IT & Communications


You may already be aware that the Dubai International Financial Centre Authority (DIFCA) recently published a consultation paper seeking views on the new DIFC Data Protection Law. The proposed changes seek to bring the DIFC legislative framework more into line with the European General Data Protection Regulation and are likely to have a significant impact on your business operations in the DIFC.

The UAE Telecommunications Regulatory Authority (TRA) has published a new policy regulating services and devices associated with the Internet of Things (IoT Policy). The IoT Policy’s introduction reflects a growing regional trend to regulate specific market sectors and technologies in response to their increasing prevalence and the perceived risks they present.

Important changes are coming for anyone who collects, processes or transfers electronic health data originating in the UAE. Besides a host of new data protection measures and new rules around use of a centralized database managed by the United Arab Emirates (UAE) Ministry of Health, a general prohibition on transferring health data outside the UAE may have a significant impact on healthcare service providers and life sciences companies operating locally.

The Communications and Information Technology Commission (CITC) which regulates the information communications and technology (ICT) sector in the Kingdom of Saudi Arabia, has issued a revised version of its regulatory framework for cloud services, which simultaneously reduces the compliance burden on cloud service providers (CSPs) and enhances the statutory protection afforded to them.