Data Privacy & Data Protection Archives

UAE: Amendments to the DIFC Data Protection Law enacted

September 15, 2023 By Lucrezia Lorenzini, Maher Ghalloussi, Andrea Mezzetti and Rosanne Brennan 3 Mins Read

The law addresses for the first time the processing of personal data via autonomous and semi-autonomous systems In brief On 7 September 2023, the Dubai International Financial Centre (DIFC) enacted amendments to Data Protection Law No. 5 of 2020 (“DIFC Data Protection Law”) which came into force starting on 1 September 2023. These amendments were preceded by a 30-day public consultation launched by the DIFC in April 2023. The amendments are aimed at enhancing the…

Saudi Arabia: Resolution concerning Training Data Disclosure issued

September 3, 2023 By Abdulrahman AlAjlan, Christiana O'Connell-Schizas and Talal AlMutairi 2 Mins Read

On 3 September 2023, Ministerial Resolution No. 3568, dated 07/01/1445H (corresponding to 25 July 2023), which was issued by the Minister of the Ministry of Human Resources and Social Development (MHRSD) regarding the disclosure of training data, has come into effect. The Resolution provides that entities that employ 50 or more employees must annually declare training data on their Qiwa portal in accordance with the Resolution’s accompanying Procedural Guide. The Guide states that an entity…

Saudi Arabia: Implementing Regulations to the Personal Data Protection Law under Public Consultation

July 27, 2023 By Abdulrahman AlAjlan, Zahi Younes, Yousef Bugaighis, Hala Redwan, Lucrezia Lorenzini and Maher Ghalloussi 2 Mins Read

In brief On 11 July 2023, the Saudi Authority for Data and Artificial Intelligence (SDAIA) published two drafts of regulations to the Personal Data Protection Law promulgated by Royal Decree No. M/19, dated 09/02/1443H, amended pursuant to Royal Decree No. M/148, dated 05/09/1444H (PDPL). The drafts were published for public consultation and will be open to public commentary until 31 July 2023. While the drafts are not binding, they do provide helpful insights with regards…

UAE: DIFC proposed amendments on data protection regulations

May 1, 2023 By Lucrezia Lorenzini and Maher Ghalloussi 2 Mins Read

In brief On 18 April 2023, the Dubai International Financial Centre (DIFC) launched a 30-day public consultation on the proposed amendments to the Personal Data Protection Regulations to establish additional areas of regulation that would support the strong implementation of the DIFC Data Protection Law No. 5 of 2020 (please view the Consultation Paper No. 2 of 2023 here). The proposed amendments are aimed at enhancing the current data protection framework in the DIFC and…

Saudi Arabia: New amendments introduced to the Personal Data Protection Law

April 12, 2023 By Abdulrahman AlAjlan, Zahi Younes, Yousef Bugaighis, Maher Ghalloussi and Lucrezia Lorenzini 4 Mins Read

In brief The Personal Data Protection Law (“PDPL”) of Saudi Arabia (“KSA”) was recently amended pursuant to Royal Decree No. M/148, dated 05/09/1444H (corresponding to 27 March 2023G) (“Amended PDPL”). These amendments were preceded by a public consultation launched by the Saudi Data and Artificial Intelligence Authority (“SDAIA”) in late 2022. The Amended PDPL expands the scope under which Controllers could collect personal data from third parties and process it for purposes other than that for…