UAE’s Telecommunications Regulatory Authority (TRA) Launches the National Cybersecurity Strategy… and it’s similar to GDPR

The UAE’s Telecommunications Regulatory Authority (TRA) launched the UAE National Cybersecurity Strategy at a press conference held at TRA offices in Abu Dhabi and Dubai, in the presence of H.E. Hamad Obaid Al Mansoori, TRA Director General, and a number of cybersecurity officials and directors in TRA. The new strategy aims to create safe and community members cyber infrastructure in the UAE that enables citizens and residents to fulfil their aspirations and empowers businesses to thrive.

In his opening speech, H.E. Al Mansoori noted that the UAE is rapidly advancing its Artificial Intelligence, big data, and Fourth Industrial Revolution tracks, driven by the strong momentum generated by a history of leadership and major achievements. He emphasized on the need for a national cybersecurity strategy as a main element in risk prevention and preparedness for security challenges in cyber space. He said:

“If we want to draw a future perception of the UAE, years from now, we would see the features of the smart city where millions of devices and platforms are connected, producing massive amounts of data, many of which will be at risk of piracy or privacy violation.” 

“The cybersecurity strategy is based on a well-known reality, that cyberspace provides vast horizons and endless opportunities for well-being, happiness and sustainable development. However, it also provides a gateway for hackers and phishers. It is obvious that the battle between the two sides is a battle of knowledge and technology, a battle of intelligence, perseverance and patience. Yet, in essence, it is a manifestation of the eternal conflict between good and evil.”

The development of the UAE National Cybersecurity Strategy is in line with the current phase requirements, which is witnessing an increased number of cybersecurity incidents globally, causing significant losses in global economy. Last year has witnessed an increase in the number of reported data security breaches by 42 per cent, while the annual cost of cybercrime reached 608 billion USD globally between 2014 and 2017.

The UAE National Cybersecurity Strategy has been developed based on the analysis of more than 50 sources of indicators and international publications, , including the European GDPR, in addition to working with a team of international experts and benchmarking with 10 leading countries in cybersecurity systems.

The new rules will take just 3 years to introduce an increased compliance burden for UAE based organisations and are similar to Europe and the United Kingdom’s GDPR that was introduced in May last year.

If any UAE based organiasations are processing the personal data of persons within, or from, the United Kingdom or Europe, not only do they have to comply with the conditions set out in GDPR, but they must appoint a UK and / or EU Representative based there to comply with article 27.

For more information about TDWico’s Outsourced Data Protection Officer and Article 27 Representative packages, that are available in the UAE, see