Tuesday, September 22, 2020
A brand new knowledge safety legislation got here into drive within the Dubai Worldwide Monetary Centre (DIFC) on 1 July 2020. The brand new legislation, Legislation No. 5 of 2020 (DIFC DP Legislation), which repeals the Knowledge Safety Legislation No.1 of 2007, bears placing similarities to the EU’s Common Knowledge Safety Regulation (GDPR). The Legislation applies to controllers or processors that course of private knowledge within the DIFC frequently, whatever the entity’s place of incorporation.
The DIFC DP Legislation will likely be actively enforced as of 1 October 2020. Not like the state of affairs with the introduction of the GDPR, the place corporations had a two-year transition interval earlier than enforcement started, DIFC entities haven’t had a lot time to arrange for compliance. With the date of enforcement simply across the nook, it’s important for corporations working within the DIFC to take the time now to attain compliance with the brand new legislation in the event that they haven’t already accomplished so.
The DIFC DP Legislation attracts closely from the GDPR, a lot in order that the 2 can virtually be learn aspect by aspect. For instance, as with the GDPR, the DIFC DP Legislation:
requires data of processing to be stored;
follows the ideas of “controllers” and “processors” of knowledge, in addition to “joint controllers”;
establishes lawful bases required for any processing;
introduces basic necessities from processing knowledge akin to the info processing ideas contained within the GDPR;
follows the idea of Knowledge Safety Influence Assessments (DPIAs) to be carried out for ‘excessive danger’ processing;
grants knowledge topics rights on par with these granted by the GDPR;
grants knowledge topics the appropriate to hunt compensation the place they’ve suffered harm as the results of an infringement of the legislation;
prohibits worldwide transfers until there are acceptable safeguards in place; and
units out the standards for figuring out when an entity might want to appoint a Knowledge Safety Officer (DPO).
We’ve ready a desk containing a side-by-side comparability of the DIFC DP Legislation in opposition to the GDPR. The desk and data on how our EMEA Knowledge Safety Workforce will help you in your compliance efforts is out there right here.
Lucia Hartnett contributed to this text.
© Copyright 2020 Squire Patton Boggs (US) LLPNationwide Legislation Evaluate, Quantity X, Quantity 266