{"id":109906,"date":"2025-08-06T14:13:42","date_gmt":"2025-08-06T14:13:42","guid":{"rendered":"https:\/\/my.legal500.com\/guides\/?post_type=comparative_guide&#038;p=109906"},"modified":"2025-08-19T11:29:11","modified_gmt":"2025-08-19T11:29:11","slug":"uae-tmt","status":"publish","type":"comparative_guide","link":"https:\/\/my.legal500.com\/guides\/chapter\/uae-tmt\/","title":{"rendered":"United Arab Emirates: TMT"},"content":{"rendered":"","protected":false},"template":"","class_list":["post-109906","comparative_guide","type-comparative_guide","status-publish","hentry","guides-tmt","jurisdictions-uae"],"acf":[],"appp":{"post_list":{"below_title":"<div class=\"guide-author-details\"><span class=\"guide-author\">KARM Legal Consultants<\/span><span class=\"guide-author-logo\"><img src=\"https:\/\/my.legal500.com\/guides\/wp-content\/uploads\/sites\/1\/2024\/01\/KARM-white-background-1.jpeg\"\/><\/span><\/div>"},"post_detail":{"above_title":"<div class=\"guide-author-details\"><span class=\"guide-author\">KARM Legal Consultants<\/span><span class=\"guide-author-logo\"><img src=\"https:\/\/my.legal500.com\/guides\/wp-content\/uploads\/sites\/1\/2024\/01\/KARM-white-background-1.jpeg\"\/><\/span><\/div>","below_title":"<span class=\"guide-intro\">This country specific Q&amp;A provides an overview of TMT laws and regulations applicable in United Arab Emirates<\/span><div class=\"guide-content\"><div class=\"filter\">\r\n\r\n\t\t\t\t<input type=\"text\" placeholder=\"Search questions and answers...\" class=\"filter-container__search-field\">\r\n\t\t\t<\/div>\r\n\r\n\t\t\t\r\n\r\n\r\n\t\t\t<ol class=\"custom-counter\">\r\n\r\n\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 How are proprietary rights in software and associated materials protected?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>In the UAE, software and its related materials are protected under the copyright laws. Specifically, Federal Decree-Law No. (38) of 2021 (&#8220;<strong>UAE Copyright Law<\/strong>&#8220;) on Copyrights and Neighbouring Rights, which extends its coverage to &#8220;smart applications, computer programs and applications, and databases,&#8221; thereby encompassing software and its associated materials.<\/p>\n<p>A key commercial advantage is that official registration of software or any other copyrightable work is not mandatory to secure legal protections and rights under UAE law. Article 4(2) of the UAE Copyright Law confirms that copyright protection is inherent and effective from the moment of creation, regardless of whether the work is formally registered. The Federal Decree fully safeguards the work as intended, irrespective of its registration status.<\/p>\n<p>For all software and associated materials, any licensing of economic rights must be formalized through a contractual agreement to be deemed valid under the Federal Decree, as stipulated by Article 12 of the UAE Copyright Law. This emphasizes the need for clear, written agreements for commercial exploitation.<\/p>\n<p>It&#8217;s crucial to note that unauthorized use of copyrighted software is strictly prohibited and carries penalties under Articles 40 and 41 of the UAE Copyright Law. This includes using, downloading, or storing such software without the explicit permission of the original author. This provision strongly deters infringement and reinforces the author&#8217;s control over their copyrighted works.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 In the event that software is developed by a software developer, consultant or other party for a customer, who will own the resulting proprietary rights in the newly created software in the absence of any agreed contractual position?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>As per Article 28 of UAE Copyright Law, when software and related materials are developed under a &#8220;work-for-hire&#8221; arrangement, meaning the author creates the work <em>for<\/em> another party, the copyright ownership typically vests with the commissioning party (the individual or entity for whom the work was made), unless a specific written agreement states otherwise.<\/p>\n<p><strong>Example<\/strong><\/p>\n<p>The copyright ownership for a work generally follows these rules: if you hire someone specifically to create a work for you, you own the copyright. If an employee creates something relevant to their job, using company resources or instructions, the company usually owns the copyright, acknowledging the employee&#8217;s creative input. However, if an employee creates something completely unrelated to their job and without using any company resources, then the employee retains all copyright ownership.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 Are there any specific laws that govern the harm \/ liability caused by Software \/ computer systems?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The UAE&#8217;s Federal Decree-Law No. (34) of 2021 on Countering Rumours and Cybercrimes (&#8220;<strong>Cyber Law<\/strong>&#8220;) imposes significant penalties for unauthorized digital activities. Businesses and individuals alike must understand that any use of software to engage in hacking, unauthorized access, data interception, destruction, leakage, or unapproved dissemination or storage of data is strictly prohibited and will be met with severe legal consequences under this robust legislation.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 To the extent not covered by (3) above, are there any specific laws that govern the use (or misuse) of software \/ computer systems?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>As per Article 20 1(c) Federal Decree by Law No. (45) of 2021 Concerning the Protection of Personal Data (<strong>PDPL<\/strong>) both the &#8220;Controller&#8221; (the one who decides how and why data is processed) and the &#8220;Processor&#8221; (the one who processes data on behalf of the Controller) must put in place strong technical and organizational safeguards by applying measures which ensure timely retrieval of and access to Personal Data in case of any actual or technical failure.<\/p>\n<p>Under the UAE&#8217;s Federal Law No. 15 of 2020 on Consumer Protection (\u201c<strong>Consumer Protection Law\u201d<\/strong>), software and its related materials are classified as &#8220;Goods,&#8221; bringing them under the scope of consumer protection. \u201cGoods\u201d under the law has been defined as \u201cEvery natural, industrial, agricultural, animal, transformative, intellectual, or technical product, including the raw materials of the substances and components of the product.\u201d<\/p>\n<p>This means software suppliers face significant obligations regarding product quality and consumer safety (Articles 11-13). Specifically, if software is found to be harmful, suppliers <em>must<\/em> report potential damages and prevention methods to the Ministry of Economy such report should comprise of the potential damages which might be caused by the Software and the ways to prevent the same. In case of malfunctions, suppliers are obligated to repair, replace, or refund the software&#8217;s price and if a substantial malfunction recurs three times, the supplier must provide a free replacement to the consumer.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (Licence and SaaS) \u2013 Other than as identified elsewhere in this overview, are there any technology-specific laws that govern the provision of software between a software vendor and customer, including any laws that govern the use of cloud technology?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Federal Decree-Law No. 46 of 2021 on Electronic Transactions and Trust Services provides the legal framework for electronic transactions and validates digital documents, signatures, and transactions are just as valid as physical ones in court. This law makes it clear that electronic records hold legal weight.<\/p>\n<p>While there are no specific laws directly governing the relationship between software vendors and customers, certain regulations do apply to financial institutions, virtual asset service providers (<strong>\u201cVASP\u201d<\/strong>), and health tech providers when they utilize software and cloud services.<\/p>\n<p>The Central Bank of UAE\u2019s has issued Guidelines for Financial Institutions Adopting Enabling Technologies to promote safety, enhance transparency, and reduce systemic risks. These rules apply to all financial institutions which are regulated by the Central Bank of UAE (<strong>CBUAE<\/strong>), Securities and Commodities Authority (<strong>SCA<\/strong>), Dubai Financial Services Authority (<strong>DFSA<\/strong>) of the Dubai International Financial Centre (<strong>DIFC<\/strong>) and the Financial Services Regulatory Authority (<strong>FSRA<\/strong>) of Abu Dhabi Global Market (<strong>ADGM<\/strong>). They specifically address the use of Application Programming Interfaces and Cloud Computing technologies emphasising on the need for a comprehensive governance structure, structured monitoring, auditability and regular assessments.