No. 21 of 2025

PART V — Open Data

Open data 24. (1) The Authority shall develop and coordinate the implementation of a national Open Data Policy. (2) Where a public or private body employs publicly accessible networks to make data available, that public or private body shall use a machine-readable and electronic format and ensure that such data is localised.

Requirements for open data and licences 25. (1) A public body which avails public data assets, shall publish such assets as machine-readable and electronic data. (2) Subject to the provisions of any law and to such extent as practicable, open data assets published by or for a public body shall be made available under an open licence.

A.261

(4) Public and non-public data assets maintained by public bodies shall be stored in an open format. (5) The Authority may develop guidelines for open licences and open formats to be used, including commercial and non-commercial use, conditions of use and exclusion of liabilities and warranties. (6) A public body may engage with a private body or another public body to explore opportunities to leverage the public data assets of the public body, in a manner that may provide new opportunities for innovation in the public and private sector.

Promotion of innovation 27. (1) A public body, in consultation with the Authority, shall develop and maintain an Enterprise Data Inventory, in order to develop a clear and comprehensive understanding of the data assets in possession of the public body. (2) A public body shall ensure that the Enterprise Data Inventory accounts for any data asset created, collected, under the control or direction of, or maintained by the public body, with the goal of including all data assets, to such extent as is practicable. (3) The Enterprise Data Inventory shall include each of the following information — (a) data assets used in the information systems of public bodies, including program administration and statistics generated by applications, devices, networks, facilities and equipment, categorised by source type; (b) data assets created, maintained or shared by public bodies; (c) data assets that can be made publicly available under the Access to Information Act; (d) a description of whether the public body has determined that a data asset may be made publicly available and whether the data asset is available to the public; (e) non-public data assets; and (f) public data assets. (3) The Authority shall issue standards for the Enterprise Data Inventory, including — (a) requirements that the Enterprise Data Inventory includes a compilation of metadata about public body data assets; and (b) criteria that a public body shall use in determining whether to make a particular data asset publicly available in a manner that takes into account — (i) the expectation of confidentiality associated with a public data asset, (ii) security considerations, including the risk that information in a public data asset in isolation does not pose a security risk but when combined with other available information may pose such a risk, (iii) the cost and benefits to the public of converting the data into a manner that could be understood and used by the public,

Enterprise Data Inventory

A.262

(iv) the expectation that all data assets that would otherwise be made available under the Access to Information Act be disclosed; and (v) any other considerations that the Authority determines to be relevant. (4) Non-public data assets included in the Enterprise Data Inventory may be maintained in a non-public section of the inventory. (5) A public body shall — (a) make the Enterprise Data Inventory available to the public on a platform availed by the Authority; (b) ensure that access to the Enterprise Data Inventory and the data contained therein is consistent with the relevant laws; (c) to the extent practicable, complete the Enterprise Data Inventory by the date to be determined by the Authority; and (d) add additional data assets to the Enterprise Data Inventory, not later than 180 days after the date on which the data asset is created or identified. (6) A public body shall follow the standards set by the Authority issued pursuant to subsection (3) to make public data assets included in the Enterprise Data Inventory publicly available in an open format and under an open licence.

Information resource management 28. (1) A public body shall, with respect to information resource management — (a) improve the integrity, quality and utility of information to all users within and outside the public body, by using an open format for any new public data asset created or obtained on the date to be determined by the Authority; (b) to the extent practicable, encourage the adoption of open format for all public data assets created or obtained before the commencement of this law; (c) in consultation with the Authority, develop an open data plan that, at a minimum and to the extent practicable — (i) requires the public body to develop processes and procedures that require each new data collection mechanism to use an open and machine-readable format, and (ii) allow the public body to collaborate with private bodies, public bodies and members of the public for the purpose of understanding how data users value and use public data assets; (d) identify and implement methods for collecting and analysing digital information on data asset usage by users within and outside of the public body; (e) designate a point of contact within the public body to assist the public and to respond to quality issues, usability, recommendations for improvements and complaints about adherence to open data requirements; (f) develop and implement a process to evaluate and improve the timeliness, completeness, accuracy, usefulness and availability of public data assets;

A.263

(g) update the open data plan at an interval determined by the Authority; and (h) provide controls to avoid the dissemination and accidental disclosure of non-public data assets.

Information dissemination 29. A public body shall, with respect to information dissemination — (a) provide access to public data assets online; (b) take the necessary precautions to ensure that the public body maintains the production and publication of data assets which are directly related to activities that protect the safety of human life or property; and (c) engage the public in using public data assets and encourage collaboration by — (i) publishing information on public data assets' usage in regular, timely intervals, at least once a year, (ii) receiving public input regarding priorities for the analysis and disclosure of data assets to be published; (iii) assisting civil society groups and members of the public working to expand the use of public data assets for purposes of research and innovation, and (iv) develop and promote initiatives designed to create additional value from public data assets.

Technology portal 30. (1) The Authority shall maintain a platform as a point of entry dedicated to sharing public data assets with the public. (2) The Authority shall determine, after consultation with a public body, the method to access public data assets published through the platform.

Repository 31. (1) The Authority shall develop and maintain an online repository of tools, best practices, and schema standards to facilitate the adoption of open data practices which shall include — (a) regulation, policy, checklists and case studies related to open data; and (b) the collaboration and the adoption of best practices across public bodies relating to the adoption of open data practices. (2) The repository shall also contain reusable software components, platforms, APIs and services developed or approved for public service delivery. (3) A public body shall adopt the reusable components referred to in subsection (2), unless the public body has been granted an exemption in terms of section 37 of this Act. (4) The Authority shall issue technical documentation and interoperability standards to support reuse. (5) The Authority may make guidelines for use of the data under this section, including commercial and non-commercial use, conditions of use and exclusion of liabilities and warranties.

