Data law a priority concern in UAE


Data protection experts in the Gulf are welcoming new data privacy laws being brought in by UAE.

UAE’s Telecommunications Regulatory Authority (TRA) is due to establish new legislation which specialists anticipate will introduce stricter controls over data privacy and ways in which data is shared with agencies.

According to Talal Wazani, a security manager at strategic consultancy firm, Help AG, the developments represent a work in progress which will eventually lead to a GDPR-style suite of legislation under which data dealing will be very much consent-based.

“As far as we know, two initiatives are going on. One is at the Dubai level and the other at the Federal level. One of Smart Dubai’s initiatives is the Dubai Data Law, also known as Bayanat Dubai, but we don’t have any clarity on how it is going to be or what the structure is. On the Federal level, TRA is working on the foundation for the UAE Data Privacy Law,” Wazani said.

“For GDPR, EU is the governing body and in the Middle East, there is no governing body. How long is it taking for the GCC-wide VAT to be implemented? The difficulty is in aligning together all the local privacy laws in the Middle East, apart from the jurisdiction laws as well.”

While conceding that work remains to be done both in Dubai and throughout UAE, PwC director, Phil Mennie has underlined how UAE authorities are in the same boat as many other global nations as they bid to catch up with the standards set by the EU’s new data laws.

“Only in the last few years, privacy has become such an important topic after the recent scandals, data breaches and the fines coming out of Europe. It is the right thing to introduce to protect the personal data of individuals,” Mennie said.

This year has also seen TRA release new policy-regulating services relating to the Internet of Things (IoT) to address data protection concerns.

Speaking to TechRadar about the essential role data privacy must play in UAE legislation, Mo Mohammad Al Zarooni, Director of Policies and Programs Department at TRA, said:

“We will look at the best performing practices performed worldwide; GDPR will be one of the inputs to it. We want to make sure that whatever regulations are put, are easy to be implemented across different sectors,” he said.

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered.