Act Now in Dubai 

Last week the Act Now team returned from a trip to the United Arab Emirates to promote our Middle East training programme. It was a great opportunity to better understand the UAE privacy framework and the needs of businesses faced with the challenge of implementing new laws (as well as get some sun!) 

The Middle East is fast catching up with Europe when it comes to data protection law.
The UAE recently enacted a federal law to comprehensively regulate the processing of personal data in all seven emirates. This will sit alongside current data protection laws regulating businesses in the various financial districts such as the Dubai International Financial Centre (DIFC) Data Protection Law No. 5 of 2020 and the Abu Dhabi Global Market (ADGM) Data Protection Regulations 2021. In addition there are a number of sector specific laws in the UAE which address personal privacy and data security.
Saudi Arabia, Bahrain and Qatar also now have comprehensive data protection laws. 

Whilst in Dubai we met with a number of potential clients, consultancies and law firms specialising in data protection. It was a great opportunity to discuss the changing privacy landscape and how Act Now can assist in developing the understanding of the legislation and its practical implementation. We had some interesting discussions about the changing privacy attitudes around the world, the power of Big Tech and increasing use of AI. 

We also had meetings with data protection regulators in Dubai and Abu Dhabi. We were impressed by their commitment to educating businesses about the new laws and their practical advice to reduce the burden of implementation. They emphasised the importance of embedding a privacy culture in organisations and an understanding of the UAE laws as standalone privacy laws and not just “importing of GDPR”. A special thank you to Lori Baker at the DIFC and Sayid Madar at the ADGM for taking time out of their busy schedules to meet us.  

During our last trip to Dubai in 2018 there was very little awareness of data protection law amongst businesses and compliance seemed to be geared around GDPR. This time on our travels (and shopping trips) we certainly noticed a more serious attitude amongst larger businesses to try and get data protection right. We saw  privacy notices in most official forms, CCTV signs in malls and even a privacy notice recording when ringing our hotel.  

The introduction and/or revision of privacy law in the Middle East is an important development which further proves that data protection is a truly global issue.
Many organisations may need to appoint a Data Protection Officer as part of the new legal framework. Even where they do not need a DPO they will certainly need someone to drive forward compliance and liaise with regulators. This opens up opportunities for UK and EU Data Protection professionals especially as the new laws have some alignment with  the EU General Data Protection Regulation (GDPR)  and the  UK GDPR
 

These are exciting times for data protection professionals. For those seeking a fresh new challenge and the opportunity to spread the data protection message to new jurisdictions, now is the time to brush up on Middle East data protection laws. See photos of our trip below. Sun, sea and subject access awaits! 

Data Protection Laws Around the World

photo-1521295121783-8a321d551ad2

Data Protection is going global! 1st of July 2020 is a key date in the development of data protection law around the world. The California Consumer Privacy Act (CCPA) became fully enforceable on this date following a six month grace period. The Act regulates the processing of California consumers’ personal data, regardless of where a company is located. All international businesses have to consider the application of CCPA to their data processing activities 

1st July 2020 is also the date when a new data protection law came into effect in Dubai, although it will not be enforced until 1st October 2020. The Dubai International Financial Centre (DIFC) Data Protection Law No. 5 of 2020 regulates the collection, handling, disclosure and use of personal data and includes enhanced governance and transparency obligations. It applies to all businesses based in the DIFC as well as those processing personal data on their behalf.  

GDPR style data protection laws have also been enacted in Africa, South America, Asia and the Far East. Many other countries have new privacy laws in the pipeline. What impact will this have on your business? What are the career development opportunities for Data Protection Officers and lawyers? 

Ibrahim Hasan is delivering a webinar which will give you a whistle-stop tour of data protection laws around the world. He will focus on the recently enacted California Consumer Privacy Act (CCPA) and the Dubai International Financial Centre (DIFC) Data Protection Law No. 5 of 2020 as well as other GDPR style laws in force now and coming up in the future.

Act Now Dubai Micro Site Banners1

%d bloggers like this: