Data privacy and security requirements starting to make their way into Egyptian laws

What is changing?

The Combating Information Technology Crimes Law is the first Egyptian law that defines and penalizes various cyber crimes such as illegally logging into a website or private account, hacking or deactivating emails or websites, and illegally accessing credit card details. The law also clarifies that electronic data that is derived or extracted from various devices and sources may be considered as criminal evidence to prove the crimes stated in that law. Before the issuance of this new law, all forms of data theft, misuse, hacking and theft of website content were governed by laws which did not address the specific nature of these crimes. Therefore, it was very difficult to prove those crimes and enforcement was quite inconsistent in many respects.

The law also imposes new duties and obligations on service providers (i.e., any natural or legal person that provides users with information technology and communication services, including those who process and store data themselves or through third parties). These obligations include storing user data (whether personal or not) for a consecutive period of 180 days and ensuring the confidentiality and security of the stored data. Service providers must also make their contact details and obtained licenses easily accessible to users.

As for the new Consumer Protection Law, it grants consumers the right to not receive visits at their residences from sellers without their prior approval. The Consumer Protection Authority has indicated that this prohibition applies only to unsolicited sellers who physically approach residences. It does not relate to unsolicited electronic advertisement or unsolicited advertisement by post.

Please click here to view the full alert.

To speak to us in relation to any data privacy and security issues in Egypt, please feel free to contact one of the lawyers below.