DIFC OUTREACH SESSION: IS YOUR DATA PROTECTED?

The Office of the Commissioner of Data Protection invites you to attend an outreach session in Data Protection in DIFC.

During the session, the speakers will address the following matters:

• Data-related due diligence on potential vendors;
• Overview of contractual mechanisms for protecting commercial data.
• Recent legal, regulatory and policy changes affecting enterprise data management.
• Use of off shore based Processors, ie. cloud storage providers, off-shore ethics hotlines, off-shore sanctions screening services etc.

The event is supported by Al Tamimi & Company and Simmons & Simmons LLP.

Agenda:

• 2:15 Arrival coffee and networking
• 2:30 Welcome note from the DIFC Commissioner of Data Protection, Ms. Raja Al Mazrouei
• 2:40 Protection of Commercial Data - Good Risk Management Strategies - Madonna Kobayssi, Associate, Technology, Media & Telecommunications, Simmons & Simmons LLP
• 3:00 - 3:10 Q&A session
• 3:10 Using Off-Shore Based Processors - Case Studies - Nick O'Connell, Senior Associate, Technology, Media & Telecommunications, Al Tamimi & Company
• 3:30 - 3:40 Q&A session
• 3:40 Overview – Supervision & Enforcement - Camelia Quinnell, Director -Data Protection, DIFC Authority
• 4.00 - 4:10 Q&A session
• 4:10 - 4:20 Outreach session Q&A
• 4:20 Event closes

Session details:

• Date: 30 November 2014
• Location: DIFC Conference Center
• For registration please click here

Who should attend:

Compliance officers, senior officers of DIFC companies with an interest in the area of Data Protection, legal advisors advising on data protection matters in the DIFC.

Raja Al Mazrouei, Commissioner of Data Protection, was appointed by Presidential Resolution on 3rd August 2014. In her capacity as the Commissioner of Data Protection, Raja is responsible for ensuring the fulfillment of the objectives of the Office of the Commissioner of Data Protection and administering the Data Protection Law and Regulations.

The General Data Protection Regulation (GDPR) is a European Union (EU) law that updates how entities that collect and use personal data may process it transparently, lawfully and fairly. Personal data is anything that can identify an individual. This new law provides such individuals with stronger rights to access their own personal data as well as to submit requests object, rectify or erase their personal data. It will become enforceable on May 25, 2018, meaning that EU regulators can from that date investigate whether a business is compliant with the law and, if not, take legal action accordingly.

While the current DIFC law, Data Protection Law DIFC Law No. 1 of 2007, remains fully in force, please note that the GDPR is very broadly applicable, including to certain operations of the DIFC itself as well as the entities that are registered in the DIFC. If you are unsure of whether it applies to your business and the personal data it handles, you may wish to seek external legal advice to ensure your business does not run afoul of the GDPR and its potentially heavy fines. The DIFC Commissioner of Data Protection does not provide legal advice, but may provide guidance including how it affects the DIFC or whether it is compatible with current DIFC law. Please see the DIFC Online Data Protection Policy for further information on how DIFC manages personal data.

Jacques Visser, Commissioner of Data Protection, was appointed by Presidential Resolution on July 2016. In his capacity as the Commissioner of Data Protection, Jacques is responsible for ensuring the fulfillment of the objectives of the Office of the Commissioner of Data Protection and administering the Data Protection Law and Regulations.

The Commissioner of Data Protection issues the Guide to Data Protection Law, DIFC No.1 of 2007 and Data Protection Regulations. To download the guide, visit the Data Protection Document Library.

DIFC OUTREACH SESSION: DATA PROTECTION IN THE DIFC & THE REGION

Data Protection Law in DIFC exists to strike a balance between the rights of individuals to privacy and the ability of organisations to use data for the purposes of their business. 

The Commissioner of Data Protection introduces amendments to the Data Protection Law.

The Commissioner of Data Protection introduces amendments to the Data Protection Law

The Commissioner of Data Protection announces today that His Highness Sheikh Mohammed Bin Rashid Al Maktoum, in his capacity as the Ruler of Dubai, has enacted the Data Protection Law Amendment Law (DIFC Law No. 5 of 2012).

The amendments to the Data Protection Law seek to provide greater legal certainty by addressing a number of deficiencies and practicalities which have been identified since the establishment of the DIFC in 2004.  The rational for the proposed amendments was fully presented in the consultation paper which is available on the DIFC Data Protection website

Consultation Paper No. 3 of 2011 on the Data Protection Law

The Data Protection Amendment Law 2012 was enacted and will come into force on Sunday 23rd December 2012, and is available on the DIFC Data Protection website.

The Board of Directors of the DIFC Authority also made regulations under the Data Protection Law.  These Regulations shall come into force on 23rd December 2012 and are available on the DIFC Data Protection website.

The Commissioner of Data Protection has posted the Data Protection Law & Regulations for 30 days of public consultation. To  view the consultation papers, visit the Legal Database and search for Past Consultation Papers