<\/p>\n<p>All VASPs licensed by the Virtual Assets Regulatory Authority (<strong>\u201cVARA\u201d<\/strong>) need to comply with the Technology and Information Rulebook issued by VARA. The Technology and Information Rulebook mandates that VASP\u2019s maintain a well-rounded governance structure; develop a risk assessment framework proportionate to their scale, complexity and diversity of operations; put in place a stringent technology governance mechanism which includes all the appropriate governance and system control policies.<\/p>\n<p>In May 2023, the UAE Cyber Security Council introduced the National Cloud Computing Policy, a critical framework designed to elevate cloud security standards across the nation. This policy provides essential guidance for the entire cloud ecosystem, establishing clear security requirements that benefit both Cloud Service Providers (<strong>CSPs<\/strong>) and their customers while fostering investment and market growth. For businesses leveraging cloud services, the policy notably emphasizes governance frameworks, comprehensive risk management, stringent third-party and supply chain security, and the necessity of independent testing. Furthermore, CSPs operating in the UAE are now explicitly required to implement strong data security practices, including advanced data governance policies covering classification, handling, labelling, lifecycle management, encryption, and data location awareness. Compliance with this policy is paramount for secure and successful cloud operations in the UAE.<\/p>\n<p>The Federal Law No. (2) of 2019, Concerning the Use of the Information and Communications Technology in Health Fields places additional obligations on the use of \u201cInformation and Communications Technology\u201d in the field of health, such as:<\/p>\n<ol style=\"padding-left: 0\" type=\"a\">\n<li>Maintaining strict confidentiality with respect to health data<\/li>\n<li>Ensure the validity and security of health data<\/li>\n<li>Facilitate easy access and availability of health data to authorised personnel<\/li>\n<\/ol>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Is it typical for a software vendor to cap its maximum financial liability to a customer in a software transaction? If \u2018yes\u2019, what would be considered a market standard level of cap?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>It is common for software transactions to include liability caps for the vendor. While there&#8217;s no fixed standard, the level of the cap typically depends on factors like the relative bargaining strength of the parties and the nature of the agreement. In practice, liability caps often fall within the range of the total contract value or the annual fees paid for the software subscription.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Please comment on whether any of the following areas of liability would typically be excluded from any financial cap on the software vendor\u2019s liability to the customer or subject to a separate enhanced cap in a negotiated software transaction (i.e. unlimited liability): (a) confidentiality breaches; (b) data protection breaches; (c) data security breaches (including loss of data); (d) IPR infringement claims; (e) breaches of applicable law; (f) regulatory fines; (g) wilful or deliberate breaches.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>In most cases (a) confidentiality breaches, (b) data protection breaches (c) data security breaches (d) IPR infringement claims and (g) wilful or deliberate breaches are typically excluded from the liability cap. However, except for (g) wilful and deliberate breaches, a software vendor would push for all the aforementioned areas of liability to either fall under the general cap or a separate enhanced liability cap.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Is it normal practice for software source codes to be held in escrow for the benefit of the software licensee? If so, who are the typical escrow providers used? Is an equivalent service offered for cloud-based software?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The practice of holding software source code in escrow is not widely adopted in the UAE, but software source code escrow is increasingly recognized as a crucial business continuity and risk mitigation strategy in the UAE. This service safeguards critical business software by securely holding its source code, protecting both the licensee&#8217;s investment and the licensor&#8217;s intellectual property in software licensing agreements. By leveraging escrow, licensees gain assurance against potential disruptions like hacking, theft, or data corruption, ensuring operational continuity. Concurrently, licensors benefit from state-of-the-art security and surveillance for their bespoke software assets.<\/p>\n<p><strong>Market Updates<\/strong><\/p>\n<p>Few of the notable companies providing software escrow services in the UAE is Escode, TUV SUD and TrustIN which offers specialised services for cloud-based software solutions.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Are there any export controls that apply to software transactions?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Federal Decree Law No. (43) of 2021 on the Goods Subject to Non-Proliferation governs export controls on commodities in the UAE. The term \u201cgoods\u201d includes materials, systems, equipment, components, software or technology listed in the control list issued by the Council of Ministers.<\/p>\n<p>In accordance with the list published by the Council of Ministers if a software is used for military or security purposes it will be subject to export controls in the UAE and hence would need the approval of the Executive Office of Control and Non-Proliferation.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">IT Outsourcing \u2013 Other than as identified elsewhere in this questionnaire, are there any specific technology laws that govern IT outsourcing transactions?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are no specific technology laws governing IT outsourcing in the UAE.<\/p>\n<p>In spite of that, various laws and regulations have in-built provisions providing guidance on internal policy requirements for IT functions, outsourcing, and minimum requirements for outsourcing agreements in relation to the specific activity(ies) regulated thereunder.<\/p>\n<p>Specifically, wherever IT Outsourcing is being undertaken by regulated entities, like exchange houses, banks, insurance providers or VASPs the sector specific laws that prescribe standards and rules for outsourcing.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">IT Outsourcing \u2013 Please summarise the principal laws (present or impending), if any, that protect individual staff in the event that the service they perform is transferred to a third party IT outsource provider, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>No specific law exists in relation to the transfer of an employee\u2019s work to a third party which would effectively render the employee dismissed. Nonetheless, the federal employment law framework provides procedural and substantive obligations for employees to follow in terminating the services of an employee.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Telecommunications \u2013 Please summarise the principal laws (present or impending), if any, that govern telecommunications networks and\/or services, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The primary legislation governing the telecommunications sector within the UAE (including all free zones) is the Federal Law by Decree No. 3 of 2003 Regarding the Organization of Telecommunications Sector (as amended) (\u201c<strong>Telecommunications Law<\/strong>\u201d), supplemented by several regulations, rulings, and licensing guidelines. Telecommunications and Digital Government Regulatory Authority (<strong>TDRA<\/strong>) has been established under the Telecommunications Law as the statutory body, responsible for regulating and managing telecommunications and information technologies in the UAE.