Personal Data Protection Law
The Personal Data Protection Law constitutes an integrated framework to ensure the confidentiality of information and protect the privacy of individuals in the UAE. It provides a proper governance for data management and protection and defines the rights and duties of all parties concerned.
Provisions of the law
Here are some of the provisions of the law in brief:
- The provisions of the law apply to the processing of personal data, whether in full or part through electronic systems, inside or outside the country.
- The law defines the controls for the processing of personal data and the general obligations of companies that have personal data to secure it and maintain its confidentiality and privacy. It prohibits the processing of personal data without the consent of its owner, except for some cases in which the processing is necessary to protect a public interest or to carry out any of the legal procedures and rights.
- The law gives the owner of the data the right to request for corrections of inaccurate personal data and to restrict or stop the processing of his personal data.
- It sets out the requirements for the cross-border transfer and sharing of personal data for processing purposes.
The Personal Data Protection Law is the first federal law to be drafted in partnership with major technology companies in the private sector. It will come into force on 2 January 2022.
Read about Personal Data Protection Law on this private website.
Data and privacy protection
Other laws related to data protection and privacy include:
Consumer protection law
The Federal Law No. 15 of 2020 on Consumer Protection protects all consumer rights, including the data of the consumers and prohibits suppliers from using it for marketing.
Protecting data and privacy online
- Federal Law No. 5 of 2012 on Combatting Cybercrimes and its amendment by the Federal Law No. 12 of 2016
Federal Law No. 5 of 2012 on Combatting Cybercrimes (PDF) makes it illegal to disclose any information obtained by electronic means, if such information was obtained in an unauthorised manner.
Article 21 of the law makes one liable if he uses an electronic information system or any information technology means for offending another person or for attacking or invading his privacy.
Article 22 of the same law makes one liable if uses without authorisation, any computer network, website or information technology means to disclose confidential information which he has obtained in the course of or because of his work.
- Internet Access Management (IAM) policy
Telecommunications and Digital Government Regulatory Authority (TDRA) implements the Internet Access Management (IAM) policy in the UAE, in coordination with National Media Council and Etisalat and Du, the licensed internet service providers in the UAE. Under this policy, online content that is used for impersonation, fraud and phishing and/or invades privacy can be reported to Etisalat and Du to be taken down.
Read more about UAE laws and resolutions concerning activities conducted online.
- Electronic transactions
Federal Law No. 1 of 2006 on Electronic Commerce and Transactions provides security measures of electronic transactions and ensures that electronic data is authentic and reliable.
Privacy protection in the UAE Penal Code
- Article 378 of the UAE Penal Code makes one liable if he violates the private or familial life of individuals, by perpetrating one of the following acts, unless authorised by law, or without the victim’s consent:
a. If he lends his ears, records or transmits, through a device of any kind, conversations that took place in a private place or through the telephone or any other device.
b. Captures or transmits, through any kind of device, the picture of a person in a private place.
If these acts were done during a meeting in front of the attending persons, their consent shall be presumed.
The UAE’s Constitution
Article 31 of the UAE’s Constitution provides for the freedom of communication by means of post, telegraph or other means of communication and guarantees their confidentiality in accordance with the law.
Protection of copyrights, patents and trade marks
The following laws ensure protection of copyrights, patents and trademarks:
- Federal Law No. 7 of 2002 on Copyrights and related rights
- Federal Law No. 17 of 2002 on Regulation and Protection of Industrial Property of Patents, Industrial Drawings (Arabic)
- Ministerial Resolution No. 11 of 1993 on Executive Regulation of Law No. 44 of 1992 on Regulation and Protection of Industrial Property of Patents, Drawings and Designs (Arabic)
- Federal Law No. 37 of 1992 on Trademarks
Dubai Data law
The government of Dubai passed the Dubai Data law. One of its aim is data protection and privacy of the individual.
Read more about: