Costa Rica Enacts New Digital Services and E-Commerce Law

Costa Rica enacted the "Law on Digital Services Governance and Electronic Commerce" (the Law), establishing a comprehensive framework governing digital services and electronic commerce, with a particular focus on online intermediary services, including digital platforms, online marketplaces, search engines, and data‑hosting services. 

The Law seeks to strengthen consumer protection in digital environments, safeguard fundamental rights online, and reinforce transparency, accountability, and due diligence obligations for digital service providers. It applies to anyone who provides digital services or engages in electronic commerce anywhere in the world with effects in Costa Rica. Public procurement activities are excluded, except for the supplementary application of certain provisions. 

Guiding Principles 

The Law is grounded on key principles such as functional equivalence, technological neutrality, good faith, technological security, accessibility, interoperability, and the preservation of pre‑existing rights.  

Enhanced Consumer Protection in Digital Environments 

The Law significantly strengthens information, transparency, and fair‑dealing obligations, including requirements for: 

• Identification of merchants and service providers.
• Clear and complete information on goods and services, total prices, contractual terms, guarantees, withdrawal rights, and complaint mechanisms.
• An express prohibition of dark patterns, defined as manipulative interfaces or practices that distort consumer decision‑making.
• Strict rules on digital advertising and unsolicited commercial communications, as well as enhanced protection for minors and vulnerable consumers.
• Security requirements for payment methods and compliance with personal data protection rules. 

Electronic Contracting 

The Law sets out detailed rules for the pre‑contractual and contractual phases of e-commerce. It clarifies, among other points, when and where electronic communications are deemed sent and received, the legal effect of offers and invitations to deal, and how consent is formed. Merchants must provide an explicit confirmation of the transaction and supply consumers with a durable record of it. 

Intermediary Liability Regime 

The Law introduces a tiered liability framework for intermediary service providers (mere conduit, caching, hosting, platforms, and search engines), aligned with international standards. Intermediaries are not automatically liable for third‑party content if they lack actual knowledge and act promptly and diligently once they become aware of an infringement. The Law also bars any general monitoring duty, protects end‑to‑end encryption and privacy, and sets due-process safeguards for court orders requiring content removal or disclosure of information. 

Reinforced Obligations for Online Platforms 

Online hosting and e‑commerce platforms are subject to enhanced due diligence obligations, including transparent terms and conditions in Spanish, notice‑and‑action systems, reasoned content removal decisions, internal complaint mechanisms, and heightened transparency regarding online advertising and algorithmic recommendation systems. Certain obligations are temporarily excluded for properly registered SMEs. 

Sanctions and Entry into Force 

The National Consumer Commission is designated as the competent enforcement authority. The Law establishes minor and serious infringements, with fines ranging from 10 to 50 base salaries, subject to proportionality criteria. 

The Law will take effect 12 months after publication. During that period, the Executive Branch must issue the implementing regulations. 

For more information, please contact us at info@blplegal.com.