QATAR Law and Practice Contributed by: Alex Saleh, Asad Ahmad, Dean Jaloudi and Jehan Saleh, GLA & Company
5.4 Blocking Statutes Pursuant to Article 15(3) of the QFC Regulations, a data subject has the right to require and obtain from the data controller – upon request, at rea - sonable intervals and without excessive delay or expense, as appropriate – the rectification, eras - ure or blocking of personal data, the processing of which does not comply with the law. 5.5 Recent Developments There have been no recent developments in the regulation of the international transfer of person - al data. However, given that neighbouring coun - tries have enacted amendments to supplement their own data protection laws, Qatar may follow suit by introducing updates to its PDPPL to align with regional and global standards.
regulator), it is no longer necessary for data to be stored “on-premises” or “locally”. Instead, organisations should implement security meas - ures such as encryption, anonymisation and aggregation at predefined secure hubs (regions/ availability zones), which are more efficient than localisation. The Cloud Policy Framework (CPF) issued in June 2022 sets the roadmap for more concrete considerations relating to the above-mentioned circumstances and operations. According to the CPF, data residency shall no longer be a require - ment as data classification schemes, security and encryption technologies now secure a high level of protection controls. It has been noted that these are newly discussed concepts, but it is expected that data localisa - tion may be required for extremely sensitive data only, and that this would constitute one of the limitations to an organisation collecting or transferring data in connection with foreign government data requests or foreign litigation proceedings.
353 CHAMBERS.COM
Powered by FlippingBook