<\/p>\n<p>The Telecommunications Law mandates a licensing requirement for the sale, provision, or operation of a \u2018Telecommunication services\u2019, though some services can be provided through agreements with existing UAE licensed operators. Telecommunication Services are defined as the service of transmitting, broadcasting, switching, or receiving by means of a telecommunications networking any of the following:<\/p>\n<ol style=\"padding-left: 0\" type=\"a\">\n<li>wired and wireless telecommunications;<\/li>\n<li>voice, music, and other sounds;<\/li>\n<li>visual images;<\/li>\n<li>signals used in radio and TV broadcasting;<\/li>\n<li>signals used to operate and control machinery or apparatus;<\/li>\n<li>The installation, maintenance, adjustment, repair, replacement, moving or removal of apparatus which is or will be connected to a public telecommunications network;<\/li>\n<li>The construction, maintenance and operation of networks for telegraph, telephone, telex, leased circuits, domestic and international data networks, Internet and Wireless Transmission; or<\/li>\n<li>Any other Telecommunications Services approved by the Board.<\/li>\n<\/ol>\n<p>Other relevant legal frameworks include:<\/p>\n<ol style=\"padding-left: 0\" type=\"a\">\n<li>TDRA-CPR: The TDRA is empowered by the Telecommunications Law to represent customer interests and ensure consumer protection. As such, the TDRA issued the Consumer Protection Regulations 2020 (<strong>CPR<\/strong>), outlining consumer rights and responsibilities, service standards, terms of supply, complaint handling, information provision, personal data usage, and billing for subscribers.<\/li>\n<\/ol>\n<p><strong>PDPL:<\/strong> Personal data within the UAE is regulated under the Federal Decree Law No. 45 of 2021 regarding the Protection of Personal Data (\u201c<strong>PDPL<\/strong>\u201d), applicable to all sectors within the UAE, including the telecommunications sector. It ensures information confidentiality, protects privacy, provides governance for data management and protection, and defines the rights and duties of all parties.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Telecommunications \u2013 Please summarise any licensing or authorisation requirements applicable to the provision or receipt of telecommunications services in your country. Please include a brief overview of the relevant licensing or authorisation regime in your response.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The provision of Telecommunications services in the UAE is subject to strict licensing and authorization requirements, primarily regulated by the TDRA.<\/p>\n<p><strong>Overview of the Licensing\/Authorisation Regime:<\/strong> The TDRA operates a tiered licensing regime, broadly categorized as:<\/p>\n<ul style=\"padding-left: 0\">\n<li><strong>Public Telecommunications Licenses:<\/strong> These are the most comprehensive licenses and are typically held by the major national telecommunications operators (currently Etisalat and du). These licenses authorize the establishment, operation, and provision of public telecommunications networks and services, including fixed-line, mobile, internet, and international services. Obtaining such a license involves a rigorous application process, significant investment, and compliance with extensive regulatory obligations.<\/li>\n<li><strong>Class Licenses:<\/strong> These licenses cover specific types of telecommunications services or facilities that are not full public services. Examples include:<\/li>\n<\/ul>\n<p><strong>Value Added Services (VAS):<\/strong> For providers offering specialized services over existing networks (e.g., bulk SMS, specific content services).<\/p>\n<p><strong>Satellite Services:<\/strong> For entities operating satellite communications.<\/p>\n<p><strong>Internet Service Provider (ISP) Licenses:<\/strong> For entities providing internet access (though often these are bundled with public licenses for major operators).<\/p>\n<p><strong>Radio Spectrum Licenses:<\/strong> Required for the use of specific radio frequencies for various applications (e.g., private radio networks, broadcasting).<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Telecommunications \u2013 Please summarise the principal laws (present or impending) that govern access to communications data by law enforcement agencies, government bodies, and related organisations. In your response, please outline the scope of these laws, including the types of data that can typically be requested, how these laws are applied in practice (e.g., whether requests are confidential, subject to challenge, etc.), and any legal or procedural safeguards that apply.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Access to communications data by law enforcement and government agencies in the UAE is governed by several laws, balancing national security and law enforcement needs with individual privacy rights.<\/p>\n<p><strong>Principal Laws:<\/strong><\/p>\n<ul style=\"padding-left: 0\">\n<li><strong>Federal Decree-Law No. 34 of 2021 on Combatting Rumours and Cybercrimes (Cybercrime Law):<\/strong> This is a key law that empowers authorities to access data for investigation and prosecution of cybercrimes and other offenses committed using information technology.<\/li>\n<li><strong>Federal Decree-Law No. 3 of 2003 regarding the Regulation of the Telecommunications Sector (Telecommunications Law) and TDRA Regulations:<\/strong> These laws place obligations on telecommunications service providers (TSPs) to cooperate with law enforcement and judicial authorities in providing data.<\/li>\n<li><strong>Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL):<\/strong> While primarily a data protection law, it includes lawful bases for processing personal data, which can include compliance with legal obligations and cooperation with law enforcement, subject to specific conditions.<\/li>\n<li><strong>Federal Law No. 35 of 1992<\/strong> <strong>concerning Criminal Procedural Law:<\/strong> This law outlines the procedures for criminal investigations, including search, seizure, and data acquisition, generally requiring a judicial warrant or order.<\/li>\n<\/ul>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Mobile communications and connected technologies \u2013 What are the principle standard setting organisations (SSOs) governing the development of technical standards in relation to mobile communications and newer connected technologies such as digital health or connected and autonomous vehicles?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Although there are no dedicated technical standards in place, various regulatory authorities in the UAE have issued frameworks and policy guidelines to support and direct the development and adoption of connected technologies across industries. These initiatives aim to ensure responsible innovation and alignment with national digital transformation goals.<\/p>\n<p><strong>TDRA:<\/strong> The TRDA is a key regulator within the UAE stipulating principles and guidelines for connected technologies having provided a regulatory procedure and policy to regulate the Internet of Things (<strong>IoT<\/strong>).<\/p>\n<p><strong>AD-DOH:<\/strong> The Abu Dhabi-Department of Health (<strong>AD-DOH<\/strong>) has established a guidance policy on digital health to be able to adopt digital health technology to improve communication, responsiveness, access, quality, and safety of healthcare services.<\/p>\n<p><strong>EHS:<\/strong> The Emirates Health Services (<strong>EHS<\/strong>) has adopted IoT technology to collect user data from digital health devices.<\/p>\n<p><strong>Dubai:<\/strong> The governing body of Dubai recently passed a Law No. (9) of 2023 On regulating the operation of autonomous vehicles in Emirate of Dubai, thus providing a supervisory framework for autonomous vehicles operating within the Dubai Emirate. The law implements strategy for transformation into smart mobility using artificial intelligence.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Mobile communications and connected technologies \u2013 How do technical standards facilitating interoperability between connected devices impact the development of connected technologies?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>For businesses developing connected technologies, adherence to technical standards offers substantial strategic advantages. These standards ensure seamless compatibility, which in turn reduces development expenses and speeds up time-to-market. The standards are instrumental in strengthening security, guaranteeing reliability, streamlining compliance efforts, and fostering interconnected ecosystems that generate novel applications and revenue streams.