Why Data Protection Matters
In an era of increased globalization and electronic advances, information has never been more readily available and transmittable. Businesses and international banking and financial services organizations, are increasingly exchanging personal data electronically and across borders.
Personal Data includes any information relating to an individual’s name, age, home address, race, sexual orientation, income, health, blood type, marital status, education, and employment information is internationally considered as Sensitive Personal Data. The result of the processing and mishandling –voluntary or involuntary- of personal data can have significant consequences, including credit card and identity theft. It is crucial that individuals’ right to privacy is protected by establishing effective data protection laws and enforcing legal safeguards to secure and protect personal data and its processing. Today governments and regulators world-wide, with the EU countries in the fore-front, are increasingly calling for measures to protect privacy and the adoption of data protection regimes to enforce such safeguards. The Office of the Data Protection Commissioner was established under the Data Protection Law of 2007 as amended by Data Protection Law Amendment Law, DIFC Law No. 5 of 2012 (Data Protection Law) as a neutral and objective body to ensure the protection of all personal information in the DIFC.
The updated Data Protection Law and Data Protection Regulations 2020 (collectively the “legislation”) create a legal and procedural framework which ensure that all personal data in the DIFC is treated fairly, lawfully and securely when it is stored, processed, used, disseminated or disclosed.
The Data Protection Law encompasses and applies to regulated entities, including all banks and financial institutions, as well as non-regulated organisations that may process personal data to carry out their business activities.
Benefits Of Registration For Companies
- Registration will ensure that personal data are processed in accordance with the fundamental respect for the right to privacy and confidentiality without hindering the flow of data.
- Requires companies (i.e. data controllers) to be transparent and open about their data processing activities as well as take necessary measures to correct the gaps in their security structures, from a business, technical and a legal standpoint.
- One of the critical areas where data protection is relevant is business processing operations and outsourcing. Activities such as insurance claims management and payment processing activities typically handle and process large amounts of personal data. More recently offshore outsourcing has been under much scrutiny for failing to address data protection issues. With established safeguards in place, this will help in facilitating activities related to back office functions that are essential for the operation of banks and financial institutions.
Benefits Of Registration For Individuals
- Protects and raises awareness of individuals’ rights to privacy and confidentiality.
- Promote openness, transparency and disclosure, in the use of personal information and helps individuals understand how their personal information is being processed by data controllers.
- Allows individuals to request the correction of individual and/or personal information being processed.
Mission Statement – Office Of The Commissioner Of Data Protection
The Office of the Commissioner of Data Protection is the independent regulator set up to uphold information rights in the public interest and data privacy for individuals in or from the Dubai International Financial Centre (“DIFC”). Its mission is to uphold and protect information rights in the public interest and promote data privacy in the DIFC. In discharging its regulatory mandate, the Office of the Commissioner of Data Protection will demonstrate professionalism, independence, efficiency and leadership upholding the DIFC guiding principles of integrity, transparency and efficiency.