Initiative follows a period of public consultation, where the proposed Regulations received positive public feedback. ADGM conducted an international benchmark of international standards and best practices and believes the European Union’s General Data Protection Regulation (which took effect in May 2018) is the leading international standard and best practice for robust Data Protection legislation. The new Regulations are adapted to the needs of ADGM and are intended to be proportionate and business friendly, without undermining the key ambition of achieving a high standard of protection for personal data.
Important feature of the new framework is the establishment of an independent Office of Data Protection, headed by a Commissioner of Data Protection. The Board of the ADGM has appointed Sami Mohammed as the ADGM Commissioner of Data Protection. Mohammed has over 18 years’ experience in both the public and private sectors in the UAE including in financial services, commercial legislation, data privacy and protection, anti-money laundering and counter terrorism funding, across various roles including licensing, supervision, enforcement and policy. ADGM recognizes that adoption of the new Regulations will result in significant changes and additional responsibilities for Data Controllers and Data Processors. Accordingly, a transition period is proposed of 12 months for current establishments, and 6 months for new establishments, from 14 February 2021.