Home UAE Dubai Sheikh Mohammed enacts new data protection law for Dubai International Financial Centre The law will come into effect from July 1, 2020 by Varun Godinho June 1, 2020 Sheikh Mohammed bin Rashid Al Maktoum, Vice President and Prime Minister of the UAE and Ruler of Dubai, has enacted the Dubai International Financial Centre (DIFC) Data Protection Law No. 5 of 2020. The law which will come into effect from July 1, 2020, will give businesses a three-month grace period until October 1, to comply with the regulations within it. It will replace the Data Protection Law DIFC Law No. 1 of 2007 which would remain in effect until the time that the new law comes into effect. The Board of Directors of the DIFC Authority also issued a new Data Protection Regulations that sets out the procedures for notifications to the Commissioner of Data Protection, accountability, record keeping, fines and adequate jurisdictions for cross-border transfers of personal data, read a press statement. .@HHShkMohd enacts new @DIFC Data Protection Law No. 5 of 2020https://t.co/qM2vjpxHDP pic.twitter.com/iFVELYrFET — Dubai Media Office (@DXBMediaOffice) June 1, 2020 The new law combines the best practices from global regulations including the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act, among others. The statement added that the “the Data Protection Law and Regulations provide a framework that will support DIFC’s bid for adequacy recognition by the European Commission, the United Kingdom and other jurisdictions, easing data transfer compliance requirements for DIFC businesses.” “DIFC continues to develop its robust regulatory ecosystem built on the principles of compliance, integrity and security. The enhanced Data Protection Law combines the best practices from world-class data protection laws. By setting out the regulation, DIFC also sets a clear requirement for all organisations to follow global best practice relating to data and privacy,” said Essa Kazim, governor of DIFC. The new law will also legislate for accountability of Controllers and Processors through compliance programmes, appointing data protection officers, conducting data protection impact assessments and imposing contractual obligations that protect individuals and their personal data. Enhanced rights of individuals are clarified in terms of data usage by entities that collect and manage personal data, including contractual clarity of such rights when engaging with vendors of emerging technologies such as Blockchain and Artificial Intelligence. Permit options for cross-border data transfers and special category personal data processing have been removed and it also promotes appropriate data sharing structures between government authorities. General fines for serious breaches, administrative fines and maximum fines under the new law has also been outlined. Tags California Consumer Privacy Act Data Protection Dubai International Airport Dubai International Financial Centre Essa Kazim General Data Protection Regulation News Sheikh Mohammed bin Rashid Al Maktoum Technology 0 Comments You might also like How agentic AI will boost the digital economy across the Middle East Talabat plunges over 7.5% in Dubai trading debut after $2bn IPO Apple announces major retail expansion in Saudi Arabia Google, Hub71 partner to launch startup programme in 2025