|
May 17, 2018 - Dubai, UAE: The latest scandal that unfolded with Facebook and how it has shared some user data with third parties has finally got everyone talking about data security and what could be done to properly protect the right to privacy – or, at least, the right to know who and how is using our data. It seems like the perfect timing for the General Data Protection Regulation (GDPR), EU's latest privacy law, to come into effect on May 25, 2018.
GDPR Applicable to Dubai Companies
The new Regulation is a comprehensive attempt to codify and reform EU rules on data protection and privacy as part of the EU legislation. According to the new rules, there is an increased focus on security as organizations collecting, storing and processing data are required to take steps in order to ensure that the personal data of clients, employees and other individuals affected are adequately protected from cyber-attacks. The GDPR is applicable to all businesses that provide goods and services to or monitor individuals within EU borders, irrespective of whether the organization is based in the EU/EEA. This makes the new rules directly relevant to Dubai businesses too, especially those providing goods and services online which can be easily accessed by EU residents. Non-compliance with the GDPR strict requirements can result in fines up to €20,000,000 (almost 88,000,000 AED) or 4% of a company's total global revenues.
Source: Pixabay
Increased Focus on Privacy
According to Article 25 of the GDPR, businesses need to shift towards the model of data protection by design and default. This means taking technical and organizational measures in order to safeguard anonymity of personal data as required and that only data that is necessary for a specific purpose will be gathered and processed. Furthermore, the Article obliges businesses to report data breaches within 72 hours. Considering that Dubai is a popular tourist destination for many EU residents and that there are many strategic partnerships in place between Dubai and EU businesses, the first step for Dubai companies would be to identify whether they fall under the scope of the new regime, which is significantly stricter than Dubai's privacy law – in fact, the GDPR is considered among the most rigorous data protection laws globally.
Source: Pexels
Dubai Airports Lead the Way in Proactive Compliance
Data breaches in Middle Eastern countries seem to be rising, in line with global trends that have seen ransomware attacks affect thousands of companies worldwide. In a proactive bid to comply with the new requirements, Dubai airports have partnered up with Box, a cloud computing company. This means that 2,000 employees in both Dubai International and Dubai World Central, which served more than 88 million visitors in 2017 alone, will now access files on the cloud through Box applications. The key behind migrating to Box, which can smoothly integrate with popular software tools like Office365 and Okta, was the aim of making sure that Dubai Airport operations are in line with the new GDPR standards, all the while serving the company's efforts to go fully digital in time.
The new data protection rules are a reality and the time for Dubai companies to act is now, if they want to ensure compliance and avoid hefty fines. Perhaps this will also be a good opportunity to start a debate on Dubai's privacy laws.
|
RSS Feed 
