⚡ Key Takeaways

Algeria’s ANPDP issued Deliberation No. 02 on March 4, 2026, setting workplace video-surveillance rules under Law 18-07: a one-year maximum retention period, mandatory signage, restricted access, a ban on cameras in private zones, and an internet-connection ban for public-sector systems.

Bottom Line: Algerian businesses should audit their cameras now, post signage, and adopt a documented one-year retention and access policy — and consider local privacy-tech vendors to handle the compliance work.

Read Full Analysis ↓

🧭 Decision Radar

Relevance for Algeria
High
Video surveillance is deployed across nearly every Algerian workplace, so this deliberation touches factories, retailers, banks, schools, and offices nationwide.
Action Timeline
Immediate
The deliberation is already in effect; organizations should audit cameras, post signage, and document retention policies now rather than wait for enforcement to mature.
Key Stakeholders
HR directors, legal teams, facility managers, tech vendors
Decision Type
Tactical
This requires concrete operational steps — a camera audit, signage rollout, and a written retention-and-access policy — rather than a long-term strategic pivot.
Priority Level
High
Non-compliant surveillance exposes employee privacy and legal risk, and the obligations are specific enough to act on immediately.

Quick Take: Algerian businesses should inventory every camera, remove any pointing into private zones, post clear signage, and lock down a documented one-year retention and access policy. Smaller firms without in-house legal capacity can outsource the audit and paperwork to local compliance consultants and privacy-tech vendors — turning the obligation into a predictable deliverable.

Advertisement

A Concrete Rulebook for an Everyday Technology

Video surveillance is one of the most widely deployed technologies in Algerian workplaces — found in factories, retail stores, banks, warehouses, schools, and offices across the country. Until recently, businesses installed cameras with little formal guidance on how to do so in a way that respects employee and visitor privacy. That changed on March 4, 2026, when the Autorité Nationale de Protection des Données à caractère Personnel (ANPDP) — Algeria’s national personal-data-protection authority — issued Deliberation No. 02 on workplace video surveillance.

The deliberation translates the broad principles of Law 18-07 — the 2018 personal-data-protection law adopted on June 10, 2018 — into specific, actionable obligations. Rather than leaving businesses to guess what “lawful surveillance” means, the ANPDP has now drawn clear lines. For compliance-minded organizations, that clarity is an asset: it replaces ambiguity with a checklist.

The framing here matters. This is not a restriction on doing business — it is a roadmap that lets businesses deploy cameras with confidence, knowing exactly what compliant operation looks like. And because compliance now has a defined shape, it also creates demand for the products and services that help companies meet it.

What the Deliberation Actually Requires

According to reporting by TSA on the new rules and Algérie Éco’s coverage, the deliberation sets out a clear set of obligations that every organization operating cameras should plan around.

Transparency and notification. Organizations must clearly inform employees, visitors, and partners that cameras are present. This is done through visible signage or internal communications that specify where cameras are located and why they are installed. The purpose of surveillance is limited to securing people and property — not to monitoring employees beyond that legitimate aim.

Prohibited zones. Cameras may not be installed in spaces with a strong private dimension — toilets, changing rooms, and any area intended to preserve personal intimacy are off-limits. This is one of the clearest, easiest-to-audit rules in the whole deliberation.

Retention limits. Recordings may be kept for a maximum of one year, after which they must be deleted. Footage must also be stored securely against unauthorized access or misuse.

Access control. Only personnel specifically designated by the data controller — the senior official responsible for the organization — may access recorded footage. This narrows the circle of people who can view sensitive material.

Internet restriction. Public administrations and state enterprises are forbidden from connecting their surveillance systems to the internet, a measure Algérie Éco frames as a guard against data leakage and hacking of recorded information.

Authorization. Installing systems without night vision requires prior authorization from the territorially competent wali, granted after consultation with the wilaya security commission. Defense and interior ministry services are exempt from this step.

Underpinning all of this, Law 18-07’s articles 32, 34, 35, and 36 preserve individuals’ rights to information, access, rectification, and opposition over their recorded personal data — rights that organizations must be ready to honor.

Advertisement

What Businesses Should Do

The deliberation is effective now, so the practical question for HR directors, legal teams, and facility managers is how to move quickly toward demonstrable compliance. The good news is that the obligations are concrete enough to turn into a project plan.

1. Audit your existing camera systems against the new rules

Start with an inventory. Map every camera in your facilities: its location, field of view, whether it has night vision, whether it points into a prohibited zone, and where its footage is stored. Flag any camera covering toilets, changing rooms, or break areas with strong privacy expectations for immediate removal or repositioning. For public-sector and state-enterprise systems, verify that no camera feed touches the internet. This audit is the foundation for everything else — without it, you cannot prove compliance, and it typically surfaces two or three quick wins (a misplaced camera, an unsecured recorder) in the first afternoon.