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Data Protection \u2013 Please summarise the principal laws (present or impending), if any, that govern data protection, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The UAE\u2019s federal data protection regime is primarily governed by the PDPL, which regulates the collection and processing of personal data within the UAE, as well as by entities located outside the UAE that process data belonging to UAE-based individuals. The PDPL excludes certain categories from its scope, including government data, data processed by public entities, personal data used for purely personal purposes, and health or credit-related data covered under separate sector-specific laws. It also does not apply to entities operating within UAE free zones that have their own data protection frameworks. Aligned with international best practices, the PDPL sets out comprehensive rights for data subjects and imposes robust compliance obligations on data controllers and processors. It also establishes clear rules and safeguards for cross-border data transfers.<\/p>\n<p><strong>Other relevant federal laws<\/strong><\/p>\n<ul style=\"padding-left: 0\">\n<li>The Constitution of the United Arab Emirates 1971 (\u201c<strong>UAE Constitution<\/strong>\u201d): The UAE Constitution guarantees citizens&#8217; general right to privacy, ensuring the freedom and confidentiality of communication by post, telegraph, and other means under the law.<\/li>\n<li>The Consumer Protection Law establishes and protects consumer rights in relation to consumer privacy and security without using their data for promotion and marketing purposes.<\/li>\n<li>Federal Decree-Law No. 34 of 2021 on Countering Rumours and Cybercrimes (\u201c<strong>Cybercrime Law<\/strong>\u201d) aims to enhance online safety by addressing the misuse of technology. Cybercrimes Law provides a comprehensive framework to combat various cybercrimes and protect personal and national interests in the age of social media and online activities.<\/li>\n<\/ul>\n<p><strong>Sector Specific Frameworks<\/strong><\/p>\n<p><strong><em>Banking and Credit Data<\/em><\/strong><\/p>\n<p>The Central Bank of UAE (<strong>CBUAE<\/strong>) has implemented several data protection requirements across its legal framework including the Decretal Federal Law No. (14) of 2018 Regarding the Central Bank &amp; Organization of Financial Institutions and Activities (<strong>Central Bank Law<\/strong>), Consumer Protection Regulation 2020, and the Consumer Protection Standards 2021. Moreover, the CBUAE\u2019s Stored Value Facilities Regulation 2020 (<strong>SVF Regulation<\/strong>) and the Retail Payment Services and Card Schemes Regulation 2021 (<strong>RPSCS Regulation<\/strong>) contain specific data protection requirements in relation to the respective licensees thereunder.<\/p>\n<p>Separately, Federal Law No. 6 of 2010 on Credit Information stipulates that entities must use mechanisms and terms for protecting and maintaining the confidentiality of credit information and conditions for exchanging credit information outside the state.<\/p>\n<p><strong><em>Health<\/em><\/strong><\/p>\n<p>The health sector is primarily regulated by the Federal Law No. (2) of 2019, Concerning the Use of the Information and Communications Technology in Health Fields (\u201c<strong>ICT in Health Law<\/strong>\u201d). The ICT in Health Law ensures the safety and security of health data stipulating requirements for maintaining data confidentiality and protecting data from unauthorised changes. The ICT in Health Law is supplemented by the Cabinet Resolution No. (32) of 2020 Concerning the Executive Regulation of the Federal Law Concerning the Use of the Information and Communication Technology in the Areas of Health (\u201c<strong>ICT in Health Regulation<\/strong>\u201d). The ICT in Health Regulation sets conditions and controls for storing and exchanging health data through a centralised system, including system access requirements and authorization controls. Additional guidance is provided under the Ministerial Resolution No. (51) of 2021 regarding the cases in which health data and information may be stored or transferred outside the country (\u201c<strong>Health Transportation Law<\/strong>\u201d). The Health Transportation Law clarifies the situations and conditions for storing or transferring health data outside the UAE.<\/p>\n<p><strong><em>Telecommunications<\/em><\/strong><\/p>\n<p>The TDRA\u2019s Telecommunications Law and TDRA-CPR collectively provide a data protection regime for the telecommunications sector. Additionally, the TDRA\u2019s Internet Access Management (\u201c<strong>IAM<\/strong>\u201d) policy provides a user privacy protection guideline for website owners.<\/p>\n<p><strong><em>Free Zones<\/em><\/strong><\/p>\n<p>As stated before, the PDPL excludes its jurisdictional application from free zones with dedicated legislation for personal data protection. The excluded free zones include the DIFC, ADGM, and Dubai Healthcare City (\u201c<strong>DHCC<\/strong>\u201d) which have implemented their own personal data protection regimes.<\/p>\n<p><strong>DIFC: <\/strong>Personal data is regulated under the DIFC Law 5 of 2020 Data Protection Law (\u201c<strong>DIFC-DPL<\/strong>\u201d) and the Data Protection Regulations 2020 (\u201c<strong>DIFC-DPR<\/strong>\u201d).<\/p>\n<p><strong>ADGM: <\/strong>Personal data is regulated under the Data Protection Regulations 2021 (\u201c<strong>ADGM-DPR<\/strong>\u201d) provides the framework for data protection.<\/p>\n<p><strong>DHCC: <\/strong>Personal data is primarily regulated under Regulation Number (7) Of 2013- Health Data Protection Regulation (\u201c<strong>HDPR<\/strong>\u201d). Additionally, the DHCC provides that all healthcare regulations within the DHCC are managed by the Dubai Health Authority (\u201c<strong>DHA<\/strong>\u201d)<sup>1<\/sup>, as such, the DHA\u2019s Health Data Protection and Confidentiality 2022 (\u201c<strong>HDPC<\/strong>\u201d) could apply.<\/p>\n<p><u>Footnote(s):<\/u><\/p>\n<p><sup style=\"font-size: 9px\">1<\/sup> <span style=\"font-size: 12px\"> <a href=\"https:\/\/dhcc.ae\/regulations\/health-care-regulation\">https:\/\/dhcc.ae\/regulations\/health-care-regulation<\/a><\/span><\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Data Protection \u2013 What is the maximum sanction that can be imposed by a regulator in the event of a breach of any applicable data protection laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p><strong>PDPL: <\/strong>The executive regulations to the PDPL which are expected to provide the relevant sanctions for breaches under the law are yet to be published at the time of writing.<\/p>\n<p><strong>DIFC-DPR: <\/strong>The administrative fines stipulated under the DIFC-DPL for contraventions of the said law range between $25,000 &#8211; $100,000. The Commissioner of Data Protection is empowered to issue an additional general fine to the stipulated amounts if considered appropriate and proportionate to the breach committed.<\/p>\n<p><strong>ADGM-DPR: <\/strong>For the various contraventions identified under the ADGM-DPR, the administrative penalties that can be imposed are capped at $28 million. The Office of Data Protection shall be guided by the conditions and procedures stipulated under the ADGM-DRP when imposing an administrative penalty.<\/p>\n<p><strong>DHCC-HDPR: <\/strong>Non-compliance with the HDPR could result in a maximum fine of AED 5,000<sup>2<\/sup> (~USD 1,361.24)<\/p>\n<p><u>Footnote(s):<\/u><\/p>\n<p><sup style=\"font-size: 9px\">2<\/sup> <span style=\"font-size: 12px\"> <a href=\"https:\/\/www.dhcc.ae\/gallery\/DHCC-RuleNo3-ViolationsandPenaltiesforClinicalandCommercialActivities%5b1%5d3.pdf\">https:\/\/www.dhcc.ae\/gallery\/DHCC-RuleNo3-ViolationsandPenaltiesforClinicalandCommercialActivities[1]3.pdf<\/a><\/span><\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Data Protection \u2013 Do technology contracts in your country typically refer to external data protection regimes, e.g. EU GDPR or CCPA, even where the contract has no clear international element?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The PDPL mirrors, particularly the EU\u2019s General Data Protection Regulation (<strong>GDPR<\/strong>), in terms of definitions, principles, and data subject rights\u200b. As such, technology contracts in the UAE do not typically need to reference external data protection regimes. There may be instances where there can be differences, gaps, or conflicts with an external jurisdiction\u2019s framework and where compliance with the external data protection laws is necessary. In such cases, contracts might include clauses to ensure adherence to these regimes, but this would be more of an exception rather than the norm.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Cybersecurity \u2013 Please summarise the principal laws (present or impending), if any, that govern cybersecurity (to the extent they differ from those governing data protection), including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p><strong>Cybercrime Law: <\/strong>\u00a0The law is designed to improve protection against cybercrimes that happen through the internet, digital platforms, and technology. It aims to keep government websites and databases secure, prevent the spread of fake news and rumours, stop online fraud, and protect people&#8217;s privacy and personal data. It also outlines what actions are considered crimes and the penalties for them. This includes using websites or digital tools to hack, damage, or interfere with government systems, share false or harmful information, or do anything that threatens the safety or interests of the UAE.