Data Privacy & Data Protection


What has changed? The Ministry of Commerce and Investment in Saudi Arabia (MoCI) adopted the Implementing Regulations of the E-Commerce Law, with immediate effect on 31 January 2020, to accompany the recent shift towards electronic transactions that commerce is experiencing globally which helps achieve the strategic objectives of Vision 2030. Objectives The new regulations aim to (i) increase confidence in e-commerce transactions; (ii) provide consumers necessary protections against fraud, deception and misinformation; and (iii) boost…

You may already be aware that the Dubai International Financial Centre Authority (DIFCA) recently published a consultation paper seeking views on the new DIFC Data Protection Law. The proposed changes seek to bring the DIFC legislative framework more into line with the European General Data Protection Regulation and are likely to have a significant impact on your business operations in the DIFC.

The UAE Telecommunications Regulatory Authority (TRA) has published a new policy regulating services and devices associated with the Internet of Things (IoT Policy). The IoT Policy’s introduction reflects a growing regional trend to regulate specific market sectors and technologies in response to their increasing prevalence and the perceived risks they present.

Important changes are coming for anyone who collects, processes or transfers electronic health data originating in the UAE. Besides a host of new data protection measures and new rules around use of a centralized database managed by the United Arab Emirates (UAE) Ministry of Health, a general prohibition on transferring health data outside the UAE may have a significant impact on healthcare service providers and life sciences companies operating locally.