The soon-to-be implemented General Data Protection Regulation (GDPR) will have an impact on companies and institutions in the Middle East as well. Even as particulars of how this may affect the region are still unclear, several legal entities have cautioned companies to exert caution.
According to Galadari Advocates & Legal Consultants, entities operating in the UAE with website and online platforms accessed by users in the EU are advised to adhere to the new regulation prior to its implementation by the end of this month, regardless of these firm’s activities.
According to EUGDPR.org, organizations that do not comply with the new regulation can face fines of up to 4 percent of annual global turnover or EUR 20 Million.
Davide Paoli, Senior Associate at Galadari Advocates & Legal Consultants explained that organizations in the region will potentially be subject to GDPR, regardless of the type of their activities. In essence, all companies that seek to have any relationship with Europe, if users’ data is processed or monitored in any form, must comply with the new regulation.
“GDPR provides an incentive for companies to look at data in a new way; so instead of having the upper hand by hold users’ information, they now must do whatever they can to protect this data. One difference people will discernably notice is the reduction of spam emails, as companies will be prohibited to sell user information under GDPR,” added Mr Paoli.
Alexandros Nousias, a Compliance Consultant elaborated that GDPR is not only about the fines, but also about creating new sustainable business models. “The EU market will look for businesses that are in compliance with regulations, such as GDPR. As such, companies in the region are advised to adhere to the regulation in order to increase their attractiveness in the EU market,” he said.