In today’s fast-paced digital landscape, our lives are deeply intertwined with the virtual world. Over the past two decades, technology has revolutionized global communication, work, and entertainment. While the digital realm offers unparalleled convenience and efficiency, it also presents new challenges, especially in cybersecurity. The accessibility of the digital economy has created opportunities for misuse and abuse, leading to significant risks and consequences.
The Federal Decree-Law No. (34) of 2021 On Countering Rumors and Cybercrimes (‘UAE Cyber Law’) stands as a robust response to the increasing cybercrimes in the UAE. While the law benefits the average person, e-commerce businesses venturing into the digital realm may inadvertently trigger its provisions. It is, therefore, crucial for both companies and individuals to understand the potential infringements that may arise in this digital landscape.
The UAE Constitution guarantees the right to privacy for all individuals, including the protection of confidential electronic data/information. Any unauthorized action that breaches the confidentiality of an individual or company’s electronic data/information without consent is considered a violation under the UAE Cyber Law. Such violations may involve the illegal acquisition, possession, alteration, duplication, deletion, or dissemination of personal or confidential electronic data. According to the UAE Cyber Law, these offenses are subject to a minimum imprisonment term of 6 months and/or a fine. Moreover, if the breached information pertains to medical records, bank accounts, or e-payment details, it is considered an aggravating circumstance. Below are some of the offenses under the UAE Cyber Laws:
- Unlawful collection, storage, or processing of personal data and information of UAE Nationals and residents.
- Unauthorized disclosure of confidential information obtained by virtue of employment/service.
- Unlawful collection of login credentials/security codes of third parties.
E-commerce businesses should be cautious about the data collected on their platforms, as any unlawful collection, storage, or processing of personal data is punishable under the UAE Cyber Laws with imprisonment and/or fine.
Therefore, it is crucial for e-commerce businesses to establish a comprehensive data security policy that governs the collection, storage, disclosure, and handling of confidential/personal information obtained through their e-commerce platforms. Businesses must ensure transparency by maintaining an updated privacy policy on their e-commerce platforms, outlining the types of personal data collected, storage methods, disclosure policies, and data deletion procedures. Before granting third-party agents access to confidential information, companies should implement robust Non-Disclosure Agreements and thoroughly assess the information security policies and measures of these agents.
Therefore, understanding and adhering to UAE Cyber Laws is essential for e-commerce businesses to safeguard their operations and build trust with customers. By staying informed and seeking legal guidance when needed, companies can mitigate risks and thrive in the digital marketplace. Our legal experts specialize in advising clients on regulatory compliance, risk management, and data protection strategies tailored to the e-commerce industry. Contact us to know more!