Dubai International Financial Centre (DIFC), the leading international financial hub in the Middle East, Africa and South Asia (MEASA) region, has proposed the enactment of legislation to enhance the regulatory framework in the DIFC, bringing it in line with international best practice. In doing so, DIFC Authority has taken into account specific factors relating to the DIFC and the need to provide an appropriate regulatory environment for businesses to operate in or from the Centre.
The Consultation Papers seek public comments on a legislative proposals setting out a fully updated Data Protection Law, with Regulations to follow. The proposed overhauled law is the subject of Consultation Paper No. 6 of 2019.
An overview of the key features of each legislative proposal is summarised below:
Consultation Paper No. 6 of 2019 – Data Protection Law
The DIFC intends to replace and expand the existing Data Protection Law No. 1 of 2007.
The key aspects of the legislative proposal include:
- aligning the current law from being purely EU focused, based on the previous Directive 95/46/EC, to incorporate international data protection standards, including elements of the EU General Data Protection Regulation and the California Consumer Privacy Act;
- expanding the compliance framework and safeguards to include principles of accountability, jurisdiction, data breach notification, prior consultation and data protection officer appointments;
- providing for clarity on consent and data subjects’ rights with respect to advance technology developments; and
- revision of powers of the Commissioner of Data Protection, administrative requirements and sanctions / enforcement.
The above legislative proposal has been posted for a 60-day public consultation period with the deadline for providing comments ending on August 18, 2019.
The consultation papers and legislative proposals can be accessed by visiting: www.difc.ae/laws-regulations/consultation-papers
|