Update: Addition of some details gained from the Data Protection Laws of the World Handbook
This is part of a series of posts, each one focusing on a specific country in the Middle East and Africa, discussing the current state of laws and regulations around the cloud. Today we’ll be taking a look at the United Arab Emirates.
When trying to understand what can and cannot be done with data that is required to provide a public or private cloud service the following six “cloud governance concerns” can be considered:
- Can I store and process personal data and are there any requirements for me to be able to do so?
- Can I move personal data between different jurisdictions?
- Do I need to comply with any requests from individuals that own the data?
- Do I have to comply with requests to disclose personal data from other entities?
- How am I liable if data loss occurs?
- How long do I have to keep data?