HomeAnalyticsAlertsDigital Services Regulation in Azerbaijan: New Requirements for Technology Companies

Digital Services Regulation in Azerbaijan: New Requirements for Technology Companies

International technology companies operating in Azerbaijan now face a tightening regulatory environment. Azerbaijan's digital services legislation has been substantially updated, introducing new obligations that affect how foreign platforms, software providers, and digital service operators conduct business in the country. Companies that fail to act within the prescribed timeframe face the risk of service suspension, financial penalties, and forced market exit.

Azerbaijan has enacted updated digital services regulation that takes effect in the second half of 2025, introducing mandatory technology licensing, local data processing requirements, and algorithmic accountability obligations for qualifying digital service providers. International companies whose platforms reach Azerbaijani users above defined activity thresholds must complete compliance registration and appoint a local representative before the deadline. Non-compliant operators risk administrative penalties and blocking of their digital services within Azerbaijan's territory.

This alert identifies which business categories are affected, sets out the threshold criteria that trigger compliance obligations, and lists the immediate actions international companies should take now.

What changed and when it takes effect

Azerbaijan's updated regulatory rules for digital services introduce several distinct requirements. They apply to providers of online platforms, software-as-a-service products, algorithmic recommendation systems, and other digital services accessed by users located in Azerbaijan.

The principal changes cover four areas. First, technology licensing – operators of qualifying digital services must obtain or update their authorisation under Azerbaijan's information technology legislation before commencing or continuing regulated activity. Second, algorithmic accountability – providers using automated decision-making or recommendation algorithms must document how those systems function and produce that documentation on request by the relevant authority. Third, software liability – providers bear explicit responsibility for harms caused by defective or non-compliant software deployed to Azerbaijani users. Fourth, data localisation – personal data of Azerbaijani users collected through digital services must be processed and stored on servers located within Azerbaijan or in jurisdictions recognised under applicable data protection rules.

The effective date for the core obligations is the second half of 2025. Authorities have indicated that enforcement will begin promptly after that date. Companies should treat the deadline as firm rather than aspirational.

Practitioners in Azerbaijan note that the authorities have signalled limited tolerance for grace periods where companies have had prior notice of the regulatory change. International businesses that delay risk finding their digital services blocked by telecommunications regulators without further warning.

For companies already active in Russia or other CIS markets, this development follows a regional pattern of tightening digital regulation. Our alert on digital services regulation in Russia sets out a comparable compliance picture that may assist in assessing group-level exposure.

Who is affected and what thresholds apply

The new rules apply to any legal entity – whether incorporated in Azerbaijan or abroad – that provides digital services to users in Azerbaijan above defined activity thresholds. The following categories of operator are within scope.

  • Online platforms and marketplaces with a regular Azerbaijani user base
  • Software-as-a-service and cloud service providers whose products are actively used within Azerbaijan
  • Mobile application publishers distributing to Azerbaijani users through app stores or direct download
  • Providers of algorithmic content recommendation, ranking, or automated decision systems
  • Digital payment intermediaries and fintech platforms operating without a separate financial services licence covering these obligations

Threshold criteria that trigger the full set of obligations include: the number of active Azerbaijani users exceeding a defined monthly threshold. generating revenue from Azerbaijani users above a specified level. or operating infrastructure within Azerbaijan's territory. Providers that fall below all thresholds may still be subject to the software liability and algorithmic accountability provisions if their services are accessible from Azerbaijan.

Foreign companies without a physical presence in Azerbaijan are not exempt. The legislation applies on the basis of market effect – that is, where services are directed at or used by persons in Azerbaijan – regardless of where the provider is incorporated.

For companies with existing intellectual property assets registered in Azerbaijan, the new digital services rules interact with existing IP licensing obligations. Software distributed to Azerbaijani users must comply with both the digital services regime and applicable IP legislation, including rules on localisation of licensed content.

To receive an expert assessment of your company's exposure under Azerbaijan's digital services regulation, contact us at info@ferrazwhitmore.com.

Immediate actions for international companies

Companies within scope should act on the following priorities before the compliance deadline.

  • Conduct a threshold assessment. Map your Azerbaijani user base, revenue streams from Azerbaijan, and any local infrastructure. Determine whether your operations exceed the thresholds triggering full obligations or fall within the lighter-touch regime.
  • Apply for or update technology licensing. If your services require authorisation under Azerbaijan's information technology legislation, begin the application process immediately. Licensing processes in Azerbaijan typically take several weeks and may require notarised translations of corporate documents.
  • Appoint a local representative. Foreign providers must designate a legal representative in Azerbaijan who can receive regulatory correspondence and act on behalf of the company. This appointment must be documented and registered with the relevant authority.
  • Audit algorithmic systems for accountability compliance. Document the logic, inputs, and outputs of any automated decision or recommendation systems deployed to Azerbaijani users. Prepare summaries suitable for regulatory disclosure.
  • Review data storage arrangements. Assess whether personal data of Azerbaijani users is currently processed outside Azerbaijan. If so, evaluate whether existing arrangements satisfy the recognised-jurisdiction exception or whether migration to local infrastructure is required.

Companies with broader AI Act compliance programmes at the EU level should note that Azerbaijan's algorithmic accountability rules, while distinct in scope and enforcement mechanism, address comparable concerns. Aligning internal documentation standards across both regimes will reduce duplication of effort.

Our full-service AI and technology law practice in Azerbaijan covers technology licensing, regulatory registration, and ongoing compliance support for international digital service providers operating in the CIS region.

About Ferraz & Whitmore

Ferraz & Whitmore is an international law firm based in Lisbon, advising business clients across 46 jurisdictions. Our AI and technology law practice supports international technology companies entering or operating in Azerbaijan and the broader CIS region, covering digital services regulation, technology licensing, software liability, and algorithmic accountability obligations. The firm combines Portuguese civil law expertise with English common law tradition, giving clients access to cross-border legal solutions across both European and high-growth emerging markets. Our attorneys have advised on technology regulation and market entry matters across civil law and common law systems alike. Engaging a lawyer in Azerbaijan with cross-border CIS experience is essential when regulatory timelines are tight – as an international law firm in Azerbaijan-adjacent practice, Ferraz & Whitmore provides results-oriented counsel from day one. For a preliminary review of your digital services compliance position in Azerbaijan, email info@ferrazwhitmore.com.

Disclaimer: This publication is provided for informational purposes only and does not constitute legal advice. The information herein should not be relied upon as a substitute for professional legal counsel tailored to your specific circumstances. Ferraz & Whitmore assumes no liability for actions taken or not taken based on the contents of this material. For advice regarding your particular situation, please contact info@ferrazwhitmore.com.