Middle East

Below, you can find the IAPP’s collection of coverage, analysis and resources related to the privacy industry in the Middle East region.

Featured Resources Latest News and Resources Regional Resources

Featured Resources

Amendments in Turkish data protection law

The KVKK seeks to amend Articles 6 and 9 of the LPDP on the processing special category of personal data and cross-border data transfers. The proposal has yet to be shared with the National Assembly, but is expected to be approved and take force sometime in 2022.
Read More

10 steps to prepare for the UAE’s Data Protection Law

Change is coming for the organizations in the United Arab Emirates after passage of the 2021 Personal Data Protection Law in November. This article provides a rundown of the top-10 considerations for organizations to comply with the new regulation.
Read More

Middle East: Stalling on compliance is not an option

As Middle Eastern countries ramp up their regulatory oversight and rigor over data protection, companies in the region are seeking guidance on how to evaluate their risk, implement data privacy frameworks and uphold compliance. Given a multitude of complexities, it is very difficult for organizations to stay abreast of all the requirements.
Read More

Latest News and Resources

Keynote: Zahra Mosawi, Ex-Commissioner, Access to Information Commission of Afghanistan (IAPP Global Privacy Summit 2022)

Zahra Mosawi, former commissioner of the Access to Information Commission of Afghanistan, speaks about her experience working to establish freedom of expression and information rights for the Afghan people. Read More

Save This

Implementation of Saudia Arabia’s PDPL delayed to 2023

The Saudi Data and Artificial Intelligence Authority postponed implementation of the Personal Data Protection Law until March 17, 2023, the Saudi Gazette reports. In a press release shared on Twitter, the SDAIA said the postponement follows stakeholder views and responses to a public consultation and was made “in order to achieve the ultimate goal of such a law.” The SDAIA encouraged stakeholders to participate in a second public consultation process to “enhance” the law, which had been set to t... Read More

Save This

How to prepare for Saudi Arabia’s Personal Data Protection Law

In September 2021, the Kingdom of Saudi Arabia issued its Personal Data Protection Law to regulate the processing of personal data. The PDPL is the first federal, sector-agnostic data privacy legislation in Saudi Arabia. Organizations will be faced with significant changes to their operations to ensure compliance. The PDPL comes into effect only 180 days after the publication in the Official Gazette, meaning the law will be effective March 23, subject to the passage of the implementing regulati... Read More

Save This

DPOs in Israel — An analysis of a regulatory maze

Do Israeli privacy laws mandate the appointment of a data protection officer? The simple answer is that currently, it is not entirely clear. Israel faces significant changes to its privacy laws and the duty to appoint a DPO may either become part of the law or remain a regulatory recommendation only. On Jan. 25, the Protection of Privacy Authority released guidelines on the appointment of data protection officers, their roles and responsibilities. The guidelines set forth recommendations and re... Read More

Save This

A turning point for privacy laws in Israel

Israel is recognized around the world as an important technology hub. It is home to hundreds of large, multinational tech corporations operating substantial local research and development, sales, and management activities. It is the incubator for thousands of startups, dozens of which are publicly traded unicorns. And it boasts an environment where innovation is fostered, growth achieved and the commerce of modern industries flourishes on a global scale. Because data is a core asset in many tec... Read More

Save This

	Oman approves data protection law (IAPP, February 2022)
	Dubai International Financial Centre: Guides on Data Protection (DIFC, November 2022)
	UAE president signs off on Personal Data Protection Law (IAPP, November 2022)
	Privacy Violated: Protection of Customers’ Personal Information by Internet Service Providers in Palestine (Access Now, August 2021)
	Taliban reportedly seize US military biometrics devices (IAPP, August 2021)
	Abu Dhabi Global Market releases Data Protection Regulations 2021 guidelines (IAPP, August 2021)
	China, League of Arab States sign data security agreement (IAPP, April 2021)
	Regulatory activism — The unique Israeli journey (IAPP, February 2021)
	Exposed and exploited: Data protection in the Middle East and North Africa (Access Now, January 2021)
	Big data and the pursuit of herd immunity: Israel’s COVID-19 data-sharing agreement (IAPP, January 2021)
	How one tech vendor adapted its services in response to ‘Schrems II’ (IAPP, September 2020)
	New Data Protection Law in the DIFC: Who does it apply to, and how does it compare with the GDPR? (Latham & Watkins, September 2020)
	Data breach cost in Middle East higher than global average (IAPP, August 2020)
	Web Conference: Keeping Up and Staying Ahead of the Global Privacy Landscape (IAPP, July 2020)