<\/p>\n<p><strong>Federal Law by Decree No. 3 of 2003 Regarding the Organization of Telecommunications Sector: <\/strong>The law plays an important role in enhancing cybersecurity in the UAE by empowering the regulatory framework and establishing strong oversight of the telecommunications and digital infrastructure. By regulating telecom operators and digital service providers, the law ensures that only licensed and compliant entities operate in the sector. This includes adherence to security standards and data protection measures that help safeguard networks from cyber threats.<\/p>\n<p><strong>UAE Information Assurance (IA) Regulation: <\/strong>The IA Regulation sets out rules and security measures to help organisations manage and protect their information. It guides them on how to set up, maintain, and improve their information security over time. The TDRA will identify key organisations\u2014based on the UAE\u2019s Critical Information Infrastructure Protection (<strong>CIIP<\/strong>) Policy that must follow this regulation. The rules apply to how information is used, processed, stored, and shared, as well as to the systems and methods involved. This includes both physical and digital information, whether the organisation owns it, rents it, or just holds or manages it.<\/p>\n<p><strong>Internet Guidelines (Telecommunications and Digital Regulatory Authority):<\/strong> The Internet Guidelines by the TDRA are rules that help ensure the safe and responsible use of the internet in the UAE. These guidelines apply to website owners, online platforms, and anyone providing digital content or services. Website owners and online platforms must monitor their content carefully to make sure nothing illegal or offensive is displayed. If they fail to do so, they could face penalties or have their websites blocked.<\/p>\n<p><strong>Ministerial Resolution No. 1 of 2008 Regarding the issuance of Certification Service Provider Regulations: <\/strong>The law and these rules apply to Certification Service Providers (<strong>CSPs<\/strong>) that operate in the UAE. It covers anyone who offers electronic verification services\u2014either directly or through others\u2014for business purposes. These services help confirm the authenticity of electronic records, documents, and signatures used in online transactions and e-commerce.<\/p>\n<p><strong>Law No. 26 of 2015 Regulating Data Dissemination and Exchange in the emirate of Dubai: <\/strong>This law is designed to support Dubai\u2019s vision of becoming a Smart City by managing data in a clear and globally aligned way. It aims to improve coordination between federal and local government services and ensure better use of data by government entities. The law promotes transparency, sets clear rules for how data should be shared, and helps improve the quality, speed, and efficiency of public services.<\/p>\n<p><strong>Federal Decree by Law No. 46 of 2021 on Electronic Transactions and Trust Services: <\/strong>UAE law recognises the validity of electronic signatures. To generate an eSignature, an individual must use an electronic signature creation tool along with a digital certificate. These digital certificates, issued by certified service providers, serve to verify and authenticate the identity of the person using the signature device.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Cybersecurity \u2013 What is the maximum sanction that can be imposed by a regulator in the event of a breach of any applicable cybersecurity laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p><strong>Cybercrime Law:<\/strong> Article 2 to Article 55 deals with penalties, the law imposes strict penalties for a broad spectrum of cyber offenses, applying to both individuals and businesses operating within the UAE. The most severe sanctions include fines of up to AED 5 million and imprisonment of up to 10 years, depending on the nature and seriousness of the violation. Serious offenses include the compromise of confidential operations related to military or security systems and software (Article 7), transfer, possession, or use of illicit financial flows (Article 30), and acts of cyberextortion and online threats. These measures reflect the UAE&#8217;s firm stance on maintaining cybersecurity and protecting national interests.<\/p>\n<p><strong>Federal Law by Decree No. 3 of 2003 Regarding the Organization of Telecommunications Sector<\/strong>: Article 71 to 79 deals with Penalties and the maximum sanction that can be imposed on a licensee is of 1 million AED for various offence depending upon the nature of offence.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Which body(ies), if any, is\/are responsible for the regulation of artificial intelligence?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Currently, there is no designated body for regulating Artificial Intelligence (AI) within the UAE. Nonetheless, the UAE has established the UAE Council for Artificial Intelligence and Blockchain (AI Council), tasked with proposing policies for an A.I.-friendly ecosystem, advancing sector research, and promoting public-private collaboration, including with international institutions, to accelerate A.I. adoption.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Please summarise the principal laws (present or impending), if any, that govern the deployment and use of artificial intelligence, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Whilst a dedicated framework for AI does not exist currently within the UAE, regulators have been proactive in providing guidance frameworks and policies.<\/p>\n<p><strong>AI Council: <\/strong>The AI Council has published several guides coupled with self-assessment tools in relation to AI including the Deepfake Guide, AI Hardware Infrastructure Report UAE, Artificial Intelligence Guide, Blockchain Guide, AI Guide, and the UAE AI Strategy.<\/p>\n<p><strong>Supervisory Authorities: <\/strong>Furthermore, in 2021, the financial regulators within the UAE including the CBUAE, Securities and Commodities Authority (\u201c<strong>SCA<\/strong>\u201d), DFSA, and FSRA (\u201c<strong>Supervisory Authorities<\/strong>\u201d) issued Guidelines for Financial Institutions Adopting Enabling Technologies (\u201c<strong>Enabling Technology Guidelines<\/strong>\u201d). The Enabling Technology Guidelines set out best practices for financial institutions when adopting enabling technologies such as big data analytics and AI. Its key objective is to promote the growth of the UAE\u2019s financial sector through the adoption of enabling technologies while ensuring proportional risk management.<\/p>\n<p><strong>DIFC: <\/strong>The DIFC recently updated its DIFC-DPR in September 2023 to introduce requirements that would require DIFC entities, to adhere to the new AI-related provisions. The introduction of Regulation 10 under the DIFC-DPR provides a regulatory framework for the processing of personal data via autonomous and semi-autonomous systems. It sets out the obligations for \u2018Deployers\u2019, \u2018Operators\u2019 and \u2018Providers\u2019 as defined under the DIFC-DPR. Further, it imposes a general requirement for autonomous and semi-autonomous systems to follow the principles of ethics, fairness, transparency, and accountability in addition to implementing consumer protection measures.<\/p>\n<p><strong>ADGM:<\/strong> In 2019, the ADGM\u2019s Financial Service Regulatory Authority (\u201c<strong>FSRA<\/strong>\u201d) released the Supplementary Guidance on Authorisation of Digital Investment Management (\u201cRobo-Advisory\u201d) Activities (\u201c<strong>Robo-Advisory Guidance\u201d<\/strong>). The Robo-Advisory Guidance seeks to assist the industry by outlining how the FSRA\u2019s existing regulatory framework applies to robo-advisory businesses within its jurisdiction. It covers essential areas, including the necessary regulatory permissions and additional compliance requirements for offering digital investment services.<\/p>\n<p><strong>Dubai: <\/strong>The Dubai Digital Authority has issued its own guidelines for AI principles and ethics coupled with a self-assessment toolkit for industry participants to self-review. Dubai also recently launched<\/p>\n<p>the \u2018Dubai Universal Blueprint for Artificial Intelligence\u2019 and announced the appointment of 22 Chief AI Officers across key government departments that will support the agenda for adopting and regulating AI.