2. Update your employee notification and signage procedures

Compliance is not only about technology — it is about communication. Install visible signage at every monitored area and issue an internal communication that tells employees, visitors, and partners where cameras are, why they exist, and that footage is limited to securing people and property. Build this notice into your onboarding pack so every new hire is informed from day one. Document the date you posted signage and circulated the notice; that paper trail is what turns “we told people” into evidence an inspector can verify.

3. Implement a documented data-retention and access policy

Write a short, formal policy that fixes a retention period at or below the one-year maximum, specifies automatic deletion after that window, and names the exact individuals authorized to view recordings. Pair it with technical controls: access logs, password-protected recorders, and encrypted storage where possible. Designate one senior official as the data controller accountable for the system, and make sure your team can respond when an employee exercises their right under Law 18-07 to access, rectify, or oppose the processing of footage that features them. A policy that exists on paper but is not enforced offers no protection — wire the deletion schedule into the system itself.

4. Prepare your declaration and engage compliance expertise where needed

Organizations are expected to declare their data processing to the national authority and, where required, obtain wali authorization for non-night-vision installations. Treat this as a standard administrative step, not a hurdle. Smaller businesses without in-house legal capacity can lean on a growing pool of local consultants, law firms, and privacy-tech vendors who can run the audit, draft the policy, and handle the paperwork — turning a regulatory obligation into an outsourced, predictable deliverable.

The Bigger Picture: Algeria’s Privacy-Compliant Business Opportunity

Deliberation No. 02 does more than tidy up camera practices — it signals that data protection in Algeria is moving from principle to practice. Law 18-07 set the framework in 2018; the ANPDP is now operationalizing it sector by sector, and workplace surveillance is an early, highly visible test case. Businesses that build compliance muscle now will find it far easier to handle the next wave of data-protection guidance, whatever domain it covers.

There is a clear commercial dimension to this shift. Every obligation in the deliberation — the audit, the signage, the retention policy, the access controls, the secure storage — is a service or product that someone can deliver. Algeria has a young, capable pool of developers, security engineers, and legal professionals who are well positioned to build privacy-management tools, offer compliance-as-a-service, and advise the thousands of organizations that operate cameras. As enforcement matures, demand for these services grows with it.

Organizations that ignore the rules face exposure under Algeria’s updated data-protection framework: Law 25-11, adopted in July 2025, raised penalty ceilings to 1,000,000 DZD for serious violations, with criminal sanctions reaching 5 years’ imprisonment for intentional breaches. Even at the lower end, administrative fines start at 20,000 DZD per infraction — a figure that multiplies when multiple obligations (notification, retention, access controls) are each found non-compliant. The ANPDP is also expanding its regional audit capacity, and the annual breach-notification window under Law 25-11 is now capped at 5 days from discovery, leaving little room for delay once an incident occurs.

For the wider economy, a credible data-protection regime is also a trust signal. Companies that handle employee and customer data responsibly are more attractive partners for international clients and investors who increasingly expect privacy safeguards as a baseline. Treating Deliberation No. 02 as the first step on a longer compliance journey — rather than a one-off chore — positions Algerian businesses to compete on exactly the standards the global market now rewards.

Follow AlgeriaTech on LinkedIn for professional tech analysis Follow on LinkedIn
Follow @AlgeriaTechNews on X for daily tech insights Follow on X

Advertisement

Frequently Asked Questions

What is ANPDP Deliberation No. 02 and when does it take effect?

It is a deliberation issued by Algeria’s Autorité Nationale de Protection des Données à caractère Personnel on March 4, 2026, setting workplace video-surveillance rules under Law 18-07. It is effective now, so organizations operating cameras should begin aligning their practices immediately — auditing systems, posting signage, and documenting retention and access policies.

How long can Algerian businesses keep surveillance footage under the new rules?

The maximum retention period is one year. After that window, recordings must be deleted, and while stored they must be secured against unauthorized access or misuse. Businesses should configure their systems to delete footage automatically once the retention limit is reached and document that this control is in place.

Where are cameras prohibited, and who can access recordings?

Cameras are banned in spaces with a strong private dimension — toilets, changing rooms, and any area intended to preserve personal intimacy. Access to recorded footage is restricted to personnel specifically designated by the data controller, the senior official accountable for the system, which narrows the circle of people who can view sensitive material.

Sources & Further Reading