In late 2019, the Telecommunications Regulatory Authority (TRA) of UAE confirmed the issuance of a national cybersecurity strategy in order to follow the data protection policies under the General Data Protection Regulation (GDPR), Europe. The intention behind the promulgation of the new law is to ensure stricter penalties and to curb ever-increasing cybercrime or risks. The upcoming amendment in the cyber law has urged the Lawyer in Dubai to share their valuable thoughts on the concerned subject matter in the below paragraphs.

Present Scenario
UAE has not issued any specific data-protection law so far, albeit an interwoven of different laws offering few privacy rights and forbids certain activities, including the divulgence of electronic information illegally. There are specific provisions under different laws regulating the right to privacy under a specific circumstance, outlined below:

UAE Constitution: The Constitution of UAE offers the right of freedom to communicate through the post; the law shall secure telegraph and other communication means and confidentiality and privacy of the same.

UAE Civil Code: Federal Law number 5 of 1985 confirms and authorized an individual who had to suffer a wrongful infringement of rights has the right to seek compensation. Additionally, an illegal invasion of the right to privacy provided under the constitution constitutes a wrongful act allowing the victim to seek damages.

UAE Criminal Code: The law forbids any individual having personal information to reveal it in the public domain, even if it is true and failure to abide by this law will invite imprisonment and/or fine. The law further involves corporate entities and their directors or partners can be held responsible for revealing any confidential data.

Cyber-Crime LAW: in 2012 UAE government issued Federal Law number 5 of 2012 to majorly regulate the misuse of any electronic information, including, but not limited to, hacking, personification, fraud, phishing, and other internet-related crimes.

Apart from the foregoing law, two major financial free zones such as DIFC (Dubai International Financial Centre) and ADGM (Abu Dhabi Global Market) that have their own data protection laws such as DIFC Law number 1 of 2007 as amended by 2012 and Data Protection Regulations 2015 as recently amended by 2018.

To conclude, I believe that the recent amends in the cyber-crime law and the intention of issuing a new data protection law will protect the individual interest on an international level. Nevertheless, there are multiple questions in such regards, which can only be answered upon the release of the law and its implementation. In a broader sense, the data law will protect personal information and will allow the release of non-personal information in a legal way.��