The DIFC has launched a consultation on proposed amendments to the 2007 Data Protection Law. The consultation ends on 18 August 2019. If the amendments to DIFC Law No. 1/2007 are approved the Law’s remit will be expanded.
The main proposals are to align the 2007 law to incorporate international data protection standards, including elements of the EU General Data Protection Regulation and the California Consumer Privacy Act and not just incorporate EU best practices.
It is also proposed to expand the compliance framework and safeguards to include principles of accountability, jurisdiction, data breach notification, prior consultation and data protection officer appointments and provide clarity on consent and data subjects’ rights with respect to advance technology developments. Finally it is proposed to revise the powers of the Commissioner of Data Protection, administrative requirements and sanctions and enforcement.