A.264

PART VI — Information Systems Security

Information security 32. (1) A public or private body shall ensure that security measures and safeguards are embedded and adhered to in the provision of digital services in line with relevant laws and policies. (2) A public and private body shall conduct annual security reviews and report incidents within such period as set out in the Cybersecurity Act, for the reporting of cyber incidents. (3) The Authority shall conduct security audits on the digital services offered by public and private bodies and shall report any vulnerabilities to the relevant authority established under the Cybersecurity Act.

PART VII — Miscellaneous Provisions

Audit of public and private bodies 33. (1) The Authority shall conduct audits of a public or private body, for the purpose of evaluating compliance with the provisions of this Act. (2) Subject to the provisions of subsection (1), an audit conducted under subsection (1) may be performed by an independent auditor appointed by the Authority. (3) The Authority shall, where an audit reveals that a public or private body has contravened any provision of this Act, notify the public or private body, in writing, the findings of the audit report, and consult, on the — (a) action required to remedy the non-compliance; and (b) period within which a public or private body shall take the remedial action.

Authority to issue directions 34. (1) The Authority may issue such directions, orders or requirements as may be necessary to ensure and enforce compliance to this Act. (2) A public body which fails to comply with a direction, order or requirement given by the Authority or an authorised officer in the performance of the functions of the Authority, shall be liable to an administrative penalty not exceeding P 500 000, as may be imposed by the Authority. (3) A private body which fails to comply with a direction, order or requirement given by the Authority or an authorised officer in the performance of the functions of the Authority, shall be liable to an administrative penalty not exceeding P500 000, as may be imposed by the Authority.

Annual report 35. (1) The Authority shall, within a period of six months after the financial year or within such longer period as the Minister may approve, submit to the Minister, a comprehensive report of its operations during that year, and the report shall be published in such manner as the Minister may require. (2) The Minister shall lay the annual report of the Authority in Parliament, within three months of its receipt.

A.265

  1. No liability, civil or criminal, shall attach to an officer of the Authority, in respect of any loss arising from the exercise, in good faith by the officer of his or her function under this Act.

  2. The Minister may by Order published in the Gazette exempt a public or private body from the provisions of this Act, taking into account the size of the entity, revenue turnover and nature of services provided by the entity.

  3. A person aggrieved by the decision of the Authority may, within 90 days of the decision, apply for a review of the decision of the Authority, to the High Court.

  4. (1) A public body which, without lawful authority — (a) discloses information provided to that public body for the purpose or during the course of delivery of digital services; (b) publishes or discloses to any person otherwise than in the course of that person's duties, the contents of any documents, communication or information which relates to, and which has come to that person's knowledge in the course of that person's duties, the contents of any documents, communication or information which relates to, and which has come to that person's knowledge in the course of that person's duties under this Act; or (c) having information which to such public body's knowledge has been published or disclosed in contravention of paragraph (a), unlawfully publishes or communicates such information to any other person, commits an offence and is liable to an administrative penalty not exceeding 10 per cent of the net turnover of the private body for the previous financial year and where no net turnover for the previous financial year exists, 10 per cent of the gross revenue of the period of existence of the private body shall be used by the Authority to determine the quantum of the administrative penalty. (3) A person who — (a) forges, alters, damages or deletes information for the purpose of interfering with the processing of such information; (b) forges, alters, damages or uses an information system for the purpose of sharing of information without good cause; (c) discloses or disseminates to the public, any method or program by which information can be altered or deleted or;

Exemption from liability of officers of the Authority

Exemptions

Review of decisions of Authority

Offences and penalties

A.266

(d) processes information without lawful authority or beyond the authority accorded, commits an offence and is liable to a fine not exceeding nine years, or to both.

  1. (1) The Minister may make regulations for the better carrying out of the provisions of this Act. (2) Without prejudice to the generality of the powers conferred by subsection (1), the regulations may provide for — (a) the fees to be levied upon public and private bodies for the provision of services by the Authority; (b) the form and manner of digital services that shall be developed by a public or private body in terms of section 13; (c) the form and manner of the digital services integrity register; or (d) content regulation by content providers.

  2. A public or private body which, upon the commencement of this Act does not conform to the provisions of this Act, shall within a period of 24 months from the commencement of this Act, undertake such processes and activities to conform to the provisions of this Act.

PASSED by the National Assembly this 14th day of August, 2025.

DR. GABRIEL G. MALEBANG, Clerk of the National Assembly.

Regulations

Transitional arrangements

A.267

No. 23

ANTI-DOPING ACT, 2025

ARRANGEMENT OF SECTIONS

PART I — Preliminary

  1. Short title and commencement
  2. Interpretation
  3. Application of Convention
  4. Act binds State
  5. Application

PART II — Establishment and Functions of Botswana National Anti-Doping Organisation

  1. Establishment of Botswana National Anti-Doping Organisation
  2. Appointment of Director-General
  3. Conditions of service of Organisation
  4. Functions of Organisation

PART III — Board of Directors

  1. Board of Directors
  2. Membership of Board
  3. Powers and functions of Board
  4. Tenure of office
  5. Disqualification, suspension and removal from membership of Board
  6. Vacation of office
  7. Filling of vacancy
  8. Remuneration of members

PART IV — Meetings and Proceedings of Board

  1. Proceedings of Board
  2. Disclosure of interest by member
  3. Confidentiality

PART V — Committees of Board

  1. Committees of Board
Share