July 2025 – Gandhi & Associates

Revised Minimum Wage in Nepal (2025)

Posted on July 25, 2025July 25, 2025 by Rajanish Ojha

The Ministry of Labour, Employment and Social Security of Government of Nepal has issued a press release revising the minimum wage structure, effective from 01 Shrawan 2082 (17 July 2025).

Based on recommendations of the Minimum Wage Determination Committee, the new wage structure sets the minimum monthly remuneration at NPR 19,550, which includes a basic salary of NPR 12,170 and a dearness allowance of NPR 7,380. Similarly, the daily and hourly wage rates are now fixed at NPR 754 and NPR 101, respectively, with part-time hourly workers entitled to NPR 107.

The revised minimum wage structure is as follows:

S.N.	Minimum Wage Category	Basic Salary (Rs.)	Dearness Allowance (Rs.)	Total Monthly Wage (Rs.)
1.	Monthly	12,170	7,380	19,550
2.	Daily	470	284	754
3.	Hourly	63	38	101
4.	Part-Time (per hour)	–	–	107

This updated wage structure applies to all workers except those in the tea-estate sector and is mandatory for all employers across Nepal. The minimum wage increment notice has also been published in the Nepal Gazette on 05 Shrawan 2082 (21 July 2025) by Ministry of Labour, Employment and Social Security of Government of Nepal, full text of which can be accessed from here.

Overview of Directives for Managing the use of Social Media, 2080 (2023)

Posted on July 17, 2025July 17, 2025 by Rajanish Ojha

The Ministry of Communication and Information Technology under Government of Nepal introduced Directives for Managing the use of Social Media, 2080 (2023) (“Social Media Directives”) through publication in Nepal Gazette dated 27 November 2023. The Social Media Directives establishes a regulatory framework for the operation, oversight, and compliance of social media platforms within Nepal.

This article provides for the general overview of the Social Media Directives, enlistment requirements, classification of social media platform, and other compliance requirements for social media platforms and social media users.

I. Definition

The definitions under the Social Media Directives are as follows:

a. Social Media: A media, including group, blog, app which provides facilities to any person, group or organization to communicate interactively with each other and to broadcast content created by users in accordance with the facilities and methods provided by the social media platform through electronic means of communication such as computer, internet.

b. Social Media Platform: A publicly available system based on the internet or information technology, such as Facebook, Tiktok, Twitter, Viber, Pinterest, Whatsapp, Messenger, Instagram, Youtube, Linkedin, WeChat, etc, that allows an individual or organization to exchange ideas or information with each other or provides facilities to disseminate user-generated contents.

II. Social Media Platform Enlistment

Any individual, company, or organization intending to operate a social media platform must enlist with the Ministry of Communication and Information Technology (“Ministry”). If the social media platform fails to enlist, the Ministry can prohibit such platforms from operating within Nepal.

However, this provision does not apply to social media platforms that operate solely for the purpose of civic education and social empowerment.

III. Procedure for Enlistment of Social Media Platform

A. Applicable procedures

*STEPS*	Description
STEP 1	Submit the online/offline application in prescribed format along with the required documents in person or through a representative at the Social Media Management Unit under the Ministry.
STEP 2	If the Social Media Management Unit, upon examination of the application, finds the details appropriate, the social media platform will be provided with a Memo of Enlistment.

Note: In case of online application, submit the application and required documents in the email: snru@mocit.gov.np.

B. Required documents

a) For the company/organization with head office in Nepal

*S.N.*	Description
i.	Memorandum of Association and Articles of Association of company/organization;
*ii.*	Registration certificate of company/organization;
iii.	PAN/VAT certificate of company/ organization;
iv.	Update letter of company;
v.	Certificate of latest tax clearance;
vi.	Company minutes related to decision of enlistment;
vii.	Details of shareholders registry;
viii.	Details of foreign investors investing in shares, if any;
ix.	Details of Board of Directors of company/ organization;
x.	Citizenship certificate for Nepali citizen and copy of passport for foreigner;
xi.	Privacy policy, data usage policy, information security policy;
xii.	Documents related to technical ability and professional competence;
xiii.	Video KYC of authorized representative in case of online application;
xiv.	Standards prescribed by social media in relation is its users;
xv.	Process of grievance handling mechanism in social networks; and
xvi.	Other necessary details.

b) For the company/organization with head office in other country

*S.N.*	Description
i.	Memorandum of Association and Articles of Association of company/organization;
*ii.*	Registration certificate of company/organization;
iii.	PAN/VAT certificate of company/ organization;
iv.	Certificate of latest tax clearance;
v.	Company minutes related to decision of enlistment;
vi.	Copy of passport of authorized representative;
vii.	Video KYC of authorized representative in case of online application;
viii.	Standards prescribed by social media in relation is its users;
ix.	Process of grievance handling mechanism in social networks; and
x.	Other necessary details.

