Galadari Advocates & Legal Consultants | View firm profile
The UAE Cyber Security Council, formed in November 2020, is responsible for developing and overseeing a cyber security strategy that promotes a secure and resilient cyber infrastructure in the United Arab Emirates.
The establishment of the Cyber Security Council was followed by legislations that developed to ensure effective cyber solutions were implemented. This article provides a brief overview of the essential articles of the Federal Decree Law No.34 of 2021 on Combatting Rumors and Cybercrimes which hold significant importance. , We will also discuss the role of the UAE Cyber Security Council in fostering collaboration between the public and private sectors to enhance cybersecurity across the UAE.
- Article 2 of Federal Law no. 34 of 2021 on Combatting rumors and Cyber Crime (“The Law”) prohibits unauthorized access to electronic sites, and imposes fines ranging from AED 100,000 to AED 300,000. The article also specifies a penalty of imprisonment for a period of at least six months and/or a fine ranging from AED 150,000 to AED 500,000 for modifying, copying, deleting, disclosing and publishing any data or information obtained through unauthorized access to an electronic site, which results in harmful consequences such as destruction of the accessed website or obstruction of its If the unauthorized access was intended to obtain information for illegal purposes, The fine shall not be less than AED 200,000 and not more than AED 500,000, and an imprisonment period not less than one year.
- According to Article 4 of The Law, anyone who intentionally causes harm, destruction, suspension or disruption of a website, electronic information system, information network, or information technology will be punished with A minimum of one year’s imprisonment and a fine of at least AED 500,000, up to a maximum of AED 3 million. . if the damage was inflicted on a banking, media, health, or a scientific institution , or if the crime was committed as a result of an electronic attack to achieve illegal order, the penalty is temporary imprisonment and a fine ranging from AED 500,000 to AED 3 million.
- According to Article 48, individuals who engaged in certain activities through an information network, IT tool or websites may face penalties.
The penalties will include A minimum of AED 20,000 or a fine up to AED 500,000. Alternatively, the penalty may be a fine of AED 50,000 or one of the penalties. The following activities are punishable under this article:
- Promoting a product or service using false information or deceptive methods.
- Advertising, promoting, facilitating, or engaging in any way with a virtual currency, digital currency, stored value unit or any payment unit that is not officially recognized in the country or without a license from the relevant authority.
- The above law addresses a range of other offenses, including but not limited to: creating fake emails and websites, spreading false information and rumors, instigating rebellion against the law and constitution, advertising or organizing unauthorized demonstrations, collecting donations without a license, trading antiquities without proper authorization promoting sectarianism and sedition, and creating websites for the purpose of human trafficking.
The enactment of this law was necessary to safeguard individuals and organizations from the rising cyber threats which have become a challenge in today’s world. Criminals have an advantage in the borderless system of networks, allowing them to capitalize on anonymity and access.
Public-private partnerships involve cooperation between a government agency and a private-sector entity for the common good of the entire nation such as to finance, construction, and managing projects that aid in the country’s development in various domains.
To develop a cybersecurity strategy, the UAE Cybersecurity Council has formed multiple collaboration agreements with external service providers from the private sector over the last eight months. One such agreement has been made with Deloitte, one of the big four leading auditing and tax consulting firms and offers and extensive range of management and assurance services. Given the fact Deloitte audits around 20% of all US Public Companies, this partnership aims to introduce international best practices within the Cyber Security Council and provide cyber training.
Another collaboration was established with Huawei, one of the largest telecommunications equipment manufacturers in the world, to focus on research and thought leadership in cybersecurity. since telecommunication infrastructure is pivotal for protection, it is mandatory to invest in communications systems as a means of enabling security agencies to counter threats and safeguard society from harm.
Additionally, the UAE Cybersecurity Council signed an agreement with Amazon Web Services, a widely adopted cloud platform that offers several on-demand operations such as computing power, database storage, and content delivery to help companies scale and grow. The aim of this partnership is to assist (semi-)government entities in accelerating their migration to the cloud.
Giving the growing need for cybersecurity system globally, it is evident that the UAE has adopted a proactive approach in developing legislations tailored to the nation’s needs and establishing collaborations to protect organizations and citizens from cyber threats. However, since cybercrime poses one of the greatest risks to prosperity and combat and exponential growth in recent times, we recommend expanding the protection layer worldwide by collaborating with Interpol through their Global Cybercrime Program, which will facilitate international action to combat and reduce cybercrime.