<\/p>\n<p><strong>Market Update<\/strong><\/p>\n<p><strong>Stargate UAE: <\/strong>OpenAI<sup>3<\/sup> has launched Stargate, its first major international AI infrastructure project, to build powerful computing systems that support safe and useful advanced AI. This marks the start of OpenAI\u2019s new &#8220;OpenAI for Countries&#8221; program, which helps governments develop their own national AI capabilities in partnership with the U.S., focusing on shared values like democracy and open markets. The project is being developed with support from key partners including G42, Oracle, NVIDIA, Cisco, and SoftBank, and was created in coordination with the U.S. government.<\/p>\n<p><u>Footnote(s):<\/u><\/p>\n<p><sup style=\"font-size: 9px\">3<\/sup> <span style=\"font-size: 12px\"> <a href=\"https:\/\/openai.com\/index\/introducing-stargate-uae\/\">https:\/\/openai.com\/index\/introducing-stargate-uae\/<\/a><\/span><\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Are there any specific legal provisions (present or impending) in respect of the deployment and use of Large Language Models and\/or generative AI (including agentic AI)?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>No. Currently, the UAE has not established any regulatory framework or provisions for generating Large Language Models (\u201c<strong>LLMs<\/strong>\u201d) or generative AI. Nonetheless, the AI Council has published two guidelines for practical use cases in generative AI which includes cases how AI can be used in media Industry, new business owner, students, new employees job seekers etc.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Do technology contracts in your jurisdiction typically contain either mandatory (e.g. mandated by statute) or recommended provisions dealing with AI risk? If so, what issues or risks need to be addressed or considered in such provisions?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Except for the recent amendments to the DIFC Data Protection Regulations (DIFC-DPR), which introduced a mandatory notification requirement for entities utilising autonomous or semi-autonomous systems, there is currently no specific legal obligation under existing frameworks to address AI-related risks within contractual terms. As a result, businesses operating in the DIFC that deploy such technologies are required to inform users\u2014through privacy policies, user agreements, or similar documentation\u2014about the use of these systems, the risk controls in place, and any potential risks users should be aware of.<\/p>\n<p>Furthermore, with the growing adoption of AI across sectors in the UAE, it is increasingly common for organisations to draw upon available regulatory guidance, ethical standards, and policy frameworks when incorporating AI risk-mitigation clauses into contracts, ensuring alignment with best practices and responsible innovation.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Do software or technology contracts in your jurisdiction typically contain provisions regarding the application or treatment of copyright or other intellectual property rights, or the ownership of outputs in the context of the use of AI systems?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>While certain express provisions address the ownership of intellectual property (\u201c<strong>IP<\/strong>\u201d) in AI-generated content but existing legal frameworks can be leveraged to support IP protection in this space. The current definitions of protected works and authorship under UAE IP laws may be interpreted broadly enough to encompass AI-generated outputs, potentially recognising the AI system as an author. However, a key legal ambiguity persists: identifying the rightful author\u2014whether it is the individual providing the prompt or the AI producing the output. In the absence of clear regulatory guidance, it becomes imperative for commercial agreements to clearly outline and allocate IP rights for AI-generated content, ensuring clarity on ownership, usage rights, and revenue entitlements.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Blockchain \u2013 What are the principal laws (present or impending), if any, that govern (i) blockchain specifically (if any) and (ii) digital assets, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The UAE is forward-thinking when it comes to blockchain and digital assets. Regulators across the country have introduced clear and supportive rules to help the industry grow. Different authorities are responsible for overseeing various parts of the blockchain and digital asset space, making sure all areas are covered. While most of the current rules focus on digital assets like cryptocurrencies, there are also specific efforts to support and regulate the broader use of blockchain technology.<\/p>\n<p><strong>Federal<\/strong><\/p>\n<p><strong>CBUAE: <\/strong>The CBUAE regulates payment token services across the UAE (except for the financial free zones of DIFC and ADGM) (colloquially known as stablecoins) under Payment Token Services Regulations. Payment tokens were previously regulated under the RPSCS Regulation and the SVF Regulation in relation to custodial services. Additionally, the Enabling Technology Guidelines issued through a collaborative initiative with the Supervisory Authorities establish guiding principles for adopting Distributed Ledger Technology (<strong>DLT<\/strong>) and blockchains.<\/p>\n<p><strong>SCA: <\/strong>Regulates Virtual Assets (\u201c<strong>VA<\/strong>\u201d) and Virtual Asset Service Providers (VASPs) under Cabinet Resolution No.111 of 2022 on the regulation of Virtual Assets and Service Providers (\u201c<strong>VA Resolution<\/strong>\u201d) and other regulations, across the UAE (except for the financial free zones of DIFC and ADGM). Through Decision No. 112\/2022 on Delegating Certain Competencies related to the Regulation of Virtual Assets, the SCA has delegated its regulatory authority to the Dubai Virtual Asset Regulatory Authority (\u201c<strong>VARA<\/strong>\u201d) as the dedicated regulator within the Emirate.<\/p>\n<p><strong>Dubai Emirate: <\/strong>VARA is the main regulator for virtual assets (VAs) and virtual asset service providers (<strong>VASPs<\/strong>) in the Emirate of Dubai. Its rules are based on Law No. 4 of 2022 and the 2023 Virtual Assets and Related Activities Regulations, along with additional rulebooks and official decisions (together known as the \u201cVARA Framework\u201d).<\/p>\n<p>This framework covers a wide range of activities that VASPs may carry out\u2014such as giving advice, trading, storing assets (custody), running exchanges, offering lending and borrowing services, managing investments, transferring virtual assets, and issuing new virtual assets.<\/p>\n<p>VARA has also created specific rules for issuing stablecoins.<\/p>\n<p><strong>DIFC: <\/strong>DIFC\u2019s regulatory framework for digital assets is outlined in the Regulatory Law 2004 and its associated rulebooks. The framework provides a licensing and regulatory regime for VASPs and specific VAs, Security Tokens and Crypto Tokens.<\/p>\n<p><strong>ADGM: <\/strong>ADGM\u2019s regulatory framework for digital assets is specified under <em>inter alia<\/em>,<\/p>\n<ol style=\"padding-left: 0\" type=\"i\">\n<li>Financial Services and Market Regulations, 2015 (\u201c<strong>FSMR<\/strong>\u201d) and the related rulebooks,<\/li>\n<li>Guidance on Regulation of Virtual Asset Activities (\u201c<strong>Virtual Asset Guidance<\/strong>\u201d),<\/li>\n<li>Guidance on Regulation of Digital Securities Activity in ADGM (\u201c<strong>Digital Securities Guidance<\/strong>\u201d), and<\/li>\n<li>Guidance on Regulation of Digital Security Offerings and Virtual Assets (\u201c<strong>Offering Guidance<\/strong>\u201d).<\/li>\n<\/ol>\n<p>The framework provides a licensing and regulatory regime for VASPs and specific VAs. Furthermore, ADGM is currently the only regulator within the UAE to have established a blockchain specific law under the DLT Foundations Regulation 2023.<\/p>\n<p><strong>RAKDAO: <\/strong>The Ras Al-Khaim Digital Asset Oasis (\u201c<strong>RAKDAO<\/strong>\u201d) is an economic free zone focused on licensing businesses engaged in VA activities, blockchain, Web3, and AI. RAKDAO has been recently established and has yet to issue specific blockchain or digital asset laws. However, it is anticipated that the relevant frameworks will be introduced in the near future.<\/p>\n<p><strong>Market update<\/strong><\/p>\n<p>The Dubai Land Department (<strong>DLD<\/strong>), in collaboration with the VARA, Dubai Future Foundation, and the Central Bank of the UAE, has launched the pilot phase of its Real Estate Tokenization Project. This initiative, part of the Real Estate Evolution Space (<strong>&#8216;REES&#8217;<\/strong>) program, makes DLD the first real estate registration body in the Middle East to embrace blockchain-based property tokenization. The project aims to democratize property investment by enabling fractional ownership, thereby fostering a more accessible and intelligent real estate market in Dubai.