The UAE does not have a full federal data protection and privacy law, nor does it have a regulatory authority, however, matters are evolving. At PrivSec Global a panel of experts explored what the future might herald for regulations in the United Arab Emirates.
Kicking of the panel, Ben Gibson, Legal Director, CMS, explained that the Dubai International Financial Centre (DIFC) is heavily influenced by the EU General Data Protection Regulation (GDPR): ”We wanted to try and take account of some the initial difficulties that some were having to marry GDPR with emerging tech, such as with blockchain.”
Touching upon the state of play concerning tech and AI regulation within the UAE region, Nick Roudev, Managing Associate, Simmons & Simmons, stated that contrary to popular notion, the UAE is very focused on developing technology.
“Technology has been at the forefront of their mind. AI is expected to account for over 12% of the GDPR for the UAE. Regulation of AI has been on the mind on government officials for some time. It made waves here before it did in the EU,” said Roudev.
Roudev added: “The regulatory approach in the region has been very sensitive to business concerns. The best regulation is regulation that is optimal, not too much, not too little, and easy enough on the business to develop these technologies.
When discussing outbound data and exporting it out of their region, Gibson said: ”There are data localisation requirements that exist, but they tend to be sector focused. (Health data for example can’t be exported out of the country.) It’s a slightly complicated picture, and each business will need to think differently about it.”
Data export and data transfer have been at the forefront of concerns, with the problem traditionally been data fragmentation. Roudev explained: ”The DIFC is not the same as the GDPR law, it has a much more pragmatic approach to data transfer. The hallmark has been pragmatic regulation and pragmatic enforcement after that.”
PrivSec Global will take over two days and bring together leading experts from around the globe to address the fragmented privacy and cyber challenges worldwide.