Dubai International Financial Centre (DIFC)
Cookies on the DIFC Site

This website uses cookies in order to offer you the most relevant information. Please accept cookies for optimal performance.

ContinueFind out more×

News

Latest News and Events Related to Data Protection

May 2018

The General Data Protection Regulation (GDPR) is a European Union (EU) law that updates how entities that collect and use personal data may process it transparently, lawfully and fairly. Personal data is anything that can identify an individual. This new law provides such individuals with stronger rights to access their own personal data as well as to submit requests object, rectify or erase their personal data. It will become enforceable on May 25, 2018, meaning that EU regulators can from that date investigate whether a business is compliant with the law and, if not, take legal action accordingly.

While the current DIFC law, Data Protection Law DIFC Law No. 1 of 2007, remains fully in force, please note that the GDPR is very broadly applicable, including to certain operations of the DIFC itself as well as the entities that are registered in the DIFC. If you are unsure of whether it applies to your business and the personal data it handles, you may wish to seek external legal advice to ensure your business does not run afoul of the GDPR and its potentially heavy fines. The DIFC Commissioner of Data Protection does not provide legal advice, but may provide guidance including how it affects the DIFC or whether it is compatible with current DIFC law. Please see the DIFC Online Data Protection Policy for further information on how DIFC manages personal data.

1 February 2016

Notice to Produce – DIFC Commissioner of Data Protection

Download

26 October 2015

The DIFC Commissioner of Data Protection issues guidance on adequacy status relating to US Safe Harbor Recipients.

Download

30 November 2014

Protection of Commercial Data – Good Risk Management Strategies

Download

July 2016

Jacques Visser, Commissioner of Data Protection, was appointed by Presidential Resolution on July 2016. In his capacity as the Commissioner of Data Protection, Jacques is responsible for ensuring the fulfillment of the objectives of the Office of the Commissioner of Data Protection and administering the Data Protection Law and Regulations.

2 November 2014

DIFC OUTREACH SESSION: IS YOUR DATA PROTECTED?

The Office of the Commissioner of Data Protection invites you to attend an outreach session in Data Protection in DIFC.

During the session, the speakers will address the following matters:

  • Data-related due diligence on potential vendors;
  • Overview of contractual mechanisms for protecting commercial data.
  • Recent legal, regulatory and policy changes affecting enterprise data management.
  • Use of off shore based Processors, ie. cloud storage providers, off-shore ethics hotlines, off-shore sanctions screening services etc.

The event is supported by Al Tamimi & Company and Simmons & Simmons LLP.

Agenda:

  • 2:15 Arrival coffee and networking
  • 2:30 Welcome note from the DIFC Commissioner of Data Protection, Ms. Raja Al Mazrouei
  • 2:40 Protection of Commercial Data - Good Risk Management Strategies - Madonna Kobayssi, Associate, Technology, Media & Telecommunications, Simmons & Simmons LLP
  • 3:00 - 3:10 Q&A session
  • 3:10 Using Off-Shore Based Processors - Case Studies - Nick O'Connell, Senior Associate, Technology, Media & Telecommunications, Al Tamimi & Company
  • 3:30 - 3:40 Q&A session
  • 3:40 Overview – Supervision & Enforcement - Camelia Quinnell, Director -Data Protection, DIFC Authority
  • 4.00 - 4:10 Q&A session
  • 4:10 - 4:20 Outreach session Q&A
  • 4:20 Event closes

Session details:

  • Date: 30 November 2014
  • Location: DIFC Conference Center
  • For registration please click here

Who should attend:

Compliance officers, senior officers of DIFC companies with an interest in the area of Data Protection, legal advisors advising on data protection matters in the DIFC.

3 August 2014

Raja Al Mazrouei, Commissioner of Data Protection, was appointed by Presidential Resolution on 3rd August 2014. In her capacity as the Commissioner of Data Protection, Raja is responsible for ensuring the fulfillment of the objectives of the Office of the Commissioner of Data Protection and administering the Data Protection Law and Regulations.

12 May 2013

DIFC OUTREACH SESSION: DATA PROTECTION IN THE DIFC & THE REGION

Data Protection Law in DIFC exists to strike a balance between the rights of individuals to privacy and the ability of organisations to use data for the purposes of their business.

Date: Tuesday, 4 June 2013

Venue: DIFC Conference Centre

Data Protection Law in DIFC exists to strike a balance between the rights of individuals to privacy and the ability of organisations to use data for the purposes of their business. The Commissioner of Data Protection will host an outreach session in Data Protection. The seminar will focus on the amendments to the Data Protection Law 2007 (Law) that came into effect in December 2012, and the main obligations imposed on data controllers under the Law. The event is supported by Allen & Overy, Al Tamimi & Co., Clifford Chance and Norton Rose.

Agenda

  • 8:30 Arrival coffee and networking
  • 9:00 An introduction to the DIFC Data Protection Law 2007 and its amendments introduced in December 2012 - Roberta Calarese, Commissioner of Data Protection & Camelia Quinnell, Legal Counsel, DIFC Authority
  • 9:20 An overview of the eight data protection principles - Tom Butcher, Counsel, Allen & Overy and Andrew Kenning, Senior Associate, Allen & Overy
  • 9:40 - 9:50 Q&A session
  • 9:50 Sharing data with regulators - Graham Lovett, Partner, Clifford Chance & Jodi Griffiths, Lawyer, Clifford Chance
  • 10:10 - 10:20 Q&A session
  • 10:20 Responding to data breaches - Dino Wilkinson, Partner, Norton Rose
  • 10:40 - 10:50 Q&A session
  • 10:50 A general overview of the data protection in the region (UAE, Qatar, Oman etc.) - Nick O’Connell, Senior Associate, Al Tamimi & Co.
  • 11:10 - 11:20 Q&A session
  • 11:30 Event closes

Who should attend

Compliance officers, senior officers of DIFC companies with an interest in the area of Data Protection, legal advisors advising on data protection matters in the DIFC

23 December 2012

The Commissioner of Data Protection introduces amendments to the Data Protection Law.

The Commissioner of Data Protection introduces amendments to the Data Protection Law

The Commissioner of Data Protection announces today that His Highness Sheikh Mohammed Bin Rashid Al Maktoum, in his capacity as the Ruler of Dubai, has enacted the Data Protection Law Amendment Law (DIFC Law No. 5 of 2012).

The amendments to the Data Protection Law seek to provide greater legal certainty by addressing a number of deficiencies and practicalities which have been identified since the establishment of the DIFC in 2004. The rational for the proposed amendments was fully presented in the consultation paper which is available on the DIFC Data Protection website

Consultation Paper No. 3 of 2011 on the Data Protection Law

The Data Protection Amendment Law 2012 was enacted and will come into force on Sunday 23rd December 2012, and is available on the DIFC Data Protection website.

The Board of Directors of the DIFC Authority also made regulations under the Data Protection Law. These Regulations shall come into force on 23rd December 2012 and are available on the DIFC Data Protection website.

15 December 2011

The Commissioner of Data Protection has posted the Data Protection Law & Regulations for 30 days of public consultation. To view the consultation papers, visit the Legal Database and search for Past Consultation Papers

For better web experience, please use the website in portrait mode