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Search Engines and Marketplaces \u2013 Please summarise the principal laws (present or impending), if any, that govern search engines and marketplaces, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>In the UAE, Federal Decree-Law No. 14 of 2023 on Modern Technology-Based Trade is the main law governing digital marketplaces. Its goal is to support the growth of the digital economy, protect consumer rights, and ensure safe and reliable online transactions. The law applies to the sale of goods, services, and data through digital platforms such as websites, mobile apps, e-commerce sites, and social media. To prioritise consumer safety, the law requires digital platforms to follow all relevant legal and regulatory standards, including data protection and cybersecurity rules. Businesses must create a secure environment for online transactions and take strong steps to prevent cyberattacks. The law also gives consumers several important rights\u2014such as access to clear and accurate product information, the ability to return or exchange faulty goods or get a refund, the right to secure digital dealings, and the ability to file complaints directly against online platforms or traders.<\/p>\n<p>Digital marketplaces in the UAE are also subject to the Internet Guidelines issued by the Telecommunications and Digital Regulatory Authority (<strong>TDRA<\/strong>). These guidelines require that all online content complies with the country\u2019s public morals and cultural values. Content that is offensive, such as pornography, material promoting violence or terrorism, content involving banned substances or illegal activities, is strictly prohibited. As such, operators of digital marketplaces must exercise a high level of diligence to ensure that no prohibited or inappropriate content appears on their platforms. Compliance with these guidelines is essential to avoid regulatory action and maintain trust with users.<\/p>\n<p>While there are no dedicated regulations specifically governing search engines in the UAE, certain aspects of their operations fall under the scope of existing laws\u2014namely, Cybercrime Law and PDPL.<\/p>\n<p>Under the Cybercrime Law, search engines are referred to as \u201cInformation Network Brokers,\u201d and are part of an \u201cInformation Network,\u201d defined as a system that connects multiple IT programs or devices, allowing users to access and exchange information.<\/p>\n<p>Provisions within the Cybercrime Law that address the spread of false information, content deemed anti-national, or material inciting violence or unrest have direct implications for search engine operators. If such platforms fail to promptly remove flagged content or lack effective monitoring and filtering systems, they could face enforcement actions and penalties under the law.<\/p>\n<p>In addition, search engines\u2014as well as digital marketplaces\u2014are required to comply with the PDPL. This means they must responsibly manage personal data in line with regulatory standards governing data collection, processing, storage, and usage.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Social Media \u2013 Please summarise the principal laws (present or impending), if any, that govern social media and online platforms, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Social media platforms in the UAE requires strict adherence to a comprehensive regulatory framework, primarily governed by following pieces of legislation:<\/p>\n<p><strong>Cybercrime Law (Federal Decree-Law No. 34 of 2021):<\/strong> Social media entities are considered &#8220;information network brokers&#8221; under this law. This means they are directly accountable for the content they disseminate. Broadcasting or distributing information deemed inciteful, false, anti-national, or defamatory carries severe penalties.<\/p>\n<p><strong>Media Law (Federal Decree by Law No. 55 of 2023):<\/strong> As &#8220;media outlets,&#8221; social media platforms engaging in &#8220;Electronic and digital media activities&#8221; (Article 8) must secure a license from the Media Regulatory Office (Article 12) to operate legally in the UAE. Beyond licensing, compliance with stringent Media Content Standards (Article 17) is mandatory. These standards ensure content aligns with societal harmony, religious beliefs, national interests, and avoids offending state institutions, undermining foreign relations, or inciting violence\/strife, while respecting privacy and public morals.<\/p>\n<p><strong>Internet Guidelines (Telecommunications and Digital Regulatory Authority):<\/strong> Similar to digital marketplaces, social media entities are prohibited from publishing or broadcasting content that violates cultural norms, including pornography, inciteful material, promotion of terrorism, illicit acts, or prohibited commodities.<\/p>\n<p><strong>PDPL: <\/strong>All social media entities operating in the UAE must fully comply with the PDPL&#8217;s data protection provisions. This mandates careful handling of personal data across all stages, including processing, storage, and usage, to ensure consumer privacy and data security.<\/p>\n<p>In essence, social media companies in the UAE face a robust regulatory environment that demands strict content control, proper licensing, and rigorous data privacy adherence to avoid legal repercussions and maintain operational legitimacy.<\/p>\n<p><strong>Federal Law No. 3 of 2016 On Child<\/strong> <strong>Rights (WADEEMA&#8217;S LAW)<\/strong>: Protects children from various forms of abuse, including online exploitation, impacting how platforms must safeguard minors. As per Article 29 of Wadeema\u2019a law telecommunications companies have a serious responsibility, if they find any child pornography on social media or the internet, they must immediately tell the authorities. They also have to hand over all available information about the people, groups, or websites involved in sharing this illegal material, especially if it&#8217;s being used to target or trick children.<\/p>\n<p><strong>Market Update<\/strong><\/p>\n<p><strong>SCA<\/strong>&#8211; The SCA has introduced the region\u2019s first official \u201c<strong>Finfluencer<\/strong>\u201d license, aimed at regulating individuals who provide financial advice or opinions to the public. A Finfluencer is defined as someone who shares financial insights or recommendations\u2014whether about products, pricing, performance, or market trends\u2014through traditional platforms or digital channels like social media, blogs, podcasts, seminars, or public forums. To qualify, an individual must register with the SCA and either be a SCA-accredited financial analyst or hold a Certified Financial Analyst (<strong>CFA<\/strong>) credential. Additionally, the person must demonstrate measurable influence over market participants, as specified in the relevant SCA regulations.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Social Media \u2013 What is the maximum sanction that can be imposed by a regulator in the event of a breach of any applicable online safety laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p><strong>Cybercrime Law<\/strong>: Encompassing a broad spectrum of cyber offenses, Articles 2 to 55 of the law empower the UAE to impose strict penalties on all individuals and businesses operating within its borders. The most serious violations can lead to fines as high as AED 5 million and imprisonment for up to 10 years, depending upon the seriousness of the offence.<\/p>\n<p><strong>Media Law: <\/strong>The law includes a warning, fines ranging from AED 1,000 up to AED 1,000,000\u2014doubled to a maximum of AED 2,000,000 for repeat violations\u2014temporary administrative closure for up to six months (renewable), or permanent closure in the case of unlicensed entities. Authorities may also cancel licenses, permits, or approvals and require violators to bear the costs of remedying any resulting harm if not voluntarily addressed.<\/p>\n<p><strong>Federal Law No. 3 of 2016 On Child<\/strong> <strong>Rights (WADEEMA&#8217;S LAW)<\/strong>: The law prescribe punishment for violation of Article 29 as imprisonment for a period not less than six months and\/or a fine not less than AED (100,000) one hundred thousand and not exceeding AED (1,000,000) one million.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Spatial Computing \u2013 Please summarise the principal laws (present or impending), if any, that govern spatial computing, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The UAE does not have specific, dedicated laws that exclusively govern &#8220;spatial computing,&#8221; augmented reality (<strong>AR<\/strong>), virtual reality (<strong>VR<\/strong>), extended reality (<strong>XR<\/strong>), or the &#8220;metaverse.