IV. Prohibition for social media users

The Social Media Directives provides for responsibilities on all users of social media platforms in Nepal and outlines a comprehensive list of prohibited behaviours aimed at ensuring ethical, lawful, and respectful online conduct. General prohibitions include:

a) Create an anonymous or disguised identity (fake ID, pages, group);

b) Produce and share content or share other’s content or comment on other’s content or make calls anonymously or with disguised identity (fake ID, page, group);

c) Target any person, community, caste, sex, religion, age, color, class, profession, sect, marital status, family status, physical or mental condition, origin, sexual orientation, language and other groups or category of people protected by law to spread hatred, or share word, audio, visual, picture that harm social harmony and tolerance and to create, publish and broadcast trolls;

d) Encourage child labour, human trafficking, polygamy, child marriage, caste untouchability and other activities prohibited by prevailing laws;

e) Create offensive words, audio visuals, images, trolls with an intention to bully others and use hateful expressions, defamation, or acts that constitute hate speech;

f) Perversely modify the photograph of a person by animation, montage and other technology through the use of digital media and publish or broadcast such photograph;

g) Edit, publish and broadcast without permission, the photographs and videos of private matters other than those of a public nature;

h) Publish, broadcast or comment in support of obscene word, photograph, audio, video animation;

i) Encourage content that harms child and promotes prohibited activities including child sexual exploitation, sexual abuse, prostitution;

j) Publish or broadcast false information, misleading information, misinformation, disinformation; and

k) Commit act that constitutes cyber bullying.

V. Classification of Social Media Platforms

Social Media Directives classify social media platforms based on their user base, as detailed below:

a) Small Social Media Platform: Platforms with fewer than 100,000 users.

b) Large Social Media Platform: Platforms with more than 100,000 users.

VI. Point of Contact

Operators of social media platforms are subject to compliance requirements, including:

Appoint a designated contact person based in Nepal.
Establish a grievance handling officer.
Maintain a content moderation unit for Nepal-specific content.

VII. Social Media Management Unit

The Social Media Management under the Ministry is responsible for monitoring compliance with the Social Media Directives and resolving user grievances related to social media use in Nepal.

VIII. Duties of Social Media Platform Operators

The Social Media Directives outlines responsibilities for operators of social media platforms operating in Nepal, including the following:

Algorithmic Control: Operators must develop and implement algorithms capable of detecting and limiting the publication, promotion, or advertisement of content that violates prevailing Nepali laws.
Timely Content Removal: Upon receiving a valid grievance or an order from the Social Media Management Unit (SMMU), operators must remove unlawful or objectionable content within 24 hours.
Data Privacy and Security: Platforms are required to adopt robust data security measures and ensure the confidentiality of user information.
Transparency in Moderation: Operators must align their content moderation policies with international standards, particularly the Santa Clara Principles on transparency, due process, and accountability.
Legal and Financial Compliance: All monetary transactions related to the platform’s operations in Nepal must be conducted through recognized banking channels, ensuring financial transparency and regulatory compliance.

IX. Duties of Social Media Users

Social media users in Nepal are also held accountable under the Social Media Directives, with specific responsibilities including:

Upholding National Interest: Users are strictly prohibited from publishing, promoting, or interacting with content that undermines Nepal’s sovereignty, territorial integrity, national unity, security, or intergovernmental harmony.
Avoiding Hate and Division: Content that promotes religious or communal hatred is strictly forbidden.
Indirect Engagements Also Restricted: Not only is publishing prohibited, but so is liking, sharing, commenting, tagging, live-streaming, reposting, subscribing to, or mentioning any content that is classified as illegal under the Social Media Directives.

Disclaimer: This article is for general informational purposes only and does not constitute legal advice, advertisement, personal communication, solicitation or inducement. No attorney-client relationship is created through this content. Gandhi & Associates assumes no liability for any consequences resulting from actions taken based on information contained herein.

For quick legal assistance:

Phone/Viber/WhatsApp: +977 9709035477

For specific legal advice regarding social media platform enlistment in Nepal, please contact our office to schedule a consultation with our experts.

Overview of Data Center and Cloud Service (Operation and Management) Directives, 2081 (2024)

Posted on July 17, 2025July 17, 2025 by Rajanish Ojha

The Ministry of Communication and Information Technology under Government of Nepal introduced Data Center and Cloud Service (Operation and Management) Directives, 2081 (2024 A.D) (“Data Center and Cloud Service Directives”) which was approved by ministerial level on 2081.10.15. Data Center and Cloud Service Directives seek to enhance data security, ensure data sovereignty, and promote efficient service delivery across both public and private sectors.

This article provides for the general overview of the Data Center and Cloud Service Directives, enlistment requirements for data centre and cloud sservice providers, tier rating, and other compliance requirements.

