UAE Law and Practice Contributed by: Saifullah Khan and Saeed Hasan Khan, Bizilance Legal Consultants
Bizilance Legal Consultants D 3-4, Office 302 Al Sarab Tower, Level 15 ADGM Abu Dhabi United Arab Emirates Tel: +971 52 914 1118 Email: Saeed.hasan@bizilancelegal.ae Web: www.bizilancelegal.ae
1. Legal and Regulatory Framework 1.1 Overview of Data and Privacy- Related Laws The Constitution of the United Arab Emirates (UAE) provides that safety and security for all citizens shall be the pillars of society. The Con - stitution further provides that freedom of cor - responding through post, telegraph or other means of communication, and the secrecy thereof, is guaranteed in accordance with the law, and that dwellings are inviolable. These con - stitutional provisions serve as the foundational guidelines for respecting privacy. The statutory regime concerning data protection is chiefly found in the following laws/regulations. • Federal Decree Law No 45 of 2021 on per - sonal data protection (the “UAE Law”). The UAE Law is a federal-level law applicable across the UAE, except for the following: (a) governmental data; (b) government authorities that control and process personal data; (c) security and judicial authorities; (d) health-related personal data; (e) banking and credit personal data; and (f) companies and organisations incorpo -
rated in free zones. • Dubai International Financial Centre (DIFC) Law No 5 of 2020 (the “DIFC Law”). The DIFC is a free zone, and the DIFC Law applies in the jurisdiction of the DIFC. • The Abu Dhabi Global Market (ADGM) Data Protection Regulations 2021 (the “ADGM Regulations”). The ADGM is a free zone, and the ADGM Regulations apply in the context of the establishment of a controller or a pro - cesser in the ADGM. Apart from the above, sector-specific regulations govern data protection in their respective sec - tors, as follows: • Federal Law No 14 of 2018 (concerning the Central Bank of the UAE) governing data pro - tection of customers of banks; • Federal Law No 3 of 2003 (concerning tel - ecommunications) governing data protection of telecoms consumers; and • Federal Law No 2 of 2019 (concerning use of information and communication technology in health fields) governing confidentiality of patients’ information. The above-mentioned laws/regulations provide for matters related to offences, penalties and enforcement in their respective sphere.
496 CHAMBERS.COM
Powered by FlippingBook