&#8221; These emerging technologies are currently governed by existing laws and regulatory frameworks that apply to their underlying components or the activities conducted within these digital environments.<\/p>\n<p>However, laws like PDPL\/Data Protection Laws of Free Zones, Cybercrime law would still apply to Spatial computing.<\/p>\n<p><strong>Market Update<\/strong><\/p>\n<p>The UAE is actively exploring and embracing the potential of the metaverse and spatial computing, indicating that specific regulations or guidelines are likely to emerge in the future. Dubai, for instance, launched the Dubai Metaverse Strategy in 2022<sup>4<\/sup> which aims to turn Dubai into one of the world\u2019s top 10 metaverse economies as well as a global hub for the metaverse community.<\/p>\n<p><u>Footnote(s):<\/u><\/p>\n<p><sup style=\"font-size: 9px\">4<\/sup> <span style=\"font-size: 12px\"> <a href=\"https:\/\/u.ae\/en\/about-the-uae\/strategies-initiatives-and-awards\/strategies-plans-and-visions\/government-services-and-digital-transformation\/dubai-metaverse-strategy\">https:\/\/u.ae\/en\/about-the-uae\/strategies-initiatives-and-awards\/strategies-plans-and-visions\/government-services-and-digital-transformation\/dubai-metaverse-strategy<\/a><\/span><\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Quantum Computing \u2013 Please summarise the principal laws (present or impending), if any, that govern quantum computing and\/or issues around quantum cryptography, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The UAE currently does not have specific laws dedicated to quantum computing or quantum cryptography. However, recognizing the future threats posed by quantum advancements, the Dubai Electronic Security Centre (<strong>DESC<\/strong>) has introduced the Post-Quantum Cryptography Guidelines<sup>5<\/sup>. This crucial initiative is designed to fortify Dubai&#8217;s digital infrastructure against impending quantum-based risks. It represents a strategic move to ensure the city&#8217;s digital defences remain cutting-edge, protecting Dubai&#8217;s smart data, services, and its flourishing digital future.<\/p>\n<p>In 2018, Dubai Electricity and Water Authority (<strong>DEWA<\/strong>) organised the first intensive quantum computing training programme in cooperation with Microsoft. The program sought to innovate solutions leveraging quantum computing across the entire energy and water lifecycle, from production and transmission to distribution and conservation. A key objective was also to pinpoint specific challenges that quantum computing is uniquely positioned to address.<\/p>\n<p><u>Footnote(s):<\/u><\/p>\n<p><sup style=\"font-size: 9px\">5<\/sup> <span style=\"font-size: 12px\"> <a href=\"https:\/\/www.desc.gov.ae\/dubai-electronic-security-center-launches-new-innovative-projects-at-gisec-global%202025\/#:~:text=In%20preparation%20for%20future%20threats,counter%20emerging%20quantum%2Dbased%20threats\">https:\/\/www.desc.gov.ae\/dubai-electronic-security-center-launches-new-innovative-projects-at-gisec-global 2025\/#:~:text=In%20preparation%20for%20future%20threats,counter%20emerging%20quantum%2Dbased%20threats<\/a>.<\/span><\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Datacentres \u2013 Does your jurisdiction have any specific regulations that apply to data centres?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>While there is no standalone &#8220;Data Centre Law&#8221; in the UAE, data centres are subject to a range of federal and sector-specific regulations that collectively govern their operation and data protection obligations. These frameworks ensure that data centres meet strict standards related to privacy, cybersecurity, and compliance. As outlined in Questions 17\u201319, all laws applicable to data protection also extend to data centres, given their role in storing and processing sensitive personal and institutional data. It requires organisations to follow data localisation rules, implement strong security measures to protect stored data, and comply with restrictions on cross-border data transfers unless specific conditions are met. Operators must navigate these various requirements to ensure compliance.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">General \u2013 What are your top 3 predictions for significant developments in technology law in the next 3 years?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p><strong>Artificial Intelligence<\/strong>: As AI becomes more embedded in daily life and business processes, it is expected that regulatory oversight will intensify. This could include the introduction of frameworks focused on ethical AI development, accountability for AI-driven decisions, and safeguards to address issues such as bias and fairness. Rather than imposing strict regulations at the outset, the UAE has adopted a pro-innovation, business-friendly approach to AI governance. Its strategy is aligned with the goal of expanding the digital economy and establishing the country as a global AI leader. The UAE National Strategy for Artificial Intelligence 2031, backed by the UAE Council for Artificial Intelligence and Blockchain, outlines the country\u2019s long-term vision for AI leadership. Complementing this, the Ministry of AI has released non-binding AI ethics principles and guidelines, encouraging responsible AI development and use. In parallel, Abu Dhabi has launched the Artificial Intelligence and Advanced Technology Council to strengthen AI research and innovation capabilities. Regulatory intervention remains light-touch for now, signalling the government\u2019s intent to prioritise technological growth. Similarly, Dubai has rolled out the Smart Dubai AI Ethics Guidelines and a Universal AI Blueprint, aimed at transforming the economy and embedding AI across key sectors.<\/p>\n<p><strong>Framework for Quantum-Resistant Cryptography<\/strong>: As quantum computing capabilities advance globally, the UAE is proactively laying the groundwork to secure its digital infrastructure against future threats. The DESC has already taken a pioneering step by introducing Post-Quantum Cryptography Guidelines, reflecting the nation&#8217;s commitment to staying ahead of the curve in cybersecurity. However, this is only the beginning.<\/p>\n<p>In the coming years, we can expect a comprehensive evolution of the UAE\u2019s regulatory landscape to support quantum-resistant infrastructure. This will likely include the introduction of new national standards for PQC implementation across critical sectors, including finance, telecommunications, healthcare, and national security. As part of this shift, both public and private entities will be required to transition from classical cryptographic protocols to quantum-resistant alternatives, especially for data transmission, identity verification, and digital signatures.<\/p>\n<p>To support this transition, updates to existing cybersecurity frameworks are anticipated\u2014mandating risk assessments, migration roadmaps, and compliance timelines for implementing PQC.<\/p>\n<p><strong>Clearer Legal Frameworks for Web3, Metaverse: <\/strong>The UAE will likely introduce broader legal frameworks that address the non-financial aspects of Web3, the metaverse, and other immersive<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">General \u2013 Do technology contracts in your country commonly include provisions to address sustainability \/ net-zero obligations or similar environmental commitments?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Presently in the UAE, technology contracts do not include any provisions pertaining to environmental obligations or net zero commitments. However, in today\u2019s era with the gradual rise in environmental awareness and sustainability, this contractual trend might evolve to include such provisions.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\r\n<div class=\"word-count-hidden\" style=\"display:none;\">Estimated word count: <span class=\"word-count\">9183<\/span><\/div>\r\n\r\n\t\t\t<\/ol>\r\n\r\n<script type=\"text\/javascript\" src=\"\/wp-content\/themes\/twentyseventeen\/src\/jquery\/components\/filter-guides.js\" async><\/script><\/div>"}},"_links":{"self":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/comparative_guide\/109906","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/comparative_guide"}],"about":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/types\/comparative_guide"}],"wp:attachment":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/media?parent=109906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}