I. Definitions

The key definitions under Data Center and Cloud Service Directives are as follows:

a. Data Centre: A center with the necessary infrastructure for the storage of data and the operation of information technology systems by the government, public and private sectors.

b. Cloud Service: The hardware and software-integrated infrastructure prepared by a data centre service provider or other entity to operate (host) information technology systems developed by the government, public and private sectors.

c. Data: A formal representation of information, knowledge, or instructions gin the form of letters, numbers, images, sounds, or audio-visuals that are being formally prepared or have been prepared for its use in a computer, computer system, or computer network, or produced by a computer, computer system or computer network.

II. Enlistment Requirements

All data centers and cloud service providers must register with the Department of Information Technology (“DOIT”) before commencing operations.

Existing service providers must apply for registration within six months of the Directive’s enforcement date, i.e., by July 31, 2025 (as the Directive was enacted on January 28, 2025).

III. Required Documents

*S.N.*	Documents
1.	Company or firm registration certificate
2.	Security and privacy policy
3.	Business Continuity Plan (BCP)
4.	Technical personnel details
5.	IP pool details

*S.N.*	Additional documents for Data Centre	Additional documents for Cloud Services
1.	Fire safety assurance certificate	Agreement with a registered data center
2.	Building completion certificate	ISP/NSP affiliation details
3.	Tier classification of the data center (Tier I, II, III, or IV)	Information Security Related Standard certificate
4.	Physical security methods used	IT Service Management Standard certificate
5.	High-level electrical design and layout
6.	Agreement with land/building owner (if rented)
7.	Information Security Standard certificate for both Data Center (DC) and Disaster Recovery (DR)

Upon receiving all required documents, DOIT will conduct a physical inspection of the infrastructure. If satisfied, DOIT will issue a Certificate of Enrollment within one month from the date of application. Also, DOIT holds the authority to cancel the enrollment if the service provider is found in violation of the Data Center and Cloud Service Directives.

IV. Tier rating of the data centre

Data Centers will receive a “Tier Rating” based on their physical infrastructure and services, categorized as:

*Criteria*	Tier 1	Tier 2	Tier 3	Tier 4
Distribution Path (Power/Cooling)	1	1	1 Active / 1 Alternative	2 Active
Redundant Active Component	N	N	N+1	2(N+1)
Redundancy – Backbone	No	No	Yes	Yes
Redundancy – Horizontal Cabling	No	No	No	Optional
UPS/Generator	Optional	Yes	Yes	Dual Systems
Concurrently Maintainable	No	No	Yes	Yes
Fault Tolerant	No	No	No	Yes
Availability (Uptime/Year)	99.671%	99.749%	99.982%	99.995%
Maximum Downtime/Year	< 28.8 hours	< 22 hours	< 1.6 hours	< 26.3 minutes
Power Backup Requirement	12 hours	12–24 hours	24–48 hours	48+ hours

The data center service provider must submit the tier rating certificate to the DOIT within one year of listing. Further, any data centre storing governmental data must have at least 3 3-tier rating or above.

V. Compliance Requirements for Data Center and Cloud Services in Nepal

Under the Data Center and Cloud Service Directives, the following compliance obligations are imposed on data center and cloud service providers:

a) Service providers must conduct annual security audits and submit compliance reports to the Department of Information Technology (DOIT), verifying adherence to data security and operational standards.

b) Each service provider must either:

Appoint a dedicated compliance officer, or
Collaborate with an authorized institution to ensure conformity with international best practices and standards (such as ISO/IEC 27001, ITIL, etc.).

c) In the event of any unauthorized access or security breach, the service provider is obligated to:

Immediately notify the relevant authority (DOIT), and
Take prompt remedial actions to mitigate the breach.

d) Service Providers must ensure the development and maintenance of a secure, resilient infrastructure, which includes:

High-standard technical equipment (e.g., servers, network switches, racks, storage systems, HVAC systems)
Physical and digital security systems, including access control, CCTV, and fire safety mechanisms
Continuous monitoring of network and infrastructure integrity.

VI. Removal of Enlistment of Data Center and Cloud Service Providers

Under the Data Centre and Cloud Service Directives, the DOIT can remove a service provider from its official registry under the following circumstances:

a. Voluntary Cancellation: A service provider may submit a formal request for cancellation of its registration. Upon verification, the Department may approve and process the removal.

b. Non-Compliance: The Department reserves the right to cancel the enlistment if the service provider:

Fails to comply with the provisions of the Directive,
Neglects to maintain required standards, or
Does not submit mandatory documents or updates as required by the regulatory framework.

VII. Integrated Data Management Center

The Data Centre and Cloud Service Directives provides for the establishment of Integrated Data Management Center (the “Center”) for the purpose of ensuring robust infrastructure for government digital operations. Its primary responsibilities include:

Infrastructure Management: Provision of colocation facilities and necessary technical infrastructure for government IT systems.
Continuity of Services: Ensuring the uninterrupted operation of cloud and virtual resources for government systems in alignment with Service Level